Chris, > You mean the root CA stuff? Your default Java cacerts should probably > already contain them. If not...
I mean the all the certificates listed in the second option in godaddy documentation. They list 4 certs. They are all included in a zip file which is available for download once the CSR is submitted. Are we talking about the same thing? > I think you wanted to import them into your trust store, not your key store. From what I understand, a truststore is required when cleint auth is required, which we do not. Is this right? > TC 6 and 7 should be nearly the same. Thats what I thought. > Hmm... that sounds weird. Try starting again, re-creating your keystore > and importing the GoDaddy certificates into it. Then test the > fingerprints to see if they are okay. Remember not to discard the key > you used to create your CSR or you'll have to re-submit to GoDaddy. I have gone through the whole process thrice now. Godaddy didn't have much info but they do agree the import commands should not change the thumbprints and I strongly believe that that is where the issue lies, but I am not sure how to fix it. > What is the output of "keytool -list -keystore tomcat.keystore"? Here's the output: keystore alias, Nov 30, 2010, PrivateKeyEntry, Certificate fingerprint (MD5): 5C:3B:1C:37:BE:A9:1D:41:17:92:5D:2E:9E:DA:2C:92 maincert, Nov 30, 2010, trustedCertEntry, Certificate fingerprint (MD5): 50:C6:68:A3:A7:8A:F1:01:B4:15:2A:AA:0E:93:78:97 root, Nov 30, 2010, trustedCertEntry, Certificate fingerprint (MD5): A9:23:75:9B:BA:49:36:6E:31:C2:DB:F2:E7:66:BA:87 intermed, Nov 30, 2010, trustedCertEntry, Certificate fingerprint (MD5): D5:DF:85:B7:9A:52:87:D1:8C:D5:0F:90:23:2D:B5:34 cross, Nov 30, 2010, trustedCertEntry, Certificate fingerprint (MD5): 82:BD:9A:0B:82:6A:0E:3E:91:AD:3E:27:04:2B:3F:45 All the thumbprints do not match their original crt file thumbprints. Thanks. --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
