On 04/04/2014 21:42, Mark Murphy wrote: > I saw something on StackOverflow that said the key type in the keystore > needs to be PrivateKeyEntry and not trustedCertEntry. Is this true? When I > look at my keystore, it is trustedCertEntry for all the certs. > > But when I look at the type for the self signed certificate (which works), > it shows keyEntry. > > Does, or should this matter? and if so, how do I change the type?
Yes, this matters a lot. You must import the cert you receive from the CA into the same keystore you used to generate the CSR since that is where the private key is and the server has to have access to the private key. Mark --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
