-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Ognjen,
On 9/17/13 4:37 AM, Ognjen Blagojevic wrote: > Mavenpol, > > On 16.9.2013 22:47, Mavenpol Saulon wrote: >> This server where I imported the certificates and has been >> encountering errors is just one of the servers that are >> configured to run SSL. All of the other servers have the same >> setup except for the "keytool -delete.." that I used in this >> particular erring server. Other servers are OK in SSL. >> >> I'm worried that the keytool delete might have caused the >> problem? > > (On this list it is standard to put your text below the quote.) > > What is the content of your Java keystore now? You should have > PrivateKeyEntry with valid certificate chain. Check it using > > keytool -list -v > > > You may also check if the certificate chain is served properly to > the client using openssl: > > openssl s_client -connect server.example.com:443 -showcerts > > > Other than that, you may try to turn on TLS/SSL Java debugging > using VM option: > > -Djavax.net.debug=all > > > These commands/option will give you some insight what is wrong > with keystore and TLS/SSL handshake. It also would be helpful for OP to: a) Specify the version of Tomcat you are using b) Provide the <Connector> configuration from your conf/server.xml (without any sensitive material such as passwords) - -chris -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.14 (Darwin) Comment: GPGTools - http://gpgtools.org Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/ iQIcBAEBCAAGBQJSOFwPAAoJEBzwKT+lPKRYBWMQAIAE5pRZHe0xyCPBV5hMH81H ZNz9k94I/+vSdLOgBzFT0biT2jd+LUHU9jv8SMpwJ8UCDtz5HGCc/QGWZF1gpZ/3 0WzHx5dDMXLgKmV1ht82xWWNVrTvzFRob8vwRIFse3bc/GjavX/aTnrKKArkJKs+ Vl+IxLwtvcrdbUNefIBNFSvNbMb33BM0hy6vvAYgGbMVwavImn54FnXO9Ud+V3nr GXTwD7Wt4Es9ZgQDPIWJWPNKSjA8xhpvh90pZEIXw7/MBGUZbcbCYhPKOEVaHS1y 8gWVGnnbh1MsW2ZAUD1Z3UWVE7UIVDAca1YH7VOGjmuF4iGWAlsPaDWqj9cOzc8D GpE66qdDFvotvGN0uTBe+QHLoyh95u9i1BgBPy6aI4BQRQZS9gz0L9s+vjVGMBQ/ 8YJoGBdIyLe1zrHgIFJBi/lYhzNzUh9Ozh/+X+EEDd1S3NuqokELI/WsnPkHdoGO dg3ubzt6IEYWMu/5QJCfWneI+cbbgB/E/iLWUK0vmK4F/C6Li1Fi3WNB/8qoy5Ot ib5lVTIOhS1ovGclQd3E2Zl/JRms84gt1YuTa/AaV3swwDUz7g4nnbhs9ozDtnp5 2RYdkUKVeqKNC3GFQma119hCR55xQu8P/91IkVrR/kHLLIaklGLSlXnbqlH4wnBk GnvW4oyilc0IjjLwif9b =ociN -----END PGP SIGNATURE----- --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
