Hello Daniel Thank you for the information. Here is the output of the keytool command:
Keystore type: JKS Keystore provider: SUN Your keystore contains 2 entries root, Jun 16, 2016, trustedCertEntry, Certificate fingerprint (SHA1): 27:AC:93:69:FA:F2:52:07:BB:26:27:CE:FA:CC:BE:4E:F9:C3:19:B8 {b81d8607-57e9-4c35-a058-cd46099e7797}, Jun 16, 2016, PrivateKeyEntry, Certificate fingerprint (SHA1): 6C:67:52:63:6B:EF:A2:3D:CD:A7:CB:64:99:99:4F:9C:3E:85:B9:AA Is it possible that the error that I am seeing, is related to the fact that I am using a wildcard certificate? Thanks On Tue, Jun 28, 2016 at 5:09 PM, Daniel Savard <daniel.sav...@gmail.com> wrote: > 2016-06-28 16:24 GMT-04:00 Sean Son <linuxmailinglistsem...@gmail.com>: > <snip/> > > > > > as for the output to the keytool command: > > > > Isnt the output to that command, confidential information? > > > > > No, there isn't anything confidential from the output of a simple -list. It > doesn't display the private key or anything like that. It will just show > the list of certificates in your keystore. > > The first entry in the keystore will be the one sent back by the Tomcat > server since you didn't specify any alias. So, I assume this is the > intended behavior. > > Since you do not specify any trust store, the default trust store shipped > with your version of Java will be used. If the clients trying to connect > are not having certificats signed by one of these, it will fails. It may > not be a problem in your case since you do not provide any details on the > clients' certificates. > > Regards, > ----------------- > Daniel Savard >