Jerry,
On 3/11/24 14:51, Jerry Lin wrote:
Hi Chris,
There is also this:
https://tomcat.apache.org/presentations.html#latest-lets-encrypt
It's very LE-focused, but it shows you how to programmatically trigger a
reload.
Thanks for your presentation and script. We are using Let's Encrypt, so
Hi Chris,
There is also this:
> https://tomcat.apache.org/presentations.html#latest-lets-encrypt
>
> It's very LE-focused, but it shows you how to programmatically trigger a
> reload.
>
Thanks for your presentation and script. We are using Let's Encrypt, so
your material is quite relevant.
Jerry,
On 3/10/24 16:00, Jerry Lin wrote:
Hi Chuck,
Presumably, you mean “not behind https", since “Apache” refers to the
organization that develops and maintains a plethora of software products.
Yes, “not behind https" (I meant not behind an Apache HTTP server)
you can configure the
> On Mar 10, 2024, at 15:00, Jerry Lin wrote:
>
> Hi Chuck,
>
> Presumably, you mean “not behind https", since “Apache” refers to the
>> organization that develops and maintains a plethora of software products.
>>
>
Spell checker got me - I meant “httpd”, not “https”.
- Chuck
Hi Chuck,
Presumably, you mean “not behind https", since “Apache” refers to the
> organization that develops and maintains a plethora of software products.
>
Yes, “not behind https" (I meant not behind an Apache HTTP server)
> you can configure the TLS config listener:
>
>
>
> On Mar 10, 2024, at 12:39, Jerry Lin wrote:
>
> For those of us with a publicly accessible instance of Tomcat (e.g. not
> behind Apache), is there a good way of having a renewed SSL/HTTPS
> certificate take effect without restarting Tomcat?
Presumably, you mean “not behind https", since
how to reload SSL certificates without restarting Tomcat
Hello,
For those of us with a publicly accessible instance of Tomcat (e.g. not behind
Apache), is there a good way of having a renewed SSL/HTTPS certificate take
effect without restarting Tomcat?
Thank you,
Je
Hello,
For those of us with a publicly accessible instance of Tomcat (e.g. not
behind Apache), is there a good way of having a renewed SSL/HTTPS
certificate take effect without restarting Tomcat?
Thank you,
Jerry
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Laurie,
On 5/17/18 11:33 AM, Laurie Miller-Cook wrote:
> I am very new to Tomcat so please bear with me.
Welcome.
> I currently have a Thawte certificate that is installed within IIS
> for our domain that is all managed by Rackspace.
>
> I now
Hi Laurie,
This is what I do. I don't use keystore.
I use this within SSLHostConfig section.
> On May 17, 2018, at 11:33 AM, Laurie Miller-Cook
> wrote:
>
> Hi there,
>
> I am very new to Tomcat so please bear with me.
>
> I currently have a Thawte
Hi there,
I am very new to Tomcat so please bear with me.
I currently have a Thawte certificate that is installed within IIS for our
domain that is all managed by Rackspace.
I now have a new server set-up with Tomcat 8.5.11 installed and have created a
keystore.
I have been supplied by
he settings in setenv and check
port 433 still works.
Mark
>
> Senthil
>
> On Wed, Aug 9, 2017 at 1:39 AM, Mark Thomas <ma...@apache.org> wrote:
>
>> On 08/08/17 21:03, dsenthil...@gmail.com wrote:
>>>
>>>> Hello,
>>>>
>>&
;ma...@apache.org> wrote:
> On 08/08/17 21:03, dsenthil...@gmail.com wrote:
> >
> >> Hello,
> >>
> >> I have configured ssl certificates for below requirements:
> >>
> >> 1. Tomcat server certificate configuration in 's
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Senthil,
On 8/8/17 4:03 PM, dsenthil...@gmail.com wrote:
>
>> Hello,
>>
>> I have configured ssl certificates for below requirements:
>>
>> 1. Tomcat server certificate configuration in 'server.xml' file
&g
On 08/08/17 21:03, dsenthil...@gmail.com wrote:
>
>> Hello,
>>
>> I have configured ssl certificates for below requirements:
>>
>> 1. Tomcat server certificate configuration in 'server.xml' file to run
>> tomcat server on port 443
> Hello,
>
> I have configured ssl certificates for below requirements:
>
> 1. Tomcat server certificate configuration in 'server.xml' file to run tomcat
> server on port 443 and https
>
> minSpareThreads="25"
>maxS
there's the tuto :
https://fr.godaddy.com/help/tomcat-generate-csrs-and-install-certificates-5239
use sha2 root and intermediate and for the last use my_certificate
here's the repo :
https://certs.godaddy.com/repository/
Le 04/06/2016 00:18, Hardibo Pierre-Jean a écrit :
gdig2.crt is
gdig2.crt is intermediate my_certificate must be the last to configure so i
think bundle may be the root.
Le 04/06/2016 00:13, Conor Skyler a écrit :
Hello Pierre,
Yes, I contacted the technical support at GoDaddy and then basically told
me that I'm on my own and that I should find someone
Hello Pierre,
Yes, I contacted the technical support at GoDaddy and then basically told
me that I'm on my own and that I should find someone that knows how to
handle the configuration -- that's all the aid they gave me.
I think that there two separate problems here.
First one, the mismatch
there's all here no ?
https://fr.godaddy.com/help/tomcat-generate-csrs-and-install-certificates-5239
Le 03/06/2016 22:37, Conor Skyler a écrit :
Hi again,
At this point I don't know what else to try: I carefully gone through the
process stated at GoDaddy's website once again trying different
godaddy didn't give you instructions ?
Le 03/06/2016 22:37, Conor Skyler a écrit :
Hi again,
At this point I don't know what else to try: I carefully gone through the
process stated at GoDaddy's website once again trying different
combinations with the certificates (as the instructions
Hi again,
At this point I don't know what else to try: I carefully gone through the
process stated at GoDaddy's website once again trying different
combinations with the certificates (as the instructions provided by GoDaddy
doesn't match the certificates you download) but the result was the same
Hi Daniel,
Thank you very much for stepping in, I’m processing a new set of
certificates that I hope to try tomorrow.
Warm regards,
-Conor
On Tue, May 31, 2016 at 8:41 AM, Daniel Mikusa wrote:
> On Mon, May 30, 2016 at 11:26 PM, Conor Skyler
>
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Hardibo,
On 6/1/16 9:48 AM, Hardibo Pierre-Jean wrote:
> Hello, when i add the second, or i put only the second (tomcat2)
> browser doesn't reach the website but doesnt stop with error
> message.
If you connect with openssl s_client, can you see
Hello, when i add the second, or i put only the second (tomcat2) browser
doesn't reach the website but doesnt stop with error message.
Le 31/05/2016 18:52, Christopher Schultz a écrit :
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Hardibo,
On 5/31/16 10:33 AM, Hardibo Pierre-Jean wrote:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Hardibo,
On 5/31/16 10:33 AM, Hardibo Pierre-Jean wrote:
> Hello, i made two startSSL's certificates because i could only add
> 5 domains once.
??!
> When i use SSLHostConfig for the domains of the first certificate
> all is working, but when i
Hello, i made two startSSL's certificates because i could only add 5
domains once.
When i use SSLHostConfig for the domains of the first certificate all is
working, but when i try to add other domains (2° certificate) websites
are no more accessible, there's few documentation about that and no
On Mon, May 30, 2016 at 11:26 PM, Conor Skyler
wrote:
> Hello list,
>
> I'm trying to install the certificates I bought from GoDaddy into my Tomcat
> server, however so far I've been unsuccessful to achieve this.
>
> My system specs are:
> OS: Amazon Linux (fully updated)
Hello list,
I'm trying to install the certificates I bought from GoDaddy into my Tomcat
server, however so far I've been unsuccessful to achieve this.
My system specs are:
OS: Amazon Linux (fully updated)
Tomcat version: 8.0.32, installed from the repos
Java version: $ java -version
openjdk
Hi,
I am very new to JMX so maybe I miss an important piece that prevents me
from configuring SSL certificates in ProtocolHandler via JMX.
I just implemented modification of aliases property on Host via JMX
which seems to work fine. I would like to set for some of those aliases
SSL certificates
On 19/02/2016 15:23, Christopher Schultz wrote:
> Mark,
>
> On 2/18/16 5:15 PM, Mark Thomas wrote:
>> On 18/02/2016 22:03, James H. H. Lampert wrote:
>>> Out of morbid curiosity, is there a way to make a certificate
>>> update take effect without restarting Tomcat?
>
>> Sort of.
>
>> Set
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Mark,
On 2/18/16 5:15 PM, Mark Thomas wrote:
> On 18/02/2016 22:03, James H. H. Lampert wrote:
>> Out of morbid curiosity, is there a way to make a certificate
>> update take effect without restarting Tomcat?
>
> Sort of.
>
> Set bindOnInit on the
On 18/02/2016 22:03, James H. H. Lampert wrote:
> Out of morbid curiosity, is there a way to make a certificate update
> take effect without restarting Tomcat?
Sort of.
Set bindOnInit on the connector to false.
Modify the config via JMX.
Then you should be able to use JMX to call stop()
Out of morbid curiosity, is there a way to make a certificate update
take effect without restarting Tomcat?
--
JHHL
-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail:
-Original Message-
From: Rory Kelly [mailto:rory.ke...@fernsoftware.com]
Sent: Monday, March 16, 2015 7:53 AM
To: Tomcat Users List
Subject: Multiple SSL certificates on one Instance
Hey guys,
I’ve a bad feeling what I’m trying to do is impossible, and I’m going to
have
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Stefan,
On 3/16/15 5:03 PM, Stefan Frei wrote:
2 points:
configure the reverse proxy is simpler.
s/simpler/possible/
tomcat may be harder to troubleshoot issues.
Tomcat can't even do SNI at this point.
i would take the prxy to do that, in
On 16/03/2015 12:53, Rory Kelly wrote:
Hey guys,
I’ve a bad feeling what I’m trying to do is impossible, and I’m going to
have to implement a different solution. Been hunting for an answer, but
couldn’t find anything definite.
I’m running Tomcat 8.0.18,
Java 1.7.0_75-b13,
Ubuntu
Hey guys,
I’ve a bad feeling what I’m trying to do is impossible, and I’m going to
have to implement a different solution. Been hunting for an answer, but
couldn’t find anything definite.
I’m running Tomcat 8.0.18,
Java 1.7.0_75-b13,
Ubuntu 14.04.
I have multiple sites running on Virtual
hi
2 points:
configure the reverse proxy is simpler.
tomcat may be harder to troubleshoot issues.
i would take the prxy to do that, in fact we use squid rev-proxy to
solve exact the same problem.
Regards
Stefan
2015-03-16 14:16 GMT+01:00 Mark Thomas ma...@apache.org:
On 16/03/2015 12:53,
On Wed, Nov 26, 2014 at 7:21 PM, Christopher Schultz
ch...@christopherschultz.net wrote:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
To whom it may concern,
On 11/26/14 12:00 PM, Kernel freak wrote:
On Wed, Nov 26, 2014 at 5:33 PM, Christopher Schultz
ch...@christopherschultz.net
Hello,
After arguing with the admins for all this time, I finally have the few
files ready. I have the following files :
keystore.p12, server.crt, ssl-cert-snakeoil.key, domainname.com.ca-bundle,
domainname.com.crt domainname.com.csr domainname.com.key, vsftpd.pem.
I did the following as
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
To whom it may concern,
On 11/26/14 9:03 AM, Kernel freak wrote:
After arguing with the admins for all this time, I finally have the
few files ready. I have the following files :
keystore.p12
That should contain your key. Can you confirm that
On Wed, Nov 26, 2014 at 5:33 PM, Christopher Schultz
ch...@christopherschultz.net wrote:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
To whom it may concern,
On 11/26/14 9:03 AM, Kernel freak wrote:
After arguing with the admins for all this time, I finally have the
few files ready.
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
To whom it may concern,
On 11/26/14 12:00 PM, Kernel freak wrote:
On Wed, Nov 26, 2014 at 5:33 PM, Christopher Schultz
ch...@christopherschultz.net wrote:
To whom it may concern,
On 11/26/14 9:03 AM, Kernel freak wrote:
After arguing
Hello Christopher,
I don't have the server.key and server.crt. I have root access to server, I
can generate my own if necessary. I only have .crt and .ca-bundle file. Can
you tell me what to do. Thank you very much for your help.
On Mon, Nov 24, 2014 at 7:48 PM, Christopher Schultz
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
To whom it may concern,
On 11/25/14 3:32 AM, Kernel freak wrote:
I don't have the server.key and server.crt. I have root access to
server, I can generate my own if necessary. I only have .crt and
.ca-bundle file. Can you tell me what to do.
Hello friends,
I am using apache tomcat and I would like to deploy a Spring-MVC
application which I am working on. In that, via Spring-Security I have
specified to use https which requires to install the SSL certificate on the
server.
I am running a Debian Wheezy server, and I have certificate
Hi Kernel,
I think you have create a keystore from the cert, please follow these
instruction and ket me know.
Create store with temporary key inside:
keytool -genkey -alias alias name -keystore yourkeystore.jks -storepass
Hello1
Then delete existing entry:
keytool -delete -alias temp -keystore
Thank you, and what about the CA-Bundle file? Did you got a chance to look
at the question I have posted on Stackoverflow mentioned in the original
question?
On Mon, Nov 24, 2014 at 4:51 PM, Niranjan Babu Bommu
niranjan.bo...@gmail.com wrote:
Hi Kernel,
I think you have create a keystore
Sorry, I did not notice that.
- *Import a root or intermediate CA certificate to an existing Java
keystore*
keytool -import -trustcacerts -alias root -file *ca.crt* -keystore
*yourkeystore.jks*
On Mon, Nov 24, 2014 at 11:02 AM, Kernel freak kernelfr...@gmail.com
wrote:
Thank
I have added the certificate. I modified the server.xml code to add the
following lines :
Connector port=8443 protocol=HTTP/1.1 SSLEnabled=true
maxThreads=150
scheme=https secure=true clientAuth=false
sslProtocol=TLS
keystoreFile=/root/.keystore keystorepass=password
Are you able to see the 8443 port listening?
nc -z ipaddress 8443
On Mon, Nov 24, 2014 at 11:25 AM, Kernel freak kernelfr...@gmail.com
wrote:
I have added the certificate. I modified the server.xml code to add the
following lines :
Connector port=8443 protocol=HTTP/1.1 SSLEnabled=true
it works for me with this conf.
Connector port=8443 protocol=HTTP/1.1 SSLEnabled=true
address=IPADDRESS
executor=THREADNAME scheme=https secure=true
keystoreFile=PATH of keystore file
keystorePass=PASSWRD
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Niranjan,
On 11/24/14 10:51 AM, Niranjan Babu Bommu wrote:
I think you have create a keystore from the cert, please follow
these instruction and ket me know.
Create store with temporary key inside:
keytool -genkey -alias alias name
: Monday, March 31, 2014 2:58 PM
To: Tomcat Users List
Subject: Re: SSL Certificates
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Ninthun,
On 3/31/14, 10:19 AM, Bomma, Nithun wrote:
Hello,
We are using WebSphere v6.1 for SSO and we are moving to ForgeRock and
it uses Apache Tomcat (v7.0.37
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Nithun,
On 4/1/14, 4:02 PM, Bomma, Nithun wrote:
I want to get public private keys from WebSphere and import into
Tomcat.
We have WebSphere certificates (Signed by Verisign) until 2015 and
we want to use the same in tomcat.
Where are the
Hello,
We are using WebSphere v6.1 for SSO and we are moving to ForgeRock and it uses
Apache Tomcat (v7.0.37)
We are trying to import the certificates (Verisign) including the chain
certificates from WebSphere to Tomcat.
Have any of you did this before? If yes, could you help us out?
Thanks,
On Mon, Mar 31, 2014 at 7:19 AM, Bomma, Nithun nithun.bo...@amtrak.comwrote:
Hello,
We are using WebSphere v6.1 for SSO and we are moving to ForgeRock and it
uses Apache Tomcat (v7.0.37)
We are trying to import the certificates (Verisign) including the chain
certificates from WebSphere to
(Operations)
AIM: nithunbomma
EMAIL: nithun.bo...@amtrak.com
Desk: 215-349-2065; ATS: 728-2065; Cell: 215-704-4981
-Original Message-
From: Leo Donahue [mailto:donahu...@gmail.com]
Sent: Monday, March 31, 2014 10:39 AM
To: Tomcat Users List
Subject: Re: SSL Certificates
On Mon, Mar 31, 2014
List
Subject: Re: SSL Certificates
On Mon, Mar 31, 2014 at 7:19 AM, Bomma, Nithun nithun.bo...@amtrak.com
wrote:
Hello,
We are using WebSphere v6.1 for SSO and we are moving to ForgeRock and
it uses Apache Tomcat (v7.0.37)
We are trying to import the certificates (Verisign) including
On 3/31/14 10:32 AM, Blume Wolfgang wrote:
Hi,
If your certificate need not be changed,
then you need not create a new Certificate Signing Request (CSR) to get a
new certificate,
but only do the Importing the Certificate part of the description:
Import chain certificate, then your existing
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Ninthun,
On 3/31/14, 10:19 AM, Bomma, Nithun wrote:
Hello,
We are using WebSphere v6.1 for SSO and we are moving to ForgeRock
and it uses Apache Tomcat (v7.0.37)
We are trying to import the certificates (Verisign) including the
chain
Hi James,
Thanks a lot. I followed your steps but seems I am getting different error
as if the signed certificate is not dns based. The original self signed
certificate was able to work fine in dns based format for keytool when I
imported it into client keystore.
below I created the self
Miten,
On 17.1.2014 14:33, Miten Mehta wrote:
The catalina.out complaines with SSL handshake stating No Name matching
mhoodws.ril.local found.
For security reasons, CA shouldn't sign any certificate containing
internal server name (either as CN, or subjectAltName):
As of July 1, 2012, all
What's the alternative to using subjectAltName? I thought it was flexible
to make certificate portable across our development environments. Should I
use IP (internal instead)? - Miten.
On Jan 17, 2014 7:31 PM, Ognjen Blagojevic ognjen.d.blagoje...@gmail.com
wrote:
Miten,
On 17.1.2014 14:33,
If I remove internal /etc/hosts lookup entry should it resolve or you mean
CA just dropped subjectAltName even though I included. - miten
On Jan 17, 2014 7:31 PM, Ognjen Blagojevic ognjen.d.blagoje...@gmail.com
wrote:
Miten,
On 17.1.2014 14:33, Miten Mehta wrote:
The catalina.out complaines
Hi Ognjen,
Reading the pdf link you provided it seems that I should use ip based
certificates and for each different ip which needs certificate I will have
to request one.
I should use -ext san=ip:$ip instead of -ext san=dns:$host.
Then CA will not drop the details.
Regards,
Miten.
On Fri,
At this point, if you haven't already done so, I would strongly suggest
getting your CA's tech support in on this.
Of course, your latest posts also beg the question of why you would be
spending good money on a signed SSL certificate for an internal web
site, or why you'd be using an internal
On 17.1.2014 19:14, James H. H. Lampert wrote:
At this point, if you haven't already done so, I would strongly suggest
getting your CA's tech support in on this.
+1
Reserved IP addresses and internal server names are not unique on the
Internet, so the certificates for them may be reused in
Hi,
I am understanding SSL for tomcat using
http://tomcat.apache.org/tomcat-6.0-doc/ssl-howto.html.
1)I create jks using self signed certificate using keytool.
2) I generate CSR from that keystore/certificate.
3) I get it signed by CA who gives me root certificate and signed
certificate.
4) I
On 1/16/14 9:01 AM, Miten Mehta wrote:
Hi,
I am understanding SSL for tomcat using
http://tomcat.apache.org/tomcat-6.0-doc/ssl-howto.html.
1)I create jks using self signed certificate using keytool.
2) I generate CSR from that keystore/certificate.
3) I get it signed by CA who gives me root
Hi,
Adding more clarification for ease below.
1) create keystore.jks with self signed cert (alias tomcat).
2) generate old.csr and send for signing to CA
3) get back new.cer (signed certificate) and root.cer (root certificate)
4) delete existing cert from keystore.jks (alias tomcat)
5) import
:Re: SSL certificates
Hi,
Adding more clarification for ease below.
1) create keystore.jks with self signed cert (alias tomcat).
2) generate old.csr and send for signing to CA
3) get back new.cer (signed certificate) and root.cer (root certificate)
4) delete existing cert from keystore.jks
? will existing become redundant ?
NO, the SIGNED certificate will, at least in effect, be MERGED with the
original certificate.
Deleting the original certificate from the keystore before importing the
signed one will render the signed certificate WORTHLESS.
--
James H. H. Lampert
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Miten,
On 1/16/14, 12:09 PM, Miten Mehta wrote:
Hi,
Adding more clarification for ease below.
1) create keystore.jks with self signed cert (alias tomcat).
Why are you self-signing a certificate if you are going to get it
signed by a CA?
On 1/16/14 1:49 PM, Christopher Schultz wrote:
Why are you self-signing a certificate if you are going to get it
signed by a CA?
A newly-created keypair in a Java keystore is, by definition, a
self-signed certificate. And you can't create a CSR without having a
keypair from which to create
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
James,
On 1/16/14, 5:04 PM, James H. H. Lampert wrote:
On 1/16/14 1:49 PM, Christopher Schultz wrote:
Why are you self-signing a certificate if you are going to get
it signed by a CA?
A newly-created keypair in a Java keystore is, by
Christopher Schultz wrote:
That is always true. But you don't need a certificate to create a CSR.
shrug
If Keytool and the Java Keystore format even recognize any difference
between the concepts of keypair and self-signed certificate, it
would be news to me.
shrug
Speaking of one who
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
James,
On 1/16/14, 6:18 PM, James H. H. Lampert wrote:
Christopher Schultz wrote:
That is always true. But you don't need a certificate to create a
CSR.
shrug If Keytool and the Java Keystore format even recognize any
difference between the
Christopher Schultz wrote:
:)
Give me OpenSSL any day of the week. ;)
Dunno. Can't recall ever having any experience with it at all. Just DCM
(for securing IBM-proprietary servers, like their Secured Telnet [NOT
ssh] server and their various proprietary web-serving products), and
Keytool
06, 2013 12:25 PM
To: Tomcat Users List
Subject: RE: Error configuring tomcat with ssl certificates
-Original Message-
From: Siddhi Borkar [mailto:siddhi_bor...@persistent.co.in]
Sent: 06 March 2013 12:15
To: users@tomcat.apache.org
Subject: Error configuring tomcat with ssl certificates
Siddhi,
On 6.3.2013 10:41, Siddhi Borkar wrote:
The certificate that I am using is RSA based certificate, I tried listing the
RSA based ciphers in the server the xml, however it still gave me the same
error.
Connector port=443 protocol=HTTP/1.1 SSLEnabled=true
-Original Message-
From: Siddhi Borkar [mailto:siddhi_bor...@persistent.co.in]
Sent: 06 March 2013 15:12
To: Tomcat Users List
Subject: RE: Error configuring tomcat with ssl certificates
Thanks Brijesh,
The certificate that I am using is RSA based certificate, I tried listing the
RSA
Thanks a lot Ognjen, The solution you provided worked very well.
-Original Message-
From: Ognjen Blagojevic [mailto:ognjen.d.blagoje...@gmail.com]
Sent: Wednesday, March 06, 2013 3:31 PM
To: Tomcat Users List
Subject: Re: Error configuring tomcat with ssl certificates
Siddhi
Hi,
I need help configuring tomcat 6 will ssl certificates. I have been provided
with the following
cacert.pem
prvkey.key
and sslcert.crt
I tried the following steps:
1) Generated a keystore using java keytool and the certificate file using
the following command.
keytool -import
-Original Message-
From: Siddhi Borkar [mailto:siddhi_bor...@persistent.co.in]
Sent: 06 March 2013 12:15
To: users@tomcat.apache.org
Subject: Error configuring tomcat with ssl certificates
Hi,
I need help configuring tomcat 6 will ssl certificates. I have been provided
I am using ActiveMQ and its activemq.xml file has a section where the
keystore and truststore point to those files. So I assume that means that
there is a way to set these at runtime. Still leaves me with the question
of whether I can set these at runtime from my app on Tomcat.
On Mon, Feb 6,
From: Peter Kleczka [mailto:pklec...@gmail.com]
Subject: Re: Web app calls JMS over SSL - certificates
I am using ActiveMQ and its activemq.xml file has a section where the
keystore and truststore point to those files. So I assume that means that
there is a way to set these at runtime
it on the
Tomcat server other than setting the keystore properties in the JVM VM
startup parameters.
On Tue, Feb 7, 2012 at 9:10 AM, Caldarale, Charles R
chuck.caldar...@unisys.com wrote:
From: Peter Kleczka [mailto:pklec...@gmail.com]
Subject: Re: Web app calls JMS over SSL - certificates
I am
From: Peter Kleczka [mailto:pklec...@gmail.com]
Subject: Re: Web app calls JMS over SSL - certificates
What I would like to do is tell my application where my keystore
files are located rather than load them through the JVM.
So what stops you from doing that? There are numerous ways
On 6 Feb 2012, at 23:10, Peter Kleczka pklec...@gmail.com wrote:
Hello
I have a web app on Tomcat 6.0.24. The app needs to call a JMS app on
another server over SSL. I installed the keystore/truststore files in
$CatalinaHome/conf/certs and set VM arguments so that the JVM knows where
to
On 12/08/2011 02:26, Darryl Lewis wrote:
Our certificates are about to expire and I need to generate new ones for
tomcat. I'm using keytool, but getting a strange error.
Please start an entirely new thread, rather than replying to an existing
email just editing the subject body (which is
Our certificates are about to expire and I need to generate new ones for
tomcat. I'm using keytool, but getting a strange error.
[root]# keytool -genkey -alias tomcat -keyalg RSA -keysize 2048 -keystore
keystore
Enter keystore password:
keytool error: java.lang.Exception: Key pair not
Hi
I'm not using XP, but a Unix server OS, and my domains are radically
different - so the wildcard cert won't work either. sigh
This is not about the OS the tomcat is running on, but about the OS the
client browser is using...
There are certificates with multiple names (even radically
Mar 2010 08:38:40 -0500
From: d...@cornell.edu
To: users@tomcat.apache.org
Subject: Re: Multiple SSL certificates on same server
On 3/8/2010 6:46 PM, Richard Huntrods wrote:
Does anyone know if it is possible, or has anyone done this:
I have two applications running on a single server
On 3/8/2010 6:46 PM, Richard Huntrods wrote:
Does anyone know if it is possible, or has anyone done this:
I have two applications running on a single server. The applications
use different domains and URLs, so the single Tomcat instance can
easily tell them apart. (Note: this part is
On 03/08/2010 06:46 PM, Richard Huntrods wrote:
Does anyone know if it is possible, or has anyone done this:
I have two applications running on a single server. The applications
use different domains and URLs, so the single Tomcat instance can
easily tell them apart. (Note: this part is
Does anyone know if it is possible, or has anyone done this:
I have two applications running on a single server. The applications use
different domains and URLs, so the single Tomcat instance can easily
tell them apart. (Note: this part is currently working just fine).
-Original Message-
From: Richard Huntrods [mailto:huntr...@nucleus.com]
Sent: Monday, March 08, 2010 18:46
To: users@tomcat.apache.org
Subject: Multiple SSL certificates on same server
Does anyone know if it is possible, or has anyone done this:
I have two applications
On 03/08/2010 06:46 PM, Richard Huntrods wrote:
Does anyone know if it is possible, or has anyone done this:
I have two applications running on a single server. The applications
use different domains and URLs, so the single Tomcat instance can
easily tell them apart. (Note: this part is
1 - 100 of 153 matches
Mail list logo