On 25/05/2010 14:00, Gustavo Mauro wrote: > > Hello all, > I am currently deploying a solution (B.O. Server) that uses both IIS 6 > and Tomcat 5; this last one just as a servlet handler. > This web site though must be secure and reached only via HTTPS (tcp > 443/8443). > The SSL certificate was generated to IIS and, using its tools, exported > as an PKC12 key file to be used on Tomcat. However, the keystore is not being > recognized and I am somehow clueless on what to do to fix the problem.
So is IIS handling the SSL or is Tomcat? If it's the latter, have you read the following instructions? http://tomcat.apache.org/tomcat-6.0-doc/ssl-howto.html > What I did: > 1) from IIS Management Console, I exported the already installed and working > certificate to a *.pfx file. > 2) edited tomcat's server.xml file as below: > > <Connector port="8443" > maxThreads="150" > minSpareThreads="25" > maxSpareThreads="75" > enableLookups="false" > disableUploadTimeout="true" > acceptCount="100" > debug="1" > scheme="https" > secure="true" > clientAuth="false" > sslProtocol="TLS" > keystoretype="PKCS12" > keystoreFile="e:\bo01_w3svc1_cert.pfx" > keystorePass="password" /> A KeyStore is not a certificate file. See the above link for more information. p > 3) started both IIS 6 and Tomcat 5 (installed by BOE) > > 4) IIS works fine, while Tomcat throws me the error below: > May 20, 2010 4:15:36 PM org.apache.coyote.http11.Http11Protocol init > INFO: Initializing Coyote HTTP/1.1 on http-8080 > May 20, 2010 4:15:36 PM org.apache.coyote.http11.Http11Protocol init > SEVERE: Error initializing endpoint > java.io.IOException: Invalid keystore format > at sun.security.provider.JavaKeyStore.engineLoad(JavaKeyStore.java:629) > at java.security.KeyStore.load(KeyStore.java:652) > at > org.apache.tomcat.util.net.jsse.JSSESocketFactory.getStore(JSSESocketFactory.java:278) > at > org.apache.tomcat.util.net.jsse.JSSESocketFactory.getKeystore(JSSESocketFactory.java:220) > at > org.apache.tomcat.util.net.jsse.JSSE14SocketFactory.getKeyManagers(JSSE14SocketFactory.java:143) > at > org.apache.tomcat.util.net.jsse.JSSE14SocketFactory.init(JSSE14SocketFactory.java:109) > at > org.apache.tomcat.util.net.jsse.JSSESocketFactory.createSocket(JSSESocketFactory.java:88) > at > org.apache.tomcat.util.net.PoolTcpEndpoint.initEndpoint(PoolTcpEndpoint.java:259) > at org.apache.coyote.http11.Http11Protocol.init(Http11Protocol.java:137) > at > org.apache.coyote.tomcat5.CoyoteConnector.initialize(CoyoteConnector.java:1429) > at > org.apache.catalina.core.StandardService.initialize(StandardService.java:609) > at > org.apache.catalina.core.StandardServer.initialize(StandardServer.java:2384) > at org.apache.catalina.startup.Catalina.load(Catalina.java:507) > at org.apache.catalina.startup.Catalina.load(Catalina.java:528) > at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) > at > sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39) > at > sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25) > at java.lang.reflect.Method.invoke(Method.java:324) > > I searched the net for advices, but none of the posts successfully solved the > problem. > > Does anyone know what may be going on here? > > Thanks, > > Gustavo. > > > _________________________________________________________________ > QUEM VOCÊ QUER SER HOJE NO MESSENGER? TRANSFORME SUA FOTO, É GRÁTIS. > http://ilm.windowslive.com.br/?ocid=ILM:ILM:Hotmail:Tagline:1x1:Tagline
signature.asc
Description: OpenPGP digital signature