Some more information regarding my problem statement,
i followed exactly like this,
1. created the keystore using keytool
2. created CSR using the -certreq using keytool
3. sent the same to verisign and get the certificate as as a reply.
4. imported the root certificate provided by verisign.
5. imported the intermediate cert provided by verisign.
6. inported that trial certificate provided by verisign into the same
keystore from which i generated the CSR
7. referred the keystore from the <connector/> component.(I have posted
my connector configuration ablove
8. when i started the server i got the following error,
java.io.IOException: Alias name aliasName does not identify a key entry.
please suggest me further.
Thanks,
Bhuvan P
On Fri, Mar 13, 2009 at 10:32 AM, Bhuvanesh Pattanashetti <
bhuva...@gmail.com> wrote:
> HI All,thanks all for your suggestions. :-)
>
> Here are following some more details.
>
> I m using
>
> - tomcat 6.0,
> - JDK 1.6,
> - no i m not using keystore.
> - I m running on Xp with Spring-DM framework.
> connector is as follows.
>
> <Connector
> port="8443" minSpareThreads="5" maxSpareThreads="75"
> enableLookups="true" disableUploadTimeout="true"
> acceptCount="100" maxThreads="200"
> scheme="https" secure="true" SSLEnabled="true"
> keyAlias="aliasName"
> keystoreFile="KEeySrotePath" keystorePass="password"
> clientAuth="false" sslProtocol="TLS"/>
>
> I have generated the keystore using keytool.
> Please suggest me further.
>
>
>
>
>
> On Fri, Mar 13, 2009 at 7:51 AM, Bill Barker <wbar...@wilshire.com> wrote:
>
>> Willing to try and play psychic ;).
>>
>> Procedure 1 is what you want. But the keystore must be the same one that
>> you used to create the CSR you sent to Verisign. This is by far the
>> second
>> most common mistake that people make when setting up Tomcat to use SSL.
>> As
>> Chuck suggested, check if you are using APR (the SSL configuration options
>> are different, and APR can't use a JKS keystore). This is the most common
>> mistake. Verisign has an intermediate cert as well. You'll likely need
>> to
>> import that as well. And of course, import the Verisign root cert.
>>
>>
>> "Bhuvanesh Pattanashetti" <bhuva...@gmail.com> wrote in message
>> news:bce69da80903120948v7c2f1693md9db7e74e6e3f...@mail.gmail.com...
>> > Hi all,
>> > I m trying to set up the SSL for tomcat server. I wanted to know what
>> > exactly is the procedure.
>> > here is what i have followed.
>> >
>> > Procedure 1.
>> >
>> > 1. Created my own keystore.
>> > 2. Imported the trial certificate (provided by Verisign ) into the
>> > keystore.
>> > 3. Added a ssl connector component in to the conf/server.xml into
>> tomcat
>> > configuration file.
>> > 4. Started the Server, When tried accessing connector port from
>> browser,
>> > I got cannot display the webpage.
>> > 5.
>> >
>> > procedure 2 :
>> >
>> > 1. Created my own keystore.
>> > 2. Imported the trial certificate (provided by Verisign ) into the
>> > keystore.
>> > 3. Imported the trial certificate (provided by Verisign ) into the
>> > cacerts from jre/lib/security/cacerts.
>> > 4. Added a ssl connector component in to the conf/server.xml into
>> tomcat
>> > configuration file mentioning keyAlias pointing to imported
>> certificate
>> > alias.
>> > 5. Started the Server, at start up i got the folliwing exception
>> >
>> > java.io.IOException: Alias name mykeyalias does not identify a key
>> entry
>> >
>> > I had importing the root certificate or intrmediate certificate first
>> > before
>> > importing trial verisign certificate suggested by tomcat.
>> > But none of the things are working :-( please suggest me.
>> > thanks in advance.
>> > Bhuvan P
>> >
>>
>>
>>
>>
>> ---------------------------------------------------------------------
>> To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
>> For additional commands, e-mail: users-h...@tomcat.apache.org
>>
>>
>
