Another suggestion:
Be sure that you are using only one Java version and that this version
is > 1.4.1 (there is a known bug with this version if you use it with JSSE).
Another idea is to use the -Djavax.net.debug=all flag. I never try this,
but it should help you to get more information about what your JSSE is
doing (which keystore and trusstore he try to use):
open the /opt/tomcat/bin/catalina.sh and add the follwing entry for
example after the cygwin entry:
JAVA_OPTS="$JAVA_OPTS" -Djavax.net.debug=all
and restart Tomcat
-- Franck
Franck, I suspect that my way of creating the key could be the problem.
Do you have an idea where I could find a "dummy" key for just
checking, my key is not the problem. It should be a key which is
already working with tomcat.
Thanks
Klaus
Klaus-F. Kaal schrieb:
Yes, Franck, I am "root" when I run key-creation and tomcat...
Franck Borel schrieb:
Next suggestion:
Did you make the key as root? And do you start Tomcat as root?
-- Franck
Yes, in testphase, I do all pw's in low-cases...
Franck Borel schrieb:
Hi Klaus,
Good Morning Franck,
yesterday, you did a great job, trying to help me. I appreciate
that!
Thanks.
But... I am running out of ideas. Regarding the password:
presently, I am using "changeit" for everything (just to get in
running), but I still have no success.
Yesterday, I sent anouther eMail explaining, what I am doing.
Could you please have a look at it and tell me your judgement?
And what I could try additionally?
You would really help a man in trouble.
Thank you very much.
Klaus
This is what I do:
CREATE KEY:
------------------------------------------------------------------------------------------------------
../../java/bin/keytool -genkey -alias tomcat -keyalg RSA
-keystore /opt/wt24/apache-tomcat-5.5.16/conf/.keystore
../../java/bin/keytool -export -alias tomcat -file
/opt/wt24/apache-tomcat-5.5.16/conf/tomcat-server.crt -keystore
/opt/wt24/apache-tomcat-5.5.16/conf/.keystore
../../java/bin/keytool -import -file
/opt/wt24/apache-tomcat-5.5.16/conf/tomcat-server.crt -keystore
/opt/wt24/apache-tomcat-5.5.16/conf/cacerts
In this process, I use the same password for all
------------------------------------------------------------------------------------------------------
SERVER.XML looks like this:
------------------------------------------------------------------------------------------------------
<Connector port="443" maxHttpHeaderSize="8192"
maxThreads="150" minSpareThreads="25"
maxSpareThreads="75"
enableLookups="false" disableUploadTimeout="true"
acceptCount="100" scheme="https" secure="true"
clientAuth="false" sslProtocol="TLS"
keystorePass="secret"
debug="0"
keystoreFile="/opt/wt24/apache-tomcat-5.5.16/conf/.keystore"
truststoreFile="/opt/wt24/apache-tomcat-5.5.16/conf/cacerts"
truststorePass="password as used in key-creation"
/>
-----------------------------------------------------------------------------------------------------
When I START TOMCAT, the log shows:
----------------------------------------------------------------------------------------------------
INFO: Starting Coyote HTTP/1.1 on http-80
12.04.2006 19:43:55 org.apache.coyote.http11.Http11BaseProtocol
start
SCHWERWIEGEND: Error starting endpoint
java.io.IOException: Keystore was tampered with, or password was
incorrect
Ok.
First suggestion: Passwords are case sensitve. Did you consider this?
-- Franck
------------------------------------------------------------------------
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
------------------------------------------------------------------------
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
--
====================================================================
Dipl.-Hyd. Franck Borel Universitaetsbibliothek Freiburg
EMail: [EMAIL PROTECTED] EDV-Dezernat
Tel. : +49-761 / 203-3908 Werthmannplatz 2 | Postfach 1629
Fax : +49-761 / 203-3987 79098 Freiburg | 79016 Freiburg
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
