As I unterstand the mails before, you are merging Java-Certificates with OpenSSL ones.
In the Tomcat connector you should use a SUN-JKS keystore instead of PEM-Files (usually created by OpenSSL utilities). Enter "Tomcat SSL keystore" in Google to get the recommended how-to. Be aware of the following recommendations (even though there are alternatives, but first you should get working your SSL connector): - To work with Tomcat, the referenced keystore must contain a certificate with the "-alias tomcat", usually with the default password changeit (the same as cacerts keystore has). - To create the needed keystore you need to use the keytool utility of the JDK (or a GUI based utility like Porteclè). - Don't forget to add the chain to cacerts by the keytool argument "-trustcacerts" when importing the signed certificate. Regards, Johann -----Ursprüngliche Nachricht----- Von: Neha Agrawal [mailto:[EMAIL PROTECTED] Gesendet: Samstag, 12. Jänner 2008 01:50 An: Tomcat Users List Betreff: RE: tomcat not working with HTTPS hi! <Connector port="8443" maxHttpHeaderSize="8192" maxThreads="150" minSpareThreads="25" maxSpareThreads="75" enableLookups="false" disableUploadTimeout="true" acceptCount="100" scheme="https" secure="true" SSLEngine="on" SSLCertificateFile="${catalina.base}/conf/localhost.crt" SSLCertificateKeyFile="${catalina.base}/conf/localhost.key" SSLPassword="phrase" /> is in my server.xml file where 'phrase' is the secret phrase when i created the newkey.pem > Are you sure you're building a keystore compatible > with OpenSSL? > what exactly does it imply? as i wrote earlier i just created a New CA its private key, then generateda new certificate request thus i got newcert.pem and newkey.pem I did this using CA.pl and openssl.cnf fro mthe source code of open-ssl these 2 files are copied to localhost.key and .cert in the connector... i dont know what to do with the .keystore file it is in JKS format and i have done any import/export operation can someone guide me on this please neha Unlimited freedom, unlimited storage. Get it now, on http://help.yahoo.com/l/in/yahoo/mail/yahoomail/tools/tools-08.html/ --------------------------------------------------------------------- To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] --------------------------------------------------------------------- To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]