Hello Felix, Thanks for the response.
I have received new certificated based on new CSR generated. While importing cert in to key, I'm getting the following error: java.lang.Exception: Failed to establish chain from reply Here is the keytool command that I used for this: keytool -import -alias tomcat -keystore c:/cert/final/private_key -trustcacerts -file c:/cert/final/cert.cer.txt Enter keystore password: keytool error: java.lang.Exception: Failed to establish chain from reply I'm I missing something here.... Thanks in advance. Sammaiah On 27 July 2011 19:41, Felix Schumacher <felix.schumac...@internetallee.de>wrote: > > > Sammaiah Kyatham <sammaiahf...@googlemail.com> schrieb: > > >Hello, > > > Your keystore has no private key. > The output of keytool below shows only a certificate. > You can use keytool -importkeystore to import key and certificate at the > same time. > > Regards > Felix > >Could you help me on this issue. I spent many hours with the various > >options > >> and couldn’t resolve. > >> > >> > >> > >> I have configured the server.xml as per the tomcat configuration, > >however > >> I’m getting below errors. > >> > >> > >> > >> <Connector port="8443" protocol="HTTP/1.1" SSLEnabled="true" > >> keystoreFile="C:\Program Files\Java\jre6\bin\hakioskcheckin2_key" > >> keystorePass="PrivatePWD" keyAlias="tomcat" maxThreads="150" > >scheme="https" > >> secure="true" clientAuth="false" sslProtocol="TLS" /> > >> > >> > >> > >> The exception in Catelina log: > >> > >> > >> > >> Jul 27, 2011 4:28:25 PM org.apache.coyote.http11.Http11Protocol init > >> > >> SEVERE: Error initializing endpoint > >> > >> java.io.IOException: Alias name tomcat does not identify a key entry > >> > >> at > >> > > >org.apache.tomcat.util.net.jsse.JSSESocketFactory.getKeyManagers(JSSESocketFactory.java:546) > >> > >> at > >> > > >org.apache.tomcat.util.net.jsse.JSSESocketFactory.init(JSSESocketFactory.java:481) > >> > >> at > >> > > >org.apache.tomcat.util.net.jsse.JSSESocketFactory.createSocket(JSSESocketFactory.java:156) > >> > >> at > >> org.apache.tomcat.util.net.JIoEndpoint.init(JIoEndpoint.java:538) > >> > >> at > >> org.apache.coyote.http11.Http11Protocol.init(Http11Protocol.java:176) > >> > >> at > >> > >org.apache.catalina.connector.Connector.initialize(Connector.java:1022) > >> > >> at > >> > > >org.apache.catalina.core.StandardService.initialize(StandardService.java:703) > >> > >> at > >> > > >org.apache.catalina.core.StandardServer.initialize(StandardServer.java:838) > >> > >> at > >> org.apache.catalina.startup.Catalina.load(Catalina.java:538) > >> > >> at > >> org.apache.catalina.startup.Catalina.load(Catalina.java:562) > >> > >> at sun.reflect.NativeMethodAccessorImpl.invoke0(Native > >Method) > >> > >> at sun.reflect.NativeMethodAccessorImpl.invoke(Unknown > >Source) > >> > >> at > >sun.reflect.DelegatingMethodAccessorImpl.invoke(Unknown > >> Source) > >> > >> > >> > >> > >> > >> When list the key using keytool, It lists alias tomcat as > >> > >> keytool -list -keystore hakioskcheckin2_key -storepass XXXXXX > >> Keystore type: JKS > >> Keystore provider: SUN > >> > >> Your keystore contains 1 entry > >> > >> tomcat, Jul 26, 2011, trustedCertEntry, > >> Certificate fingerprint (MD5): -removed intentionally- > >> > >> > >> > >> *If I remove alias from server.xml then following exception is > >throwing* > >> > >> > >java.io.IOException< > http://download.oracle.com/javase/6/docs/api/java/io/IOException.html>: > >> jsse.invalid_ssl_conf > >> at > >> > > >org.apache.tomcat.util.net.jsse.JSSESocketFactory.checkConfig(JSSESocketFactory.java:755) > >> > >> at > >> > > >org.apache.tomcat.util.net.jsse.JSSESocketFactory.init(JSSESocketFactory.java:460) > >> > >> at > >> > > >org.apache.tomcat.util.net.jsse.JSSESocketFactory.createSocket(JSSESocketFactory.java:130) > >> > >> at org.apache.tomcat.util.net.JIoEndpoint.init(JIoEndpoint.java:538) > >> at > >org.apache.coyote.http11.Http11Protocol.init(Http11Protocol.java:176) > >> at > >org.apache.catalina.connector.Connector.initialize(Connector.java:1014) > >> > >> at > >> > > >org.apache.catalina.core.StandardService.initialize(StandardService.java:680) > >> > >> at > >> > > >org.apache.catalina.core.StandardServer.initialize(StandardServer.java:795) > >> > >> at org.apache.catalina.startup.Catalina.load(Catalina.java:524) > >> at org.apache.catalina.startup.Catalina.load(Catalina.java:548) > >> at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) > >> > > > > --------------------------------------------------------------------- > To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org > For additional commands, e-mail: users-h...@tomcat.apache.org > >
