I am trying to set up SSL on tomcat with a CA certificate from goDaddy.
I am unable to load the Web Page using HTTPS.
When I try to use a self signed certificate, everything works as expected,
but when I change the keystore to point to the one with the CA certificate
in it, I get nothing. There
On Apr 4, 2014, at 1:24 PM, Mark Murphy jmarkmur...@gmail.com wrote:
I am trying to set up SSL on tomcat with a CA certificate from goDaddy.
I am unable to load the Web Page using HTTPS.
What exactly happens when you try to access it? Please include browser
behavior and any errors /
Created my keystore according to the directions here:
http://support.godaddy.com/help/article/5239/generating-a-csr-and-installing-an-ssl-certificate-in-tomcat-4x5x6x7x
This is what I see in Chrome:
SSL Connection Error
Unable to make a secure connection to the server. This may be a
problem
On Apr 4, 2014, at 2:52 PM, Mark Murphy jmarkmur...@gmail.com wrote:
Created my keystore according to the directions here:
http://support.godaddy.com/help/article/5239/generating-a-csr-and-installing-an-ssl-certificate-in-tomcat-4x5x6x7x
Ok. Good start.
This is what I see in Chrome:
SSL
1.5.0_15
On Fri, Apr 4, 2014 at 3:23 PM, Daniel Mikusa dmik...@gopivotal.com wrote:
On Apr 4, 2014, at 2:52 PM, Mark Murphy jmarkmur...@gmail.com wrote:
Created my keystore according to the directions here:
I saw something on StackOverflow that said the key type in the keystore
needs to be PrivateKeyEntry and not trustedCertEntry. Is this true? When I
look at my keystore, it is trustedCertEntry for all the certs.
But when I look at the type for the self signed certificate (which works),
it shows
On Apr 4, 2014, at 4:34 PM, Mark Murphy jmarkmur...@gmail.com wrote:
1.5.0_15
Any chance you could try a more recent JVM? Java 6 or preferably Java 7.
That’s really old.
Dan
On Fri, Apr 4, 2014 at 3:23 PM, Daniel Mikusa dmik...@gopivotal.com wrote:
On Apr 4, 2014, at 2:52 PM, Mark
On 04/04/2014 21:42, Mark Murphy wrote:
I saw something on StackOverflow that said the key type in the keystore
needs to be PrivateKeyEntry and not trustedCertEntry. Is this true? When I
look at my keystore, it is trustedCertEntry for all the certs.
But when I look at the type for the self
On Apr 4, 2014, at 4:42 PM, Mark Murphy jmarkmur...@gmail.com wrote:
I saw something on StackOverflow that said the key type in the keystore
needs to be PrivateKeyEntry and not trustedCertEntry. Is this true? When I
look at my keystore, it is trustedCertEntry for all the certs.
But when I
So let me try to understand what is going on here. I generate a keystore
using keytool, that contains a key. At this point it is equal to a self
signed certificate, and it works, but the browser complains that there is
no CA. I then need to create a certificate request ad send that off to
goDaddy.
Sorry for the dumb questions, I am new to SSL, and want to understand what
I am doing, not just run these instructions, and it should work.
On Fri, Apr 4, 2014 at 5:00 PM, Mark Murphy jmarkmur...@gmail.com wrote:
So let me try to understand what is going on here. I generate a keystore
using
Another option I normally use that may work for you (just confirmed it for
myself with tomcat):
1. Copy your private key and signed public certificate in PEM format into a
single file looking like this:
-BEGIN RSA PRIVATE KEY-
Proc-Type: 4,ENCRYPTED
DEK-Info:
On 04/04/2014 22:00, Mark Murphy wrote:
So let me try to understand what is going on here. I generate a keystore
using keytool, that contains a key. At this point it is equal to a self
signed certificate, and it works, but the browser complains that there is
no CA. I then need to create a
Mark,
On 4.4.2014 23:00, Mark Murphy wrote:
So let me try to understand what is going on here. I generate a keystore
using keytool, that contains a key. At this point it is equal to a self
signed certificate, and it works, but the browser complains that there is
no CA.
(Standard on this list
Mark,
On 4.4.2014 23:54, Mark Thomas wrote:
The CA that signed your certificate might not be one of the root CAs
trusted by the user agent. Most likely it is an intermediate CA. The
root CA will have signed the intermediate CA's certificate and the
intermediate CA will have signed your
Thanks everyone, this has been very informative.
16 matches
Mail list logo
