Re: why doesn't tomcat see my correct keystore?
* Rob Lagana [EMAIL PROTECTED] [0108 23:08]: I found out that tomcat was looking at the .keystore default... However I specified in the server.xml file the below and tomcat just ignores it. Parameter Name=keystore Value=C:/keystore/newstore / I'd try putting the path relative to $CATALINA_BASE - maybe there's a bug with the C:\ part? keystoreFile: Add this attribute if the keystore file you created is not in the default place that Tomcat expects (a file named .keystore in the user home directory under which Tomcat is running). You can specify an absolute pathname, or a relative pathname that is resolved against the $CATALINA_BASE environment variable. -- Rasputin :: Jack of All Trades - Master of Nuns -- To unsubscribe, e-mail: mailto:[EMAIL PROTECTED] For additional commands, e-mail: mailto:[EMAIL PROTECTED]
RE: why doesn't tomcat see my correct keystore?
In Tomcat 4.0.4 I have the following Connector className=org.apache.catalina.connector.http.HttpConnector address=192.168.1.4 port=443 enableLookups=true scheme=https secure=true Factory className=org.apache.catalina.net.SSLServerSocketFactory clientAuth=false protocol=TLS keystoreFile=c:\tomcat4.0\conf\sslstore keystorePass=tecnomen / /Connector What version of tomcat are you using? The reason I ask is the fact that you are using the name, value attributes? Donie -Original Message- From: Rasputin [mailto:[EMAIL PROTECTED]] Sent: 09 January 2003 12:49 To: Tomcat Users List; [EMAIL PROTECTED] Subject: Re: why doesn't tomcat see my correct keystore? * Rob Lagana [EMAIL PROTECTED] [0108 23:08]: I found out that tomcat was looking at the .keystore default... However I specified in the server.xml file the below and tomcat just ignores it. Parameter Name=keystore Value=C:/keystore/newstore / I'd try putting the path relative to $CATALINA_BASE - maybe there's a bug with the C:\ part? keystoreFile: Add this attribute if the keystore file you created is not in the default place that Tomcat expects (a file named .keystore in the user home directory under which Tomcat is running). You can specify an absolute pathname, or a relative pathname that is resolved against the $CATALINA_BASE environment variable. -- Rasputin :: Jack of All Trades - Master of Nuns -- To unsubscribe, e-mail: mailto:[EMAIL PROTECTED] For additional commands, e-mail: mailto:[EMAIL PROTECTED] -- To unsubscribe, e-mail: mailto:[EMAIL PROTECTED] For additional commands, e-mail: mailto:[EMAIL PROTECTED]
Re: why doesn't tomcat see my correct keystore?
I found out that tomcat was looking at the .keystore default... However I specified in the server.xml file the below and tomcat just ignores it. The traditional: !-- Define a SSL Coyote HTTP/1.1 Connector on port 443 -- - Connector className=org.apache.coyote.tomcat4.CoyoteConnector port=443 minProcessors=5 maxProcessors=75 enableLookups=true acceptCount=100 debug=0 scheme=https secure=true useURIValidationHack=false disableUploadTimeout=true Factory className=org.apache.coyote.tomcat4.CoyoteServerSocketFactory clientAuth=false protocol=TLS / Parameter Name=keystore Value=C:/keystore/newstore / Parameter Name=keypass Value=changeit / /Connector It sees the HTTPS port 443 but ignores the keystore and keypass parameters.. I also tried: !-- Define a SSL Coyote HTTP/1.1 Connector on port 443 -- - Connector className=org.apache.coyote.tomcat4.CoyoteConnector port=443 minProcessors=5 maxProcessors=75 enableLookups=true acceptCount=100 debug=0 scheme=https secure=true useURIValidationHack=false disableUploadTimeout=true Factory className=org.apache.coyote.tomcat4.CoyoteServerSocketFactory clientAuth=false protocol=TLS / keystoreFile=C:/keystore/newstore keystorePass=changeit / Parameter Name=keypass Value=changeit / /Connector Tomcat still does not read the values. It keeps looking at the .keystore file located in c:\documents and settings\admin\ Where can I change this path?? Thanks, Rob == Hello, Using tomcat 4.1 on a Windows 2000 sp3 system Used keytool to generate the alias tomcat and keystore called mykeystore Create a self signed cert.. used the default password changeit I then created a CSR from using the keystore.. Imported the signed cert from the external CA into the keystore mykeystore did a -list -keystore mykeystore and it should be the cert.. I then added the attributes to my server.xml file to use point to the new mykeystore location with password.. saved and started up tomcat For some reason it's still looking at the self signed cert and not the new one. What exactly is it looking at? What am I doing wrong? Thanks, Roh _ MSN 8 with e-mail virus protection service: 2 months FREE* http://join.msn.com/?page=features/virus -- To unsubscribe, e-mail: mailto:[EMAIL PROTECTED] For additional commands, e-mail: mailto:[EMAIL PROTECTED] _ MSN 8 with e-mail virus protection service: 2 months FREE* http://join.msn.com/?page=features/virus -- To unsubscribe, e-mail: mailto:[EMAIL PROTECTED] For additional commands, e-mail: mailto:[EMAIL PROTECTED]
Re: why doesn't tomcat see my correct keystore?
I solved the problem. This apparently works fine..and uses the .keystore that I am actually specifying in the server.xml. See procedures below: I created a new keystore file but this time I specified the directory to be saved in and not the default dir.. such as C:\keytool -genkey -alias myalias -keyalg RSA -keystore c:\.mykeystore Enter keystore password: password server.xml config as such: !-- Define a SSL Coyote HTTP/1.1 Connector on port 8443 -- Connector className=org.apache.coyote.tomcat4.CoyoteConnector port=443 minProcessors=5 maxProcessors=75 enableLookups=true acceptCount=100 debug=0 scheme=https secure=true useURIValidationHack=false disableUploadTimeout=true Factory className=org.apache.coyote.tomcat4.CoyoteServerSocketFactory clientAuth=false protocol=TLS keystoreFile=C:\.mykeystore keystorePass=password / /Connector _ Protect your PC - get McAfee.com VirusScan Online http://clinic.mcafee.com/clinic/ibuy/campaign.asp?cid=3963 -- To unsubscribe, e-mail: mailto:[EMAIL PROTECTED] For additional commands, e-mail: mailto:[EMAIL PROTECTED]