I didn't specify the "keyStore" parameter in here because I only have one keystore at C:\Documents and Settings\HP_Administrator\.keystore or do Iexplicitely need to do that? I read somewhere that I didn't.
Personally, I can not even begin to imagine how Tomcat would know where to find the keystore on a windows machine so one thing I would suggest (until you get it all working) is to be as explicit as possible and provide the keystore location in the connector and the password for it as well.
I have the same certificate imported under the 'root' and 'tomcat' alias; is that a problem?
I have no idea why you felt or thought that you needed to have the same certificate listed twice in your keystore. Its not really a question of weather or not its a problem...its more a question of me wanting to know the motivation for you doing this at all. The point here is configure a "connector" so that when someone uses https, you can serve up a certificate that you got signed by some CA that is trusted(the CA cert is trusted by the user's browser) by most user's browsers and is embedded(the CA's cert is embedded in the user browser) in them. Since the user's browser trusts the CA's cert to sign other certs...that means they should/will the certificate that you happen to be serving....Right? So as long as you tell the connector what keystore to look in, what the password for that keystore is, and what alias to use as a handle to pull the certificate (that needs to be served) out of that keystore....you should be good to go. Feel free to tell me otherwise or let me know of any issues you face. Cheers!
