Alexey Eronko wrote:
Hello Guys!
Don't beat me because I found so much docs about ssl and keystore but I
can't get it working with together.
I have pem cert,rsa_key and ca cert from my own CA. I don't understand what
kind of cert do I need in keystore to make it works on tomcat.
I tried
keytool -import -alias tomcat -trustcacerts –file myserver.pem -keystore
keystore.jks
And I Got error in tomcat :
java.net.SocketException: SSL handshake errorjavax.net.ssl.SSLException: No
available certificate or key corresponds to the SSL cipher suites which are
enabled.
at
org.apache.tomcat.util.net.jsse.JSSESocketFactory.acceptSocket(JSSESocketFactory.java:150)
at
org.apache.tomcat.util.net.JIoEndpoint$Acceptor.run(JIoEndpoint.java:310)
at java.lang.Thread.run(Thread.java:619)
Aug 27, 2008 5:56:28 PM org.apache.tomcat.util.net.JIoEndpoint$Acceptor run
SEVERE: Socket accept failed
I thought that I need to Impot rsa key also, I tried :
keytool -import -alias tomcat3 -keyalg RSA -file key -trustcacerts
-keystore .keystore
I got :
keytool error: java.lang.Exception: Input not an X.509 certificate
I've already lost 5 hours to solve this problem, could you please assist me
.
Thanks a lot
Alex
AFAIK java uses DER format for keystore
so , you have to convert .pem to .der
openssl x509 -in cacert.pem -inform PEM -out cacert.der -outform DER
keytool -import -alias tomcat -keystore
/usr/java/jdk1.6.0_04/jre/lib/security/cacerts -file cacert.der
Alex
---------------------------------------------------------------------
To start a new topic, e-mail: users@tomcat.apache.org
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]