HI Hitesh, I think you are suppose to add your pkcs12 key to a keystore repository (to the default alias name "tomcat", of course, this can be also changed) and then reference this keystore repository from within Tomcat.
Regards, lg On Oct 30, 2007 3:39 AM, Hitesh Raghav <[EMAIL PROTECTED]> wrote: > Hi Lucas, > > I'm using following <connector/> configuration: > > <Connector port="8443" maxHttpHeaderSize="8192" > > maxThreads="150" minSpareThreads="25" > maxSpareThreads="75" > > enableLookups="false" disableUploadTimeout="true" > > acceptCount="100" scheme="https" secure="true" > > clientAuth="false" sslProtocol="TLS" /> > > <Factory > className="org.apache.coyote.tomcat4.CoyoteServerSocketFactory" > > clientAuth="false" protocol="TLS" > > keystoreFile="keystore/.keystore" > > keystorePass="changeit" > > keystoreType="pkcs12" /> > > > Please let me know in case any other details are needed. > > > Thanks, > -Hitesh > > > > > -----Original Message----- > From: Lucas Galfaso [mailto:[EMAIL PROTECTED] > Sent: Friday, October 26, 2007 7:39 PM > To: Tomcat Users List > Subject: Re: PKCS#12 type SSL certificate support in Tomcat > > Can you post the <Connector /> configuration that you are using? > - lg > > On 10/26/07, Hitesh Raghav <[EMAIL PROTECTED]> wrote: > > Dear All, > > > > Is there any limitation to support PKCS#12 type SSL certificate in > > Tomcat. > > > > As per Tomcat User Guide, Tomcat currently operates with JKS, PKCS11 > > or > > PKCS12 format keystores. > > http://tomcat.apache.org/tomcat-5.5-doc/ssl-howto.html > > > > But, I'm unable to use PKCS#12 certificate in my Tomcat. > > > > It throws: > > > > java.io.IOException: Invalid keystore format > > at > > sun.security.provider.JavaKeyStore.engineLoad(JavaKeyStore.java:633) > > at > > > sun.security.provider.JavaKeyStore$JKS.engineLoad(JavaKeyStore.java:38) > > at java.security.KeyStore.load(KeyStore.java:1185) > > at > > org.apache.tomcat.util.net.jsse.JSSESocketFactory.getStore(JSSESocketF > > ac > > tory.java:287) > > at > > org.apache.tomcat.util.net.jsse.JSSESocketFactory.getKeystore(JSSESock > > et > > Factory.java:227) > > at > > org.apache.tomcat.util.net.jsse.JSSE14SocketFactory.getKeyManagers(JSS > > E1 > > 4SocketFactory.java:142) > > at > > org.apache.tomcat.util.net.jsse.JSSE14SocketFactory.init(JSSE14SocketF > > ac > > tory.java:110) > > at > > org.apache.tomcat.util.net.jsse.JSSESocketFactory.createSocket(JSSESoc > > ke > > tFactory.java:89) > > at > > > org.apache.tomcat.util.net.PoolTcpEndpoint.initEndpoint(PoolTcpEndpoint. > > java:293) > > at > > org.apache.coyote.http11.Http11BaseProtocol.init(Http11BaseProtocol.ja > > va > > :139) > > at > > > org.apache.catalina.connector.Connector.initialize(Connector.java:1017) > > at > > org.apache.catalina.core.StandardService.initialize(StandardService.ja > > va > > :578) > > at > > org.apache.catalina.core.StandardServer.initialize(StandardServer.java > > :7 > > 82) > > at > > org.apache.catalina.startup.Catalina.load(Catalina.java:504) > > at > > org.apache.catalina.startup.Catalina.load(Catalina.java:524) > > at sun.reflect.NativeMethodAccessorImpl.invoke0(Native > > Method) > > at > > sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.j > > av > > a:39) > > at > > sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccess > > or > > Impl.java:25) > > at java.lang.reflect.Method.invoke(Method.java:597) > > at > > org.apache.catalina.startup.Bootstrap.load(Bootstrap.java:267) > > at > > org.apache.catalina.startup.Bootstrap.main(Bootstrap.java:432) > > > > Could you please throw some light on PKCS#12 type certificate support. > > > > Please let me know in case any details are needed. > > > > > > Thanks, > > -Hitesh > > > > > > --------------------------------------------------------------------- > To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, > e-mail: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED] > > > --------------------------------------------------------------------- > To start a new topic, e-mail: users@tomcat.apache.org > To unsubscribe, e-mail: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED] > > --------------------------------------------------------------------- To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
