If the keystore that Tomcat uses contains more than one entry where
Entry type = keyEntry, how does Tomcat choose which one to use when
sending a certificate to the client?
It seems as though the alias name is not significant - any alias will do.
After some experimenting it seems it uses the
John Ryan-Brown wrote:
If the keystore that Tomcat uses contains more than one entry where
Entry type = keyEntry, how does Tomcat choose which one to use when
sending a certificate to the client?
Dunno but there is an undocumented Connector attribute
keyAlias=myalias which works with 5.5.9 and
[EMAIL PROTECTED]An: [EMAIL PROTECTED]
.comKopie:
Gesendet von:Thema:Re: Antwort: RE: SSL,
keystore with ca hierarchy
I can't do step 1 and 2 because the certificate and private
key has been
created already with openssl.
The file TestServer_APU.pem contains the private key and
certificate in the
PEM format.
Should that work either?
Sorry, no idea. You may need to convert formats. A quick Google found
broken-record
There is a utility at http://www.comu.de/docs/tomcat_ssl.htm to import your
OpenSSL certs into a JKS keystore. Alternatively, the ssl_howto for TC 5.x
contains an example of how to configure a PKCS12 keystore from an OpenSSL
keystore.
/broken-record
Mark Thomas [EMAIL PROTECTED]
I've created the following keystore for Tomcat 4.1.18:
SET KEYSTORE_FILE=.\.keystore
keytool -import -keystore %KEYSTORE_FILE% -storepass icebeer -alias root
-trustcacerts -file CA_Root_APU.pem
keytool -import -keystore %KEYSTORE_FILE% -storepass icebeer -alias
server_ca -trustcacerts -file
into .keystore rather than the cacerts file.
Mark
-Original Message-
From: Oliver Wulff [mailto:[EMAIL PROTECTED]
Sent: Saturday, January 24, 2004 2:25 PM
To: [EMAIL PROTECTED]
Subject: SSL, keystore with ca hierarchy
I've created the following keystore for Tomcat 4.1.18:
SET
]
Kopie:
Thema:RE: SSL, keystore with ca
hierarchy
24.01.2004 19:18
Bitte antworten
Am Mittwoch, 10. Dezember 2003 06:59 schrieb Bill Barker:
Ankur Shah [EMAIL PROTECTED] wrote in message
news:[EMAIL PROTECTED]
Remy Maucherat wrote:
Baer Peter Christoph Alexander wrote:
Hi!
I have a question about something, I observe, but don't
want to believe... ;-)
Am Dienstag, 9. Dezember 2003 20:54 schrieb Ankur Shah:
Remy Maucherat wrote:
Baer Peter Christoph Alexander wrote:
Hi!
I have a question about something, I observe, but don't
want to believe... ;-)
Tomcat 5 can use my keystore, but only if the password is
changeit, the default
Baer Peter Christoph Alexander wrote:
Am Dienstag, 9. Dezember 2003 20:54 schrieb Ankur Shah:
Remy Maucherat wrote:
Baer Peter Christoph Alexander wrote:
Hi!
I have a question about something, I observe, but don't
want to believe... ;-)
Tomcat 5 can use my keystore, but only if
... ;-)
Regards
Alex
-Original Message-
From: Jeanfrancois Arcand [mailto:[EMAIL PROTECTED]
Sent: Wednesday, December 10, 2003 3:21 PM
To: Tomcat Users List
Cc: Ankur Shah
Subject: Re: TC5 + SSL: Keystore password bound to default changeit?
Baer Peter Christoph
(or I'm very bad...).
-- Jeanfrancois
Regards
Alex
-Original Message-
From: Jeanfrancois Arcand [mailto:[EMAIL PROTECTED]
Sent: Wednesday, December 10, 2003 3:21 PM
To: Tomcat Users List
Cc: Ankur Shah
Subject: Re: TC5 + SSL: Keystore password bound to default changeit?
Baer
Hi!
I have a question about something, I observe, but don't
want to believe... ;-)
Tomcat 5 can use my keystore, but only if the password is
changeit, the default password. Now, the docs say, one
should use this, but with TC 4.0.6 it was possible to
change it. Is the password hard coded in TC 5?
Baer Peter Christoph Alexander wrote:
Hi!
I have a question about something, I observe, but don't
want to believe... ;-)
Tomcat 5 can use my keystore, but only if the password is
changeit, the default password. Now, the docs say, one
should use this, but with TC 4.0.6 it was possible to
change
Remy Maucherat wrote:
Baer Peter Christoph Alexander wrote:
Hi!
I have a question about something, I observe, but don't
want to believe... ;-)
Tomcat 5 can use my keystore, but only if the password is
changeit, the default password. Now, the docs say, one
should use this, but with TC
Ankur Shah [EMAIL PROTECTED] wrote in message
news:[EMAIL PROTECTED]
Remy Maucherat wrote:
Baer Peter Christoph Alexander wrote:
Hi!
I have a question about something, I observe, but don't
want to believe... ;-)
Tomcat 5 can use my keystore, but only if the password is
On Tuesday 17 June 2003 18:55, Marc Dugger wrote:
I am attempting to change the certificate against which a webapp
authenticates itself. I've gone as far as deleting the old key/cert
from the keystore and imported a new one. However, the webapp
continues to use the old cert. I've verified
I am attempting to change the certificate against which a webapp
authenticates itself. I've gone as far as deleting the old key/cert
from the keystore and imported a new one. However, the webapp continues
to use the old cert. I've verified that the 'keystorefile' param on the
SSL factory is
I don't use SSL, but when you stop and start the server, do you clean out
the work directory?
John
On Tue, 17 Jun 2003 11:55:06 -0500, Marc Dugger [EMAIL PROTECTED]
wrote:
I am attempting to change the certificate against which a webapp
authenticates itself. I've gone as far as deleting the
Check you ssl.conf.
-Original Message-
From: John Turner [mailto:[EMAIL PROTECTED]
Sent: June 17, 2003 3:07 PM
To: Tomcat Users List
Subject: Re: ssl keystore
I don't use SSL, but when you stop and start the server, do you clean out
the work directory?
John
On Tue, 17 Jun 2003 11:55
I had tried playing around with the SSL connector and deleted a keystore when i was
done. I thought Tomcat would stop trying to load it. For some reason it keeps trying
to find the file from the path where it previously was and throws a
FileNotFoundException. Where is it getting the path
Have you commented out the SSL connector in server.xml?
-Original Message-
From: brana02 [mailto:[EMAIL PROTECTED]]
Sent: Mittwoch, 20. November 2002 13:49
To: [EMAIL PROTECTED]
Subject: SSL keystore problem
I had tried playing around with the SSL connector and deleted
:
Subject: RE: SSL keystore problem
Have you commented out the SSL connector in server.xml?
-Original Message-
From: brana02 [mailto:[EMAIL PROTECTED]]
Sent: Mittwoch, 20. November 2002 13:49
To: [EMAIL
:[EMAIL PROTECTED]]
Sent: Wed 11/20/2002 7:53 AM
To: Tomcat Users List
Cc:
Subject: RE: SSL keystore problem
Have you commented out the SSL connector in server.xml?
-Original Message-
From
Subject: RE: SSL keystore problem
no i have not...i have tried that and it works, but i would like to start again clean,
how do I go about doing this?
-Original Message-
From: Roberts, Eric [mailto:[EMAIL PROTECTED]]
Sent: Wed 11/20/2002 7:53 AM
List
Subject: RE: SSL keystore problem
Also I would like to know where that path information to the keystore is being
stored-- is there some hidden system file or properties file that the
SSLServerFactory reads from in order to attempt to initKeyStore()?
-Original Message
Users List
Cc:
Subject: RE: SSL keystore problem
By default the keystore is created in the home directory of the user that
creates it.
If SSL Connector is called, it looks in the home directory for the keystore
Users List
Cc:
Subject: RE: SSL keystore problem
By default the keystore is created in the home directory of the user that
creates it.
If SSL Connector is called, it looks in the home directory for the keystore
, 20. November 2002 14:03
To: Tomcat Users List
Subject: RE: SSL keystore problem
Do you know how to specify a different location?
Sorry to bother u so much but im just a student trying to teach all this stuff to
myself.
-Original Message-
From: Roberts, Eric
List
Cc:
Subject: RE: SSL keystore problem
By default the keystore is created in the home directory of the user that
creates it.
If SSL Connector is called, it looks in the home directory for the keystore.
-Original Message
]]
Sent: Wed 11/20/2002 8:25 AM
To: Tomcat Users List
Cc:
Subject: RE: SSL keystore problem
Don't know if this is of help, but on linux the keystore will be stored
under the username in a file called .keystore {. means it's
You can tell tomcat to look in a different location at startup by specifying
the following value in your CATALINA_OPTS variable:
-Djavax.net.ssl.keystore=the keystore filename
Andy
-Original Message-
From: brana02
To: Tomcat Users List
Sent: 20/11/2002 13:03
Subject: RE: SSL keystore
still searching for the .keystore file = so does
it need to be named .keystore??
-Original Message-
From: p niemandt [mailto:[EMAIL PROTECTED]]
Sent: Wed 11/20/2002 8:25 AM
To: Tomcat Users List
Cc:
Subject: RE: SSL keystore problem
To: 'Tomcat Users List '
Cc:
Subject: RE: SSL keystore problem
You can tell tomcat to look in a different location at startup by specifying
the following value in your CATALINA_OPTS variable:
-Djavax.net.ssl.keystore
Subject: RE: SSL keystore problem
I am really not familiar with where to add that line and under what
conditions in the catalina.bat file, could you be a little more specific
thanks
-Original Message-
From: Bodycombe, Andrew [mailto:[EMAIL PROTECTED]]
Sent: Wed 11/20
(). Whats going on here??
-Original Message-
From: Bodycombe, Andrew [mailto:[EMAIL PROTECTED]]
Sent: Wed 11/20/2002 9:35 AM
To: 'Tomcat Users List '
Cc:
Subject: RE: SSL keystore problem
No problem
are you using the prefix https? e.g. https://www.yoursite.com
-Original Message-
From: brana02 [mailto:[EMAIL PROTECTED]]
Sent: 20 November 2002 15:35
To: Tomcat Users List
Subject: RE: SSL keystore problem
I'd like to thank all of you for helping me out, I got tomcat configured
the server.xml file?
-Original Message-
From: brana02
Sent: Wed 11/20/2002 10:34 AM
To: Tomcat Users List
Cc:
Subject: RE: SSL keystore problem
I'd like to thank all of you for helping me out, I got tomcat
Hi Tomcat Users,
Do I need to store my signed certificate and private key in a keystore to
use SSL with tomcat 3.2.3 stand alone? If so, how do I get an
already-generated private key AND signed certificate in there?
I've followed the documentation at the below url:
Hi,
could any one tell me, from where the keystore is refered?
ls that the path we specify in the server.xml? lf it is l'm not getting
expected results..
does anyone have any idea?
Rams
CMCLtd
3000401 x 2162 (O)
6313447 (R)
winmail.dat
41 matches
Mail list logo