-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Justin,
On 1/6/12 2:56 PM, Justin Larose wrote: > This Tomcat environment was setup long before I worked here, so I > am just upgrading from an older version to 7.0.23 and trying to not > use a self signed certificate. It's important for you to know if your app actually requires client authentication. Since your <Connector> says clientAuth="true", it means that all clients must present a valid certificate in order to connect. > I can get the sample-ssl.jks to work with the below connector port > information. But when I edit the connector ports to add the new > "wcmdev-ssl.jks" and imported Certificate(s) I received from the > CSR I get the error, "java.io.IOException: Alias name tomcat does > not identify a key entry" What do you get if you run this command: $ keytool -list -keystore conf/sample-ssl.jks > Weird because it is an alias. Is it looking for tomcat as the > actual entry name or alias? Your certificate needs to have the alias "tomcat". > It seems like it is not reading the keystore properly. Should I > just create a new CSR from the sample-ssl.jks keystore? That shouldn't be necessary. You may have to re-import your certificate, though. - -chris -----BEGIN PGP SIGNATURE----- Version: GnuPG/MacGPG2 v2.0.17 (Darwin) Comment: GPGTools - http://gpgtools.org Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iEYEARECAAYFAk8Hc5wACgkQ9CaO5/Lv0PC9LwCcDOxPQ9G8PY6WQAcUq/6zDvjR CU4AoLsvEq++7v0Ml5+A+XjRPilsKA9p =6XzB -----END PGP SIGNATURE----- --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
