Hi all, It is resolved. casuser# mkdir /opt/tomcat/keystore casuser# openssl pkcs12 -export -in /etc/letsencrypt/live/cas.domain.com/fullchain.pem -inkey /etc/letsencrypt/live/cas.domain.com/privkey.pem -out /opt/tomcat/keystore/cas.domain.com.p12 -password pass:changeit casuser# keytool -importkeystore -srckeystore /opt/tomcat/keystore/cas.sentrasoft.com.p12 -srcstoretype pkcs12 -srcstorepass changeit -destkeystore /opt/tomcat/keystore/cas.sentrasoft.com.keystore -deststoretype jks -deststorepass changeit
*In /opt/tomcat/conf/server.xml *use this: <Connector protocol="org.apache.coyote.http11.Http11NioProtocol" port="8443" maxThreads="150" scheme="https" secure="true" SSLEnabled="true" keystoreFile="/opt/tomcat/keystore/cas.domain.com.keystore" keystorePass= "changeit" clientAuth="false" sslProtocol="TLS" /> Thank you all. -- - Website: https://apereo.github.io/cas - Gitter Chatroom: https://gitter.im/apereo/cas - List Guidelines: https://goo.gl/1VRrw7 - Contributions: https://goo.gl/mh7qDG --- You received this message because you are subscribed to the Google Groups "CAS Community" group. To unsubscribe from this group and stop receiving emails from it, send an email to cas-user+unsubscr...@apereo.org. To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/fe339f3d-a455-459e-9d38-0e04129b15ab%40apereo.org.