Hi,
I got the the "server.crt" added to the
D:\bea\jdk142_05\jre\lib\security\cacerts.
I also did the below in tomcat's server.xml. I mentioned keystoreFile in
tomcat's server.xml. Is this required or not?
<Connector port="8443" minProcessors="5" maxProcessors="75"
enableLookups="true" disableUploadTimeout="true"
acceptCount="100" debug="0" scheme="https" secure="true"
clientAuth="false" sslProtocol="TLS"
keystoreFile="D:/bea/jdk142_05/bin/server.crt"/>
When i start tomcat, i keep getting below exception
SEVERE: Error starting endpoint
java.io.IOException: Invalid keystore format
at sun.security.provider.JavaKeyStore.engineLoad(JavaKeyStore.java:629)
at java.security.KeyStore.load(KeyStore.java:652)
at
org.apache.tomcat.util.net.jsse.JSSESocketFactory.getStore(JSSESocketFactory.java:282)
at
org.apache.tomcat.util.net.jsse.JSSESocketFactory.getKeystore(JSSESocketFactory.java:222)
-- Sriram
Scott Battaglia <[EMAIL PROTECTED]> wrote: You need to delete it from BEA's
cacerts file. So append the keystore to the delete command. The file doesn't
matter as once its imported into the keystore the file is no longer relevant.
-Scott
On 6/29/07, sriram purushothaman <[EMAIL PROTECTED]> wrote:
%JAVA_HOME%\bin\keytool -delete -alias tomcat -keypass changeit
In this above command, where should i mention the old "server.crt"
or is just executing the above command is enough?
Because i run these 4 commands anyway and still get the error.
keytool -delete -alias tomcat -keypass changeit
keytool -genkey -alias tomcat -keypass changeit -keyalg RSA
keytool -export -alias tomcat -keypass changeit -file
server3.crt
keytool -import -file server3.crt -keypass changeit -keystore
D:/bea/jdk142_05/jre/lib/security/cacerts
Thanks
Scott Battaglia <[EMAIL PROTECTED]> wrote:
You'll need to delete your old certificate first using something like the
following (though it will need to be changed for your environment):
%JAVA_HOME%\bin\keytool -delete -alias tomcat -keypass
changeit
-Scott
On 6/29/07, sriram purushothaman < [EMAIL PROTECTED]> wrote:
Hi
I am following this URL to generate the SSL certificate to be used with CAS.
http://www.ja-sig.org/wiki/display/CAS/Solving+SSL+issues
I got a server.crt and it is in "D:\bea\jdk142_05\bin". This certificate is
added to my cacerts in "D:\bea\jdk142_05\jre\lib\security"
I wrongly gave my name "Sriram Purushothaman" for the "first name and last
name" question.
Now, i am trying to generate a new certificate using "localhost" as "first name
and last name" and retaining the same answer for other questions.
I have deleted the earlier "server.crt" and my attempt to import the new
"server3.crt" is failing because of this below exception
> keytool -import -file server3.crt -keypass changeit -keystore
> D:/bea/jdk142_05/jre/lib/security/cacerts
> Enter keystore password: changeit
> keytool error: java.lang.Exception: Certificate not imported, alias <mykey>
> already exists
Can you please help?
Thanks
---------------------------------
Ready for the edge of your seat? Check out tonight's top picks on Yahoo! TV.
_______________________________________________
Yale CAS mailing list
[email protected]
http://tp.its.yale.edu/mailman/listinfo/cas
--
-Scott Battaglia
LinkedIn: http://www.linkedin.com/in/scottbattaglia
_______________________________________________
Yale CAS mailing list
[email protected]
http://tp.its.yale.edu/mailman/listinfo/cas
---------------------------------
Expecting? Get great news right away with email Auto-Check.
Try the Yahoo! Mail Beta.
_______________________________________________
Yale CAS mailing list
[email protected]
http://tp.its.yale.edu/mailman/listinfo/cas
--
-Scott Battaglia
LinkedIn: http://www.linkedin.com/in/scottbattaglia
_______________________________________________
Yale CAS mailing list
[email protected]
http://tp.its.yale.edu/mailman/listinfo/cas
---------------------------------
Ready for the edge of your seat? Check out tonight's top picks on Yahoo! TV. _______________________________________________
Yale CAS mailing list
[email protected]
http://tp.its.yale.edu/mailman/listinfo/cas
