RE: [OT] Request: Encryption requirements for TLS and SSL for Tomcat

Emen-Eddine, > -Original Message- > From: Christopher Schultz > Sent: Wednesday, June 09, 2021 9:08 AM > To: users@tomcat.apache.org > Subject: Re: [OT] Request: Encryption requirements for TLS and SSL for > Tomcat > > Emen-Eddine, > > On 6/8/21 08:

Re: [OT] Request: Encryption requirements for TLS and SSL for Tomcat

Emen-Eddine, On 6/8/21 08:10, Emen-Eddine AISSAOUI wrote: Hello, I am contacting you regarding the cipher suite recommandations for TLS and SSL for Tomcat. This is an urgent request for a customer feedback. Since this is a customer who is presumably paying YOU for YOUR services

Re: Request: Encryption requirements for TLS and SSL for Tomcat

On 08.06.21 14:10, Emen-Eddine AISSAOUI wrote: > Hello, > > I am contacting you regarding the cipher suite recommandations for TLS and > SSL for Tomcat. > > Could you please tell us which cipher suites are used and necessary and if > there is any particular prequesites

Request: Encryption requirements for TLS and SSL for Tomcat

Hello, I am contacting you regarding the cipher suite recommandations for TLS and SSL for Tomcat. Could you please tell us which cipher suites are used and necessary and if there is any particular prequesites regarding TLS and SSL encryption for the proper functioning of Tomcat

Re: [OT] Install Comodo SSL in Tomcat

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Peter, On 1/29/20 2:26 PM, logo wrote: > Chris, > >> Am 29.01.2020 um 16:59 schrieb Christopher Schultz >> : >> > Peter, > > On 1/28/20 6:02 PM, logo wrote: > honorCipherOrder="true" protocols="TLSv1.2+TLSv1.3" >

Re: [OT] Install Comodo SSL in Tomcat

Chris, > Am 29.01.2020 um 16:59 schrieb Christopher Schultz > : > > -BEGIN PGP SIGNED MESSAGE- > Hash: SHA256 > > Peter, > > On 1/28/20 6:02 PM, logo wrote: >>> >> protocols="TLSv1.2+TLSv1.3" >>> ciphers="HIGH:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY13 >

Re: [OT] Install Comodo SSL in Tomcat

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Peter, On 1/28/20 6:02 PM, logo wrote: >> > protocols="TLSv1.2+TLSv1.3" >> ciphers="HIGH:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY13 05:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA -

Re: [OT] Install Comodo SSL in Tomcat

Chris, > Am 28.01.2020 um 19:35 schrieb Christopher Schultz > : > > -BEGIN PGP SIGNED MESSAGE- > Hash: SHA256 > > Peter, > > On 1/28/20 12:24 PM, Peter Kreuser wrote: >>> Am 28.01.2020 um 18:02 schrieb Christopher Schultz >>> : >>> >>> You have to say

Re: [OT] Install Comodo SSL in Tomcat

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Peter, On 1/28/20 12:24 PM, Peter Kreuser wrote: >> Am 28.01.2020 um 18:02 schrieb Christopher Schultz >> : >> >> You have to say certificateKeystoreType="PKCS12" (for >> , or keystoreType="PKCS12" for ) as well >> in your config. > > You don‘t

Re: [OT] Install Comodo SSL in Tomcat

Chris, > Am 28.01.2020 um 18:02 schrieb Christopher Schultz > : > > -BEGIN PGP SIGNED MESSAGE- > Hash: SHA256 > > Peter, > >> On 1/28/20 11:30 AM, Peter Kreuser wrote: >> Peter Kreuser >>> Am 28.01.2020 um 16:34 schrieb Christopher Schultz >>> : >>> >>> -BEGIN PGP SIGNED

Re: [OT] Install Comodo SSL in Tomcat

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Peter, On 1/28/20 11:30 AM, Peter Kreuser wrote: > Peter Kreuser >> Am 28.01.2020 um 16:34 schrieb Christopher Schultz >> : >> >> -BEGIN PGP SIGNED MESSAGE- Hash: SHA256 >> >> Peter, >> >> On 1/27/20 3:35 PM, logo wrote: >>> Could

Re: [OT] Install Comodo SSL in Tomcat

Chris, Peter Kreuser > Am 28.01.2020 um 16:34 schrieb Christopher Schultz > : > > -BEGIN PGP SIGNED MESSAGE- > Hash: SHA256 > > Peter, > > On 1/27/20 3:35 PM, logo wrote: >> Could you try >> openssl pkcs12 -export -in my.crt -inkey my.key -name tomcat >> -certfile my.ca-bundle

Re: [OT] Install Comodo SSL in Tomcat

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Peter, On 1/27/20 3:35 PM, logo wrote: > Could you try > > openssl pkcs12 -export -in my.crt -inkey my.key -name tomcat > -certfile my.ca-bundle -out my.jks <<— the output of pkcs12 is > already a jks!!! and -name tomcat is the alias openssl

Install comodo SSL to Tomcat

Hello everyone, So yesterday, it was possible to access to my website by 8443 port and i get an A by ssl test website. But now, i’m facing a new trouble with my tomcat and the website isn’t accessible by none of 8443 or 8080. I don’t remember changing Something sensible but i had to reinstall

Re: Install Comodo SSL in Tomcat

oding. Regards  Felix > > Peter > > >> Thank for helping me ! >>   >> Provenance : Courrier <https://go.microsoft.com/fwlink/?LinkId=550986> pour Windows 10 >>   >> De : logo <mailto:l...@kreuser.name> >> Envoyé le :lundi 27 janvier 2020 17:32 &g

Fwd: Install Comodo SSL in Tomcat

Fwd to the list > Anfang der weitergeleiteten Nachricht: > > Von: Léonard WAMBERGUE > Betreff: RE : Re: Install Comodo SSL in Tomcat > Datum: 27. Januar 2020 um 21:40:58 MEZ > An: logo > > Peter, > > Thank for your help, since my email i was able to find a

Re: Install Comodo SSL in Tomcat

assword="mypass" > keystorePass="mypass"/> » > Thank for helping me > > > Provenance : Courrier <https://go.microsoft.com/fwlink/?LinkId=550986> pour > Windows 10 > > De : logo <mailto:l...@kreuser.name> > Envoyé

Re: Install Comodo SSL in Tomcat

our > Windows 10 > > De : logo <mailto:l...@kreuser.name> > Envoyé le :lundi 27 janvier 2020 17:32 > À : Tomcat Users List <mailto:users@tomcat.apache.org> > Cc : Léonard WAMBERGUE <mailto:leonard.wambergue...@gmail.com> > Objet :Re: RE : Instal

Re: RE : Install Comodo SSL in Tomcat

2020 14:24 À : users@tomcat.apache.org Objet :Re: Install Comodo SSL in Tomcat -BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Léonard, On 1/27/20 4:57 AM, Léonard WAMBERGUE wrote: I’m resending this email because i wasn’t well subscribed to users. I have a VPS server which turn with Ubuntu and i had

RE : Install Comodo SSL in Tomcat

cat.apache.org Objet :Re: Install Comodo SSL in Tomcat -BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Léonard, On 1/27/20 4:57 AM, Léonard WAMBERGUE wrote: > I’m resending this email because i wasn’t well subscribed to users. > I have a VPS server which turn with Ubuntu and i had install

Re: Install Comodo SSL in Tomcat

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Léonard, On 1/27/20 4:57 AM, Léonard WAMBERGUE wrote: > I’m resending this email because i wasn’t well subscribed to users. > I have a VPS server which turn with Ubuntu and i had install > apache/maven and tomcat.> My server version is Apache >

Install Comodo SSL in Tomcat

Dear Sir or Madam, I’m resending this email because i wasn’t well subscribed to users. I have a VPS server which turn with Ubuntu and i had install apache/maven and tomcat. My server version is Apache Tomcat/9.0.30. So i deploy my webapp with a ROOT.war file in tomcat. The website is running on

Re: Using existing pki certificates to enable SSL on tomcat 9

in using that > existing certificate to enable SSL on Tomcat. http://tomcat.apache.org/tomcat-9.0-doc/ssl-howto.html#Importing_the_Cer tificate - -chris -BEGIN PGP SIGNATURE- Comment: Using GnuPG with Thunderbird - https://www.enigmail.net/ iQIzBAEBCAAdFiEEMmKgYcQvxMe7tcJcHPApP6U8pFgFAlwXyfkA

Using existing pki certificates to enable SSL on tomcat 9

Hi, I've installed Apache Tomcat 9 on windows 2016 64bit server. Our SA has requested a PKI certificate for the windows server feom our CA and got one. I need help with steps involved in using that existing certificate to enable SSL on Tomcat. Thank you Sam

Re: Issue while configuring keystore/SSL for Tomcat 8.5.33

of tomcat on this issue!!! > > -Original Message- > From: Sashidharan Ramamurthy > Sent: Wednesday, October 17, 2018 4:22 PM > To: users@tomcat.apache.org > Subject: FW: Issue while configuring keystore/SSL for Tomcat 8.5.33 > > Hi Tomcat user group, > > We have instal

RE: Issue while configuring keystore/SSL for Tomcat 8.5.33

Any updates users of tomcat on this issue!!! -Original Message- From: Sashidharan Ramamurthy Sent: Wednesday, October 17, 2018 4:22 PM To: users@tomcat.apache.org Subject: FW: Issue while configuring keystore/SSL for Tomcat 8.5.33 Hi Tomcat user group, We have installed and deployed

FW: Issue while configuring keystore/SSL for Tomcat 8.5.33

Hi Tomcat user group, We have installed and deployed Tomcat Version: 8.5.33 in our machine. Software: AIX We configured SSL at 8443 port using below command for creating keystore. $JAVA_HOME/bin/keytool -genkey -alias iscpkey -keystore $outputfile -keyalg RSA -dname "CN=${site},

AW: [bulk] Re: SSL on Tomcat

Betreff: [bulk] Re: SSL on Tomcat Thanks Chris, Luis On Tue, Oct 2, 2018 at 10:00 AM Luis Rodríguez Fernández wrote: > Hello Christopher, > > It makes sense, thank you very much for your advice! > > Cheers, > > Luis > > El lun., 1 oct. 2018 a las 20:39,

Re: SSL on Tomcat

Thanks Chris, Luis On Tue, Oct 2, 2018 at 10:00 AM Luis Rodríguez Fernández wrote: > Hello Christopher, > > It makes sense, thank you very much for your advice! > > Cheers, > > Luis > > El lun., 1 oct. 2018 a las 20:39, Christopher Schultz (< > ch...@christopherschultz.net>) escribió: > > >

Re: SSL on Tomcat

Hello Christopher, It makes sense, thank you very much for your advice! Cheers, Luis El lun., 1 oct. 2018 a las 20:39, Christopher Schultz (< ch...@christopherschultz.net>) escribió: > -BEGIN PGP SIGNED MESSAGE- > Hash: SHA256 > > Luis, > > On 10/1/18 11:06 AM, Luis Rodríguez

Re: SSL on Tomcat

thanks very much , I did it and it works On Mon, Oct 1, 2018 at 6:07 PM Luis Rodríguez Fernández wrote: > Hello Loai, > > Agree with Christopher, you have to fix your client. Just get the root > Certificate Authority public key and import it in your client truststore. > If you did not change it

Re: SSL on Tomcat

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Luis, On 10/1/18 11:06 AM, Luis Rodríguez Fernández wrote: > Agree with Christopher, you have to fix your client. Just get the > root Certificate Authority public key and import it in your client > truststore. I'd recommend trusting the

Re: SSL on Tomcat

Hello Loai, Agree with Christopher, you have to fix your client. Just get the root Certificate Authority public key and import it in your client truststore. If you did not change it the client (java) the default keystore is located in $JAVA_HOME/jre/lib/security/cacerts. Something like:

Re: SSL on Tomcat

Thanks Chris, but how to do it, should I copy the ssl certificate from Webserver 192.168.1.120 to my tomcat container (worker0) in 192.168.1.111 in server.xml . any idea please On Sat, Sep 29, 2018 at 1:35 AM Christopher Schultz < ch...@christopherschultz.net> wrote: > -BEGIN PGP SIGNED

Re: SSL on Tomcat

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Loai, On 9/27/18 10:50, Loai Abdallatif wrote: > Hello, > > I have Set Apache Load Balancer ( ModJK) with Server IP > 192.168.1.120 (Webserver01.epsilon.test) which forward the traffic > to tomcat server .(192.168.1.111 (appserver01.epsilon.test)

Re: SSL on Tomcat

s to the local trust store in case > of self-signed certificates. > > Guido > > > >-Original Message- > >From: Loai Abdallatif [mailto:loai.abdalla...@gmail.com] > >Sent: Thursday, September 27, 2018 4:52 PM > >To: Tomcat Users List > >Sub

RE: SSL on Tomcat

l to check the verification chain and/or add exceptions to the local trust store in case of self-signed certificates. Guido >-Original Message- >From: Loai Abdallatif [mailto:loai.abdalla...@gmail.com] >Sent: Thursday, September 27, 2018 4:52 PM >To: Tomcat Users List >S

Re: SSL on Tomcat

hello, shall I add the certificate to server.xml on tomcat server or just on Webserver On Thu, Sep 27, 2018 at 5:50 PM, Loai Abdallatif wrote: > Hello, > > I have Set Apache Load Balancer ( ModJK) with Server IP 192.168.1.120 > (Webserver01.epsilon.test) which forward the traffic to tomcat

SSL on Tomcat

Hello, I have Set Apache Load Balancer ( ModJK) with Server IP 192.168.1.120 (Webserver01.epsilon.test) which forward the traffic to tomcat server .(192.168.1.111 (appserver01.epsilon.test) each tomcat server has three workers ( 0,1,2) I deployed *Central Authentication Service* (CAS) on

re: Comments on my first 'SSL for Tomcat' write-up

Chis Schultz and Mark Thomas, I started a new thread as the old one was getting too long and getting off subject. Chris Schultz wrote -

Re: Trouble with TLS/SSL and Tomcat 8.5.23

On 23 November 2017 at 17:20, Christopher Schultz wrote: > -BEGIN PGP SIGNED MESSAGE- > Hash: SHA256 > > Richard, > > On 11/23/17 8:28 AM, Richard Tearle wrote: >> Yes I read through that thread, but we don't really like Java key >> stores, and I don't think

Re: Trouble with TLS/SSL and Tomcat 8.5.23

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Richard, On 11/23/17 8:28 AM, Richard Tearle wrote: > Yes I read through that thread, but we don't really like Java key > stores, and I don't think the work around would work for us. Java keystores are ... awful. > Instead, I did what perhaps I

Re: Trouble with TLS/SSL and Tomcat 8.5.23

ertificates) has remained the same. I did a quick >> internet search, and saw that other people had similar, but not >> exact issues, and going back to 8.5.4 "solved" the issue. So I did >> this as a quick test, so at least I could see that our >> co

Re: Trouble with TLS/SSL and Tomcat 8.5.23

at least I could see that our > configuration changes where correct, and yes the application ran ok > with Tomcat 8.5.4. The connector configuration is: > > protocol="org.apache.coyote.http11.Http11Nio2Protocol" > maxThreads="150" SSLEnabled="tr

Re: Trouble with TLS/SSL and Tomcat 8.5.23

lto:richard.tea...@northgateps.com]> >> An: users@tomcat.apache.org[mailto:users@tomcat.apache.org] >> Betreff: Trouble with TLS/SSL and Tomcat 8.5.23 >> Hello >> >> Apache Tomcat 8.5.23 >> Centos 7.4 (3.10.0-514.16.1.el7.x86_64) >> Java 1.8.0_152 (w

Aw: Trouble with TLS/SSL and Tomcat 8.5.23

Richard, > Gesendet: Mittwoch, 22. November 2017 um 14:40 Uhr > Von: "Richard Tearle" > <richard.tea...@northgateps.com[mailto:richard.tea...@northgateps.com]> > An: users@tomcat.apache.org[mailto:users@tomcat.apache.org] > Betreff: Trouble with TL

Trouble with TLS/SSL and Tomcat 8.5.23

Hello Apache Tomcat 8.5.23 Centos 7.4 (3.10.0-514.16.1.el7.x86_64) Java 1.8.0_152 (with jce) Running in Docker Container I'm upgrading our applications from Apache Tomcat 8.0.47 to 8.5.23, but when trying to get TLS/SSL working on a connector I get the following error:

Re: Trouble using SSL with Tomcat 9

, Charles R < chuck.caldar...@unisys.com> wrote: > > From: Don Flinn [mailto:fl...@alum.mit.edu] > > Subject: Re: Trouble using SSL with Tomcat 9 > > > I installed a new download of tomcat 9, established one application with > > php/java bridge (need php a

RE: Trouble using SSL with Tomcat 9

> From: Don Flinn [mailto:fl...@alum.mit.edu] > Subject: Re: Trouble using SSL with Tomcat 9 > I installed a new download of tomcat 9, established one application with > php/java bridge (need php and java access). Set the SSL port to an unused > port, 443, and ran my app who

Re: Trouble using SSL with Tomcat 9

ettings >> (or whatever >> else in whatever version of Windows may be blocking >> connections to a port). >> >> Another quick way to check if tomcat (or anything) is >> listening on port >> 8443 (and/or so

Re: Trouble using SSL with Tomcat 9

gt; else in whatever version of Windows may be blocking >> connections to a port). >> >> Another quick way to check if tomcat (or anything) is >> listening on port >> 8443 (and/or something is blocking it) would be, in a command

Re: Trouble using SSL with Tomcat 9

Obviously, access to tomcat's port 8080 is fine, so you can compare the responses above with what happens when you substitute 8080 for 8443. Once the above is really cleared up, then it may be worth looking at the rest of the information which you sent below.

Re: Trouble using SSL with Tomcat 9

>>> Another quick way to check if tomcat (or anything) is listening on port >>> 8443 (and/or something is blocking it) would be, in a command window, to >>> run the following command : >>> telnet localhost 8443 >>> (also with tomcat running) >>> I

Re: Trouble using SSL with Tomcat 9

t a blank page until you type something else). Obviously, access to tomcat's port 8080 is fine, so you can compare the responses above with what happens when you substitute 8080 for 8443. Once the above is really cleared up, then it may be worth looking at the rest of the information which you sent be

Re: Trouble using SSL with Tomcat 9

then you may get another message, due to the fact that it > expects an SSL connection. (If it did not expect an SSL connection, you'd > just get a blank page until you type something else). > Obviously, access to tomcat's port 8080 is fine, so you can compare the > responses above with wh

Re: Trouble using SSL with Tomcat 9

en you substitute 8080 for 8443. Once the above is really cleared up, then it may be worth looking at the rest of the information which you sent below. If I set CONFIDENTIAL to NONE everything works with localhost:8080. My SSL files in tomcat - *server.xml -* Connector protocol="org.a

Trouble using SSL with Tomcat 9

out protocol in any of the browsers. All the Tomcat logs show no errors or warnings. I can access applications that are not protected and tomcat itself. If I set CONFIDENTIAL to NONE everything works with localhost:8080. My SSL files in tomcat - *server.xml -* Connector protocol

Re: New to SSL - debugging tomcat

Thanks Chris, that seems to connect but sends no data back? The error is 3074385544:error:1409E0E5:SSL ... :ssl handshake failure:s3_pkt.c:637 Returns: CONNECTED(0003) --- no peer certificate available --- No client certificate CA names sent --- SSL handshake has read 0 bytes and written 0

Re: New to SSL - debugging tomcat

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Peter, On 12/22/16 12:52 PM, Peter Wallis wrote: > Ahh! changed the server.xml entries to 8443 tried: openssl s_client > -connect 192.168.1.149:8443 and got: CONNECTED(0003) > 3074541192:error:140790E5SSL routhines:SSL23_WRITE:ssl handshake >

Re: New to SSL - debugging tomcat

Ahh! changed the server.xml entries to 8443 tried: openssl s_client -connect 192.168.1.149:8443 and got: CONNECTED(0003) 3074541192:error:140790E5SSL routhines:SSL23_WRITE:ssl handshake failure:s23_lib.c:177: --- no peer certificate available --- No client certificate CA names sent --- SSL

Re: New to SSL - debugging tomcat

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Peter, On 12/22/16 11:03 AM, Peter Wallis wrote: > Hi Christopher, re 443 on *nix; yes, set AUTHBIND='yes' in > /etc/defaults/tomcat8 Okay. Are you sure you've got that configured properly? Try changing port 443 to 8443 in server.xml and bouncing

Re: New to SSL - debugging tomcat

Hi Christopher, re 443 on *nix; yes, set AUTHBIND='yes' in /etc/defaults/tomcat8 re openssl s_client -connect on a different machine; it times out Did have a thought -- one that might not be obvious to you experts -- I am serving that page via No-IP dynamic dns. Their support people are

Re: New to SSL - debugging tomcat

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Peter, On 12/22/16 2:43 AM, Peter Wallis wrote: > Hi Christopher, so it seems I have done something exceptional :-) > Thanks for taking a look... > > protocol="org.apache.coyote.http11.Http11NioProtocol" > maxThreads="150" SSLEnabled="true"

Re: New to SSL - debugging tomcat

use I can a) verify the certificate > > chain with openssl and the keystore tells me I have the > > certificates I think I have. > > What matters is what the server (Tomcat) is presenting to the client, > not what's actually in the keystore (though usually they are very > c

Re: New to SSL - debugging tomcat

they are very closely related). > I have googled for getting tomcat to give some debug information > but what I've found so far has no effect. Can someone point me to > the official how-to debug ssl issues on tomcat? There isn't really an official "Tomcat" TLS debugging how

Re: New to SSL - debugging tomcat

again > with a new csr. I have also seen that keytool will import pem files quite > happily, so I guess these instructions are correct and not out of date as I > originally thought. > > Given I seem to have a working keystore, and I have checked and rechecked > my ssl tomcat c

Re: New to SSL - debugging tomcat

tart again with a new csr. I have also seen that keytool will import pem files quite happily, so I guess these instructions are correct and not out of date as I originally thought. Given I seem to have a working keystore, and I have checked and rechecked my ssl tomcat configuration, and my s

Re: New to SSL - debugging tomcat

On Wed, Dec 21, 2016 at 1:22 AM, Peter Wallis <pwal...@acm.org> wrote: > Can someone point me to the official how-to debug ssl issues on tomcat? Did you follow the steps in this documentation? http://tomcat.apache.org/tomcat-8.0-doc/ssl-howto.html -- Hassan

New to SSL - debugging tomcat

nk I have. I have googled for getting tomcat to give some debug information but what I've found so far has no effect. Can someone point me to the official how-to debug ssl issues on tomcat? Thanks in advance, Peter

Re: Need help setting up SSL on Tomcat 8

On Mon, Jul 18, 2016 at 10:47 AM, André Warnier (tomcat) wrote: > On 18.07.2016 16:33, Sean Son wrote: > >> On Thu, Jul 14, 2016 at 8:15 AM, Ognjen Blagojevic < >> ognjen.d.blagoje...@gmail.com> wrote: >> >> Sean, >>> >>> On 13.7.2016 21:56, Sean Son wrote: >>> >>> Thank you for

Re: Need help setting up SSL on Tomcat 8

On 18.07.2016 16:33, Sean Son wrote: On Thu, Jul 14, 2016 at 8:15 AM, Ognjen Blagojevic < ognjen.d.blagoje...@gmail.com> wrote: Sean, On 13.7.2016 21:56, Sean Son wrote: Thank you for your answer guys. Is there anywhere in the Tomcat config files that I would need to specify the DNS name?

Re: Need help setting up SSL on Tomcat 8

On Thu, Jul 14, 2016 at 8:15 AM, Ognjen Blagojevic < ognjen.d.blagoje...@gmail.com> wrote: > Sean, > > On 13.7.2016 21:56, Sean Son wrote: > >> Thank you for your answer guys. Is there anywhere in the Tomcat config >> files that I would need to specify the DNS name? Like in Apache we >> would

Re: Need help setting up SSL on Tomcat 8

On Thu, Jul 14, 2016 at 8:15 AM, Ognjen Blagojevic < ognjen.d.blagoje...@gmail.com> wrote: > Sean, > > On 13.7.2016 21:56, Sean Son wrote: > >> Thank you for your answer guys. Is there anywhere in the Tomcat config >> files that I would need to specify the DNS name? Like in Apache we >> would

Re: Need help setting up SSL on Tomcat 8

Sean, On 13.7.2016 21:56, Sean Son wrote: Thank you for your answer guys. Is there anywhere in the Tomcat config files that I would need to specify the DNS name? Like in Apache we would specify the DNS name in a Virtualhost. Take a look at context xml, attribute "name" in Host element [1],

Re: Need help setting up SSL on Tomcat 8

2016-07-13 15:56 GMT-04:00 Sean Son : > Thank you for your answer guys. Is there anywhere in the Tomcat config > files that I would need to specify the DNS name? Like in Apache we would > specify the DNS name in a Virtualhost. > > No. - Daniel

Re: Need help setting up SSL on Tomcat 8

Thank you for your answer guys. Is there anywhere in the Tomcat config files that I would need to specify the DNS name? Like in Apache we would specify the DNS name in a Virtualhost. On Wed, Jul 13, 2016 at 7:56 AM, Ognjen Blagojevic < ognjen.d.blagoje...@gmail.com> wrote: > Sean, > > On

Re: Need help setting up SSL on Tomcat 8

Sean, On 12.7.2016 14:49, Sean Son wrote: Hello thank you for your response. I am currently only accessing the server using IP address only. We do not have a DNS record set up for the server as of yet. It will be something like webapp.example.com Once there is a DNS record in place, and you

Re: Need help setting up SSL on Tomcat 8

2016-07-12 14:34 GMT-04:00 Sean Son : > Are there any logs on the tomcat server that I should check in order to fix > this SSL issue? or is this strictly a certificate related issue? > At my opinion, it is a DNS issue. Your certificate specify the

Re: Need help setting up SSL on Tomcat 8

On Tue, Jul 12, 2016 at 8:49 AM, Sean Son wrote: > > > On Mon, Jul 11, 2016 at 6:25 PM, Ognjen Blagojevic < > ognjen.d.blagoje...@gmail.com> wrote: > >> On 11.7.2016 16:29, Sean Son wrote: >> >>> Here is the certificate path: >>> >>> - Go Daddy Root Certificate

Re: Need help setting up SSL on Tomcat 8

On Mon, Jul 11, 2016 at 6:25 PM, Ognjen Blagojevic < ognjen.d.blagoje...@gmail.com> wrote: > On 11.7.2016 16:29, Sean Son wrote: > >> Here is the certificate path: >> >> - Go Daddy Root Certificate Authority - G2 >>- Go Daddy Secure Certificate Authority - G2 >> - *.example.com

Re: Need help setting up SSL on Tomcat 8

On 11.7.2016 16:29, Sean Son wrote: Here is the certificate path: - Go Daddy Root Certificate Authority - G2 - Go Daddy Secure Certificate Authority - G2 - *.example.com That looks Ok. Did you, perhaps, tried to access server on subdomain of example.com?

Re: Need help setting up SSL on Tomcat 8

Here is the certificate path: - Go Daddy Root Certificate Authority - G2 - Go Daddy Secure Certificate Authority - G2 - *.example.com Thanks On Fri, Jul 8, 2016 at 6:23 PM, Ognjen Blagojevic < ognjen.d.blagoje...@gmail.com> wrote: > On 7.7.2016 23:17, Daniel Savard wrote: > >>

Re: Need help setting up SSL on Tomcat 8

On 7.7.2016 23:17, Daniel Savard wrote: Certificate Error There are issues with the site's certificate chain (net::ERR_CERT_COMMON_NAME_INVALID). Looks like adding the keyAlias to the connector did not fix anything unfortunately. Did you examined the received certificate in the browser.

Re: Need help setting up SSL on Tomcat 8

2016-07-07 14:53 GMT-04:00 Sean Son : > > > On Thu, Jul 7, 2016 at 12:24 PM, Sean Son < > linuxmailinglistsem...@gmail.com> wrote: > >> Copying Daniel and Ognjen on this >> >> On Thu, Jul 7, 2016 at 12:02 PM, Sean Son < >> linuxmailinglistsem...@gmail.com> wrote:

Re: Need help setting up SSL on Tomcat 8

On Thu, Jul 7, 2016 at 12:24 PM, Sean Son wrote: > Copying Daniel and Ognjen on this > > On Thu, Jul 7, 2016 at 12:02 PM, Sean Son < > linuxmailinglistsem...@gmail.com> wrote: > >> Hello >> >> I tried adding the keyAlias to the connector and when i restarted >>

Re: Need help setting up SSL on Tomcat 8

Copying Daniel and Ognjen on this On Thu, Jul 7, 2016 at 12:02 PM, Sean Son wrote: > Hello > > I tried adding the keyAlias to the connector and when i restarted Tomcat, > and i browsed to the sever page, I got this error: > > Certificate Error > There are

Re: Need help setting up SSL on Tomcat 8

Hello I tried adding the keyAlias to the connector and when i restarted Tomcat, and i browsed to the sever page, I got this error: Certificate Error There are issues with the site's certificate chain (net::ERR_CERT_COMMON_NAME_INVALID). Looks like adding the keyAlias to the connector did not

Re: Need help setting up SSL on Tomcat 8

2016-07-07 10:52 GMT-04:00 Sean Son : > So I should modify my connector to look like this? > > protocol="org.apache.coyote.http11.Http11NioProtocol" >maxThreads="150" keystoreFile="conf/tomcat.jks" > keystorePass="password"

Re: Need help setting up SSL on Tomcat 8

So I should modify my connector to look like this? On Wed, Jul 6, 2016 at 6:50 AM, Ognjen Blagojevic < ognjen.d.blagoje...@gmail.com> wrote: > Sean, > > On 5.7.2016 17:14, Sean Son wrote: > >> Hello Daniel and all >> >> Here is the output.. the full output >> >> http://pastebin.com/AQckw6ig

Re: Need help setting up SSL on Tomcat 8

Sean, On 5.7.2016 17:14, Sean Son wrote: Hello Daniel and all Here is the output.. the full output http://pastebin.com/AQckw6ig Keytool output indicates that there are two entries in keystore: 1. Entry with alias "root", created Jun 16, 2016, which is intermediate certificate for Go

Re: Need help setting up SSL on Tomcat 8

On Fri, Jul 1, 2016 at 6:14 PM, Daniel Savard wrote: > 2016-07-01 16:08 GMT-04:00 Christopher Schultz < > ch...@christopherschultz.net > >: > > > > > > > > > Thank you for the reply. How would I go about specifying the alias > > > of the certificate? > > > > You may

Re: Need help setting up SSL on Tomcat 8

2016-07-01 16:08 GMT-04:00 Christopher Schultz : > > > > > Thank you for the reply. How would I go about specifying the alias > > of the certificate? > > You may have to re-import it, but I've had bad experiences with Java > keystores so ALWAYS keep a backup in

Re: Need help setting up SSL on Tomcat 8

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Sean, On 7/1/16 11:11 AM, Sean Son wrote: > On Fri, Jul 1, 2016 at 2:57 AM, Daniel Savard > wrote: > >> 2016-06-29 9:08 GMT-04:00 Sean Son >> : >> >>> Hello Daniel >>> >>> Thank you for

Re: Need help setting up SSL on Tomcat 8

On Fri, Jul 1, 2016 at 2:57 AM, Daniel Savard wrote: > 2016-06-29 9:08 GMT-04:00 Sean Son : > > > Hello Daniel > > > > Thank you for the information. Here is the output of the keytool command: > > > > Keystore type: JKS > > Keystore

Re: Need help setting up SSL on Tomcat 8

2016-06-29 9:08 GMT-04:00 Sean Son : > Hello Daniel > > Thank you for the information. Here is the output of the keytool command: > > Keystore type: JKS > Keystore provider: SUN > > Your keystore contains 2 entries > > root, Jun 16, 2016, trustedCertEntry, >

Re: Need help setting up SSL on Tomcat 8

if you're simply following the quick start rules here [https://tomcat.apache.org/tomcat-8.0-doc/ssl-howto.html]. Point your browser to "https://localhost:8443/; I also get a browser warning when using this keystore, but it's net::ERR_CERT_AUTHORITY_INVALID which I would expect because I ha

Re: Need help setting up SSL on Tomcat 8

Hello Daniel Thank you for the information. Here is the output of the keytool command: Keystore type: JKS Keystore provider: SUN Your keystore contains 2 entries root, Jun 16, 2016, trustedCertEntry, Certificate fingerprint (SHA1): 27:AC:93:69:FA:F2:52:07:BB:26:27:CE:FA:CC:BE:4E:F9:C3:19:B8

Re: Need help setting up SSL on Tomcat 8

2016-06-28 16:24 GMT-04:00 Sean Son : > > as for the output to the keytool command: > > Isnt the output to that command, confidential information? > > No, there isn't anything confidential from the output of a simple -list. It doesn't display the private key or

Re: Need help setting up SSL on Tomcat 8

Here is the complete configuration as for the output to the keytool command: Isnt the output to that command, confidential information? Thanks On Tue, Jun 28, 2016 at 4:06 PM, Christopher Schultz < ch...@christopherschultz.net> wrote: > -BEGIN PGP SIGNED

Re: Need help setting up SSL on Tomcat 8

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Sean, On 6/28/16 2:31 PM, Sean Son wrote: > Hey Philip > > So i was able to get the page to connect with SSL but I noticed > that when I clicked on the little icon that looks like a lock next > to https:// in the address bar, I saw this

  1   2   3   4   >