Mark, I had trouble with verisign. I tried a few things then gave up. The instructions works with self-signed certificate. Trust me it works.
You can try to follow instructions from scratch with fresh tomcat install. One more thing. When you use command "keytool genkey -alias localhost -keyalg RSA", you are using JSSE and you can not use APR. While using JSSE, make sure you delete tcnative-1.dll from tomcat bin folder. Also try to use the <Connector .../> same as I have written. See if you get success. These instructions have been tested many times and it works with self-signed certificates. Let me know your progress and we will get you going on your project. Regards, D --- Mark Whitby <[EMAIL PROTECTED]> wrote: > Dhavel, > > I'm unable to get the certificate signed by someone like Verisign so I've > been using self signed certificates. To do this all I've done is follow the > advice on the help page, using the command "keytool =genkey -alias > localhost -keyalg RSA" Once that's done I've linked from server.xml to the > .keystore file created using this. > > Is this right or am I missing a step? > > Mark > > ----- Original Message ----- > From: "Dhaval Patel" <[EMAIL PROTECTED]> > To: "Tomcat Users List" <users@tomcat.apache.org> > Sent: Wednesday, February 08, 2006 4:22 PM > Subject: Re: Problem with setting up an SSL secure page > > > > Hi, > > > > I have setup small guide on SSL with Tomcat 5.5. You can find it at > > http://www.mail-archive.com/users%40tomcat.apache.org/msg02500.html > > > > But that guide is in Tomcat 5.5 with APR (Apache Portable Runtime). It > > works with > > self-generated certificates. (I think it does not work with Verisign > > certificates but I am not > > 100% sure) Try to follow the guide and you will be able to setup SSL. But > > make sure that you use > > Tomcat 5.5 because it has APR connector (tcnative-1.dll). > > > > Once you setup SSL, test it on https://localhost or > > https://localhost:port . Then use the > > following snippet to enable SSL in your web-app. > > > > <security-constraint> > > <web-resource-collection> > > <web-resource-name>Secure</web-resource-name> > > <url-pattern>/*</url-pattern> > > <http-method>GET</http-method> > > <http-method>POST</http-method> > > </web-resource-collection> > > <user-data-constraint> > > <transport-guarantee>CONFIDENTIAL</transport-guarantee> > > </user-data-constraint> > > </security-constraint> > > > > For more information, visit: > > http://registry.paradigma.net/omar/registry/thin/doc/UsingHTTPS.html > > > > May be someone help you out with Tomcat 5.0 but since I know things are > > working with Tomcat > > 5.5 so I thought above instructions will make you move quickly. > > > > Let us know your experience. > > > > Regards, > > D > > > > > > --- Parsons Technical Services <[EMAIL PROTECTED]> wrote: > > > >> What is in the logs? > >> > >> > >> > >> ----- Original Message ----- > >> From: "Mark Whitby" <[EMAIL PROTECTED]> > >> To: <users@tomcat.apache.org> > >> Sent: Wednesday, February 08, 2006 11:02 AM > >> Subject: Problem with setting up an SSL secure page > >> > >> > >> Dear all, > >> > >> I am currently designing a final year project for my University course > >> and I > >> am having problems getting a working SSL connection. I have Tomcat set > >> up > >> and working fine, but when it comes to accessing a page over the https > >> setup, I am having no luck. > >> > >> Firstly a few technical details. I am using Windows XP Home, with > >> Internet > >> Explorer 6.0.2900.2180. I am using the latest Java installation, jdk > >> 1.5.0_05 and so the JSSE comes installed with that. I'm using Tomcat > >> 5.0, > >> the latest installation available (it's only been installed on my system > >> for > >> the last few weeks). I have McAffe Security Centre installed but the > >> problem occurs even with this turned off. > >> > >> Now the problem. I have followed word by word the set up instructions in > >> the Tomcat manual. I have created the certificate and verified it using > >> the > >> command line. I have altered the server.xml file to include the path > >> "keystorePath="D:/FYPCode/keystore" "where I have copied the keystore to. > >> I've done everything. Yet when I type https://localhost:8443 in the > >> browser > >> window I get nothing. When using IE it takes ages to search for the > >> page, > >> then eventually I get "This page cannot be displayed" and in Mozilla I > >> get a > >> message after a couple of minutes saying the page has timed out and get > >> left > >> with a blank page. So I can't load the page up at all. > >> > >> I've tried everything I can think of to get it to work. I have 3 > >> different > >> books on this subject and I've followed the instructions in every one to > >> try > >> and get this to work. Nothing has worked. I did a Google search using > >> as > >> many different combinations of words I can think of but the only help I > >> get > >> is for Tomcat 3 and the old JSSE installation. So I'm lost. I did even > >> think about installing the JSSE 1.3 to see if that had an effect, as I > >> can't > >> find any of the jar files that are mentionned in that area. However, I > >> felt > >> it best to ignore that as it says. > >> > >> So as you can see I've tried everything I can think of. Nothing as > >> worked. > >> If anyone can help me I would be extremely grateful. > >> > >> Many thanks > >> > >> Mark Whitby > >> [EMAIL PROTECTED] > >> > >> > >> > >> --------------------------------------------------------------------- > >> To unsubscribe, e-mail: [EMAIL PROTECTED] > >> For additional commands, e-mail: [EMAIL PROTECTED] > >> > >> > > > > > > __________________________________________________ > > Do You Yahoo!? > > Tired of spam? Yahoo! Mail has the best spam protection around > > http://mail.yahoo.com > > > > --------------------------------------------------------------------- > > To unsubscribe, e-mail: [EMAIL PROTECTED] > > For additional commands, e-mail: [EMAIL PROTECTED] > > > > > --------------------------------------------------------------------- > To unsubscribe, e-mail: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED] > > __________________________________________________ Do You Yahoo!? Tired of spam? Yahoo! Mail has the best spam protection around http://mail.yahoo.com --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
