James,
On 19.1.2012 18:05, James Lampert wrote:
You must find keystore with earlier generated key pair (the one you
also used to generate CSR for CA), and import all three certificates
into that keystore.
At this point, I still don't have the keystore used to generate the CSR,
but I *do* now have the CSR itself. Does that help?
No, it doesn't.
Assuming you are NOT using APR connector, the whole procedure goes like
this:
1. Generate key pair (public and private key) using keytool -genkeypair.
Both keys are kept in the keystore.
2. Export public key into CSR, and send it to the CA.
3. Receive signed public key (certificate) from CA, along with any other
necessary certificates forming keychain.
4. Import all received certificates to the keystore you used in step 1.
If you lost your keystore, that means that you lost private key. You
need to start from the beginning. Generate new keypair, and send it to
your CA. Before that, check the revocation procedure with your CA.
-Ognjen
-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org
