Re: question on certificate use - resending with attachment descriptions in case they get stripped out again. If this doesnt work I will resend the email when I get home

[ray . diaz]

I installed an SSL certificate using keytool on the apache tomcat server. 
When my site loads, depending on the certificate, I either get a blank 
screen loading or the certificate error on the toolbar next to the URL 
that doesn't go away. The site works though, but I would like to get rid 
of that Certificate Error displaying. I am using Internet Explorer 8 and a 
self signed certificate when the site works, although with the 
certificates error displaying. And when I use a proper CA certificate that 
is when I get a blank screen.

I run the following command:

keytool -import -trustcacerts -alias tomcat2 -file 
C:\bonaire\revport\revport-it.us.bank-dns.com.crt -keystore 
c:\bonaire\revport\.keystore




Keytool allowed me to place the certificate into the keystore where my 
selfsigned certificate is located.

(If I run a keytool -list -keystore c:\bonaire\revport\.keystore, I see 2 
entries now, one with the self signed certificate I created, and one with 
the new certificate I just created above).


It gave no errors and allowed me to add it, just asked if I should trust 
the certificate which I said yes.

Then in my connector, I have:

<Connector 
           port="443" maxThreads="200"
           scheme="https" secure="true" SSLEnabled="true"
           keystoreFile="C:\Bonaire\REVPORT\.keystore" 
keystorePass="changeit"
           keyAlias="tomcat2"
           proxyName="revport-it.us.bank-dns.com" proxyPort="443"
/> 

And then on the browser, when I try to load the site, I get a blank screen 
again, says "Internet Explorer cannot display the webpage".


If I use "tomcat" as the alias in my connector, the site loads but then I 
get the "Certificate Error"  popup again, which is what I need to get rid 
of (on the top right the Internet Explorer).




Please help!

Thanks!


Ray 


U.S. BANCORP made the following annotations
---------------------------------------------------------------------
Electronic Privacy Notice. This e-mail, and any attachments, contains 
information that is, or may be, covered by electronic communications privacy 
laws, and is also confidential and proprietary in nature. If you are not the 
intended recipient, please be advised that you are legally prohibited from 
retaining, using, copying, distributing, or otherwise disclosing this 
information in any manner. Instead, please reply to the sender that you have 
received this communication in error, and then immediately delete it. Thank you 
in advance for your cooperation.

---------------------------------------------------------------------