Siddhi,
On 6.3.2013 10:41, Siddhi Borkar wrote:
The certificate that I am using is RSA based certificate, I tried listing the
RSA based ciphers in the server the xml, however it still gave me the same
error.
<Connector port="443" protocol="HTTP/1.1" SSLEnabled="true"
maxThreads="150" scheme="https" secure="true" keystoreFile="/tmp/.keystore" keystorePass="changeit"
enableLookups="false"
ciphers="SSL_RSA_WITH_RC4_128_MD5,SSL_RSA_WITH_RC4_128_SHA,TLS_RSA_WITH_AES_128_CBC_SHA,TLS_DHE_RSA_WITH_AES_128_CBC_SHA,SSL_RSA_WITH_3DES_EDE_CBC_SHA,SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA,SSL_RSA_WITH_DES_CBC_SHA,SSL_DHE_RSA_WITH_DES_CBC_SHA,SSL_RSA_EXPORT_WITH_RC4_40_MD5,SSL_RSA_EXPORT_WITH_DES40_CBC_SHA,SSL_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA"
clientAuth="false" sslProtocol="TLS" />
Any idea what else could be going wrong?
You didn't import your private key into Java keystore.
Use openssl to create PKCS#12 keystore containing your private key
(prvkey.key), your certificate (sslcert.crt) and sertificate chain
(cacert.pem).
Then, import PKCS#12 keystore to Java keystore using keytool.
Verify Java keystore with:
keytool -list -keystore /tmp/.keystore -v
You should see one PrivateKeyEntry, with certificate chain to trusted CA.
-Ognjen
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org
