Just a quick run down of the version and specs:
Apache Tomcat 6.0.18
JVM version Sun 1.6.0_13-b03
Windows Server 2003
We recently stood up a Tomcat instance to enable SSL for a new app.
Everything works perfectly fine with one exception. When you hit the
url for the application it comes up with the following certificate error
message: The name on the security certificate is invalid or does not
match the name on the site.
You can click on yes to proceed proceed and the site comes up fine.
Since this is a test instance we don't mind too much. However we will
be implementing this into our production environment and we can't have
the same issue there.
The real crux of the issue is that for the life of us, we cannot figure
out what certificate this instance is using. When I click on the
certificate details, it says Unknown for both Issued to and Issued by.
This is not the certificate that we are pointing to in the configuration
in the server.xml. Below I've cut and pasted the configuration. Both
the PEM and certificate file are in the path listed below and look fine
to us.
<Connector port="443" maxThreads="200"
scheme="https" secure="true" SSLEnabled="true"
SSLCertificateFile="D:\certs\shappuat2.cer"
SSLCertificateKeyFile="D:\certs\shappuat2.pem"
clientAuth="optional" SSLProtocol="TLSv1"/>
In this configuration it shouldn't be using a keystore but using the
cert that we specified. It seems to be ignoring this configuration for
some reason. Even more confusing though is that I have exported the
contents every keystore on the entire server and there is no evidence of
the unknown cert. At this point we're out of ideas.
Does anyone know why it's ignoring the configuration and not using the
certificate we specified?
