Your Certificate Authority (The certificate used to sign your other
certificates, in this case provided by your Windows CA Server) is not
trusted by your clients.
Are your clients internal or external to your company?
If your clients are internal, you can add the certificate to the
trusted roots
On 26.2.2011 6:42, Joseph L. Casale wrote:
I have setup a keystore as follows:
keytool -genkey -alias tomcat -keyalg RSA -dname CN=server FQDN,OU=Company
Name,O= Company Name ,L=city,ST=province,C=CA \
-keystore /path/keystore -keypass phrase -storepass phrase
...
I added the signed sert:
You must import signed certficate request under same alias you used to
generate request. So, instead of -alias tomcat2 use -alias tomcat.
Ognjen,
When I ran it that way, it gave an error (blew those notes away) and a search
led me to see someone suggesting you couldn't reuse that alias, so I
I have setup a keystore as follows:
keytool -genkey -alias tomcat -keyalg RSA -dname CN=server FQDN,OU=Company
Name,O= Company Name ,L=city,ST=province,C=CA \
-keystore /path/keystore -keypass phrase -storepass phrase
I then generated a CSR:
keytool -certreq -keyalg RSA -alias tomcat -file