Hi,
I use Tomcat 9 version. I have configured the server.sml as following to
use certificate signed.
<Connector
port="8443"
protocol="org.apache.coyote.http11.Http11AprProtocol"
maxThreads="150"
SSLEnabled="true"
scheme="https"
secure="true"
SSLCertificateFile="/app/config/certs/wildcard.unifr.ch.crt"
SSLCertificateKeyFile="/app/config/certs/wildcard.unifr.ch.key"
SSLCACertificateFile="/app/config/certs/DigiCertCA.crt"
SSLVerifyClient="none"
sslProtocol="TLSv1+TLSv1.1+TLSv1.2"
URIEncoding="UTF-8"
/>
But I have an error with openssl commande to verify it is correctly
configured.
Commande and output:
echo | openssl s_client -showcerts -connect server.unifr.ch:8443 |head -1
depth=0 C = CH, ST = Fribourg, L = Fribourg, O = Universit\C3\A9 de
Fribourg - Universit\C3\A4t Freiburg, CN = *.unifr.ch
verify error:num=20:unable to get local issuer certificate
verify return:1
depth=0 C = CH, ST = Fribourg, L = Fribourg, O = Universit\C3\A9 de
Fribourg - Universit\C3\A4t Freiburg, CN = *.unifr.ch
verify error:num=21:unable to verify the first certificate
verify return:1
depth=0 C = CH, ST = Fribourg, L = Fribourg, O = Universit\C3\A9 de
Fribourg - Universit\C3\A4t Freiburg, CN = *.unifr.ch
verify return:1
DONE
CONNECTED(00000003)
Some body can help me ?
Many thanks, regards
Olivier
