Veni,
On 12/23/22 12:16, Janardhanan, Veni wrote:
Hi,
I’ve a self-signed certificate installed on Tomcat 9 which works fine. This is
a Crystal Server SAP BO BI 4.3 box.
To make it secure I installed our CA signed certificate. After a restart I
brought Tomcat up, the logs show ‘Invalid Keystore format’ error.
Below is the config from server.xml.
<Connector port="8443" protocol="org.apache.coyote.http11.Http11NioProtocol"
compressionMinSize="2048" URIEncoding="UTF-8"
compression="on"
certificateKeyAlias="xxxxxxxx.corp.xxxxxxx.com"
compressableMimeType="text/html,text/xml,text/plain,text/css,text/javascript,text/json,application/javascript,application/json"
maxThreads="200" scheme="https" secure="true" SSLEnabled="true">
<SSLHostConfig>
<Certificate certificateKeystoreFile="C:/SSL/certnew_pfx.pfx"
certificateKeystorePassword="Crystal!@#" keystoreType="PKCS12"
type="RSA" />
</SSLHostConfig>
</Connector>
Please suggest. Am stuck at this point unable to proceed further, any
hints/thoughts highly appreciated!
I'm sorry, I didn't realize that this was essentially a re-post of your
previous thread with subject "Install CA signed certificate on Tomcat 9".
I see this was what was in your keystore:
Your keystore contains 2 entries
tomcat, Sep 8, 2022, PrivateKeyEntry,
Certificate fingerprint (SHA-256):
8B:1D:5B:59:86:39:A5:CD:AB:2A:4A:45:13:2B:82:A1:44:CD:8A:E7:20:96:5A:02:0F:73:E3:5A:A6:DB:B6:FD
tomcat1, Sep 29, 2022, trustedCertEntry,
Certificate fingerprint (SHA-256):
1F:A1:D5:1A:AD:5C:57:6C:B8:90:D8:CA:D1:89:2D:E1:1E:1F:7E:78:D2:19:72:CE:CC:3B:25:03:DE:0F:E1:B6
On 23 Dec you said "when I access the Central Management Console, the
browser shows site as ‘Not Secure’".
What is the Central Management Console?
Is Tomcat able to start without throwing any errors in the log files?
Are you able to reach the site, but get a browser warning that it's
"insecure"? I just want to make sure we are solving he right problem.
-chris
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org