Singleton [EMAIL PROTECTED] wrote:
Justin Jaynes wrote:
...But now I would like to put up a new
site that is completely independant of the others.
It
needs its own SSL cert and it needs four host
names to
all point to the same place and redirect to just
one
of the domain names so
-Message d'origine-
De : Paul Singleton [mailto:[EMAIL PROTECTED]
Envoyé : mardi 9 août 2005 15:47
À : Tomcat Users List
Objet : Re: Using more than one SSL cert in keystore?
Justin Jaynes wrote:
Thanks. I am doing as you have instructed. I hope to
set up client-side
Paul Singleton wrote re' client-side redirects:
You can do it like this (relies on JavaScript):
You can also use this META tag in the head of the document:
meta http-equiv=refresh content=0;url=http://example.com; /
(The first part of content is the interval in seconds before the
:
...But now I would like to put up a new
site that is completely independant of the others.
It
needs its own SSL cert and it needs four host
names to
all point to the same place and redirect to just
one
of the domain names so that the SSL cert will be
valid, regardless of how
; [EMAIL PROTECTED]
Subject: Re: Using more than one SSL cert in keystore?
Justin Jaynes wrote:
...But now I would like to put up a new site that is completely
independant of the others. It needs its own SSL cert and it needs
four host names to all point to the same place and redirect
Justin Jaynes wrote:
...But now I would like to put up a new
site that is completely independant of the others. It
needs its own SSL cert and it needs four host names to
all point to the same place and redirect to just one
of the domain names so that the SSL cert will be
valid, regardless
Hi!
My certificate expired so I ordered a new one, I removed the old one in
my keystore and added the new one. I can look at my certificate with
keytool -list and its there and looks correct.
However, when I try to use the site it sends me the old one, claiming it
has expired.
Could I be doing
Did you restart tomcat ?
-Original Message-
From: Andreas Andersson [mailto:[EMAIL PROTECTED]
Sent: 02 August 2005 15:51
To: tomcat-user@jakarta.apache.org
Subject: SSL cert
Hi!
My certificate expired so I ordered a new one, I removed the old one in
my keystore and added the new one
Raghupathy,Gurumoorthy wrote:
Did you restart tomcat ?
Of course, several times just to be sure :)
--
Andreas Andersson
IT Dept.
Travelstart Nordic
[EMAIL PROTECTED]
http://www.travelstart.se
-
To unsubscribe, e-mail: [EMAIL
cert and it needs four host names to
all point to the same place and redirect to just one
of the domain names so that the SSL cert will be
valid, regardless of how the users chose to get to my
site.
Is it possible to do Virtual Hosting using IP's on a
Tomcat standalone installation? Or will it only
If I host more than one domain on my tomcat
installation (standalone, not with apache), can I
imort an SSL certificate for each domain and will
tomcat just know which to use for which hosts?
Justin Jaynes
-
To unsubscribe,
In the (brief) interim between my asking the original
question below, and now, I have found additional
information--SSL must occur before HTTP handshake, and
will therefore not work on hosts based on the same IP.
I have more than one IP available from my ISP. I
suppose the question would better
List tomcat-user@jakarta.apache.org
Subject: Re: Using more than one SSL cert in keystore?
In the (brief) interim between my asking the original
question below, and now, I have found additional
information--SSL must occur before HTTP handshake, and
will therefore not work on hosts based on the same
Subject: Re: Help with SSL Cert config
#Import the CA certificate into the JDK certificate authorities
keystore:
keytool -import -keystore %JAVA_HOME%/jre/lib/security/cacerts -file
ca.pem -alias myalias -keypass changeit
This is either/or with truststoreFile (which, since you
and that didn't help either. Anything else I'm missing?
- Original Message -
From: Bill Barker [EMAIL PROTECTED]
To: tomcat-user@jakarta.apache.org
Sent: Friday, March 25, 2005 10:13 PM
Subject: Re: Help with SSL Cert config
joelsherriff [EMAIL PROTECTED] wrote in message
news:[EMAIL PROTECTED
-storepass changeit
I get a 'Failed to establish chain from reply' exception at his point.
- Original Message -
From: joelsherriff [EMAIL PROTECTED]
To: Tomcat Users List tomcat-user@jakarta.apache.org
Sent: Saturday, March 26, 2005 11:24 AM
Subject: Re: Help with SSL Cert config
Ah. Thanks
11:24 AM
Subject: Re: Help with SSL Cert config
Ah. Thanks for the help, truly, but I'm still not getting there. I
didn't
even know about the truststoreFile so I googled it and saw mention that
the
easiest thing to do is to set the truststoreFile = the keystoreFile,
since
that already
above.
- Original Message -
From: joelsherriff [EMAIL PROTECTED]
To: Tomcat Users List tomcat-user@jakarta.apache.org
Sent: Saturday, March 26, 2005 11:24 AM
Subject: Re: Help with SSL Cert config
Ah. Thanks for the help, truly, but I'm still not getting there. I
I'm resending this message because a) for some reason I didn't see it on the
list after I sent it and b) I never got any responses (maybe because of _a_).
So, if my original post did actually make it to the list, please forgive the
re-post.
Hope someone can help. I've searched through the
You need to put your CA cert into your Tomcat truststoreFile. Otherwise,
you client's cert won't be trusted.
joelsherriff [EMAIL PROTECTED] wrote in message
news:[EMAIL PROTECTED]
I'm resending this message because a) for some reason I didn't see it on the
list after I sent it and b) I never
@jakarta.apache.org
Sent: Friday, March 25, 2005 8:51 PM
Subject: Re: Help with SSL Cert config
You need to put your CA cert into your Tomcat truststoreFile. Otherwise,
you client's cert won't be trusted.
joelsherriff [EMAIL PROTECTED] wrote in message
news:[EMAIL PROTECTED]
I'm resending
. No?
No. That's putting it into your keystoreFile. The keystoreFile is to
identify you. The truststoreFile is to identify other people.
- Original Message -
From: Bill Barker [EMAIL PROTECTED]
To: tomcat-user@jakarta.apache.org
Sent: Friday, March 25, 2005 8:51 PM
Subject: Re: Help with SSL
Hope someone can help. I've searched through the archives and this seems to be
a common problem, but even detailed instructions
have left me stumped. I'm trying to get client certificates to be required by
tomcat by setting clientAuth=true but I can't seem to figure out how
to get the client
a SocketException with the message SSL Cert handshake
timeout, and the requested resource does not load.
Googling for the SocketException message above shows five links, three
of which contain code from the tomcat-devel list, but I didn't find any
suggested fixes. Do I need to dig deeper in Google? I do realize
6/3/2003 1:41 PM
To: Tomcat Users List
Cc:
Subject: RE: Multiple SSL cert for Tomcat
Hi Roman,
Is it possible to paste a sample of your server.xml
with -
Define multiple Connectors for the SSL port, each
All,
From reading the SSL howto, it looks like I can have
multiple SSL cert with different passwd (if needed) in
the same keystore file.
Situation,
1 server, common web application - 2 gua with 2
different URL's (each with their own ssl cert)
Questions,
1. Can I serve both sites from one
which SSL certificate to use for
decryption.
The way I've done it:
- Separate IP addresses for each distinct domain name/SSL cert combination
- Define multiple Connectors for the SSL port, each with a distinct IP address AND
distinct keystore file
- Each keystore file has an individual SSL
it:
- Separate IP addresses for each distinct domain
name/SSL cert combination
- Define multiple Connectors for the SSL port, each
with a distinct IP address AND distinct keystore
file
- Each keystore file has an individual SSL
certificate stored in it (with key name 'tomcat')
Hope
I'm attempting to break down each of my individual problems into separate
posts, hoping that makes it a little easier to address each issue.
This error appears in my catalina.out even though my webapp works properly.
Any suggestions on what would cause this error? I checked the line
indicated
This is a known problem. See
http://nagoya.apache.org/bugzilla/show_bug.cgi?id=15456 for more details.
It has to do with the (non-existent) client cert, and has nothing to do with
the Apache cert. Also (besides filling up log space), it's pretty harmless.
Denise Mangano [EMAIL PROTECTED] wrote
to this
question in the archives, etc...
I'm using Tomcat 4.1.12 on RH Linux 7.3, as a
standalone (w/o apache).
I generated a CSR for my SSL cert using 'openssl'
(not 'keytool').
After I received the official cert from Verisign, I
created a new
keystore file (using 'keytool') by importing
New to the list, so far I haven't found a definitive answer to this
question in the archives, etc...
I'm using Tomcat 4.1.12 on RH Linux 7.3, as a standalone (w/o apache).
I generated a CSR for my SSL cert using 'openssl' (not 'keytool').
After I received the official cert from Verisign, I
Jeff,
I haven't done that, yet, but does this help?
http://marsalis.internet2.edu/cgi-bin/viewcvs.cgi/*checkout*/shibboleth/DEPL
OY-GUIDE-ORIGIN.html?rev=HEADcontent-type=text/html#4.b.i.
--- Noel
--
To unsubscribe, e-mail: mailto:[EMAIL PROTECTED]
For additional commands, e-mail:
33 matches
Mail list logo