Re: Installing certificate chain on Tomat
Maybe you are getting the certificate myhost issued by CA X is not trusted,
because you a fucking virus
-Original Message-
From: /U [uma...@comcast.net]
Date: 04/10/2010 12:02 AM
To: users@tomcat.apache.org
Subject: Re: Installing certificate chain on Tomat
Note: Original message sent as attachment---BeginMessage---
i am installing certificate chain on tomcat 6.x (JRE 1.6). From my CA I have
private key (PEM),
identity cert (PEM) (CA X trusts myhost)
and a cert chain file (PEM file) (entrust trusts CA X)
The cert chain is: (entrust) === trusts == (CA X) == trusts == myhost
I have converted the private key and identify cert into DER form
and have imported into /etc/keystore (tomcat's keystore).
I have imported the certificate chain PEM file into
${JAVA_HOME}/jre/lib/security/cacerts.
when I login to tomcat i get warning that certificate
myhost isused by CA X is not trrusted.
It seems like browser does not get full cert chain (entrust = CA X =
myhost).
what could I be doing wrong? pl help.
Regs,
/U
--
View this message in context:
http://old.nabble.com/Installing-certificate-chain-on-Tomat-tp28199836p28199836.html
Sent from the Tomcat - User mailing list archive at Nabble.com.
-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org
ICBieSBhcGF1
---End Message---
-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org
Re: symbolic links deleted when restarting tomcat
On 9 April 2010 22:16, Karin Moscovici karin.moscov...@correlix.com wrote: Thanks Chris. Indeed, my issue is different than the one you've described - The links are deleted from common/lib and server/lib, and their targets are unharmed. I don't know of any other reason that could have possible cause the deletion. Thanks for the answer. Is it happening regularly, or did it happen just once? Can you examine the .bash_history of any users with access to this system to see if it was an inadvertent human error? p On Sat, Apr 10, 2010 at 12:06 AM, Christopher Schultz ch...@christopherschultz.net wrote: -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Karin, On 4/9/2010 4:55 PM, Karin Moscovici wrote: I'm using tomcat 5.5 on Linux Centos. Today, after restarting tomcat, my application did not load. In the logs I found NoClassDefError on org.servlet.jsp.JspFactory class. It seems that the symbolic link to /usr/shar/java/jsp.jar that was under tomcat/common/lib simply dissappeared. When I added it using ln -s the problem was solved. This has happened to me once before with HttpServletRequest class and servlet-api.jar from tomcat/server/lib. Is this a known issue? The only issue I believe Tomcat has with symbolic links is when you have a symbolic link pointing from inside your webapp's deployment directory (say, webapps/mywebapp) and then you perform an undeploy operation: that will perform a recursive delete that ravages the target of the symlink. That has been fixed in recent versions: check the ChangeLog for details. It sounds like your issue is something different, though. I don't believe Tomcat deletes any files except those related to actual webapps. Are you sure there's no other way these links could have been deleted? You could make those files (and their parent directories) non-writable by the euid running Tomcat and see if you get any exceptions: that would produce a stack trace proving that Tomcat is trying to delete the file (when it probably shouldn't be). - -chris -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.10 (MingW32) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iEYEARECAAYFAku/lsQACgkQ9CaO5/Lv0PAsFgCcCshvXNw9XgunBH5UU5vgK2iQ 5qUAmwYM/5ElVOOXJtSm5KQL2QADVhuL =V0Vo -END PGP SIGNATURE- - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org -- -- pidster.com
Re: Tomcat 5.4 exist?
There is/was no Tomcat 5.4. There was a 5.5.4, which is very, very old. http://archive.apache.org/dist/tomcat/tomcat-5/archive/ http://archive.apache.org/dist/tomcat/tomcat-5/archive/ p 2010/4/10 Sébastien Charland charland.sebast...@gmail.com Hi, I just want to know if there is a Tomcat version 5.4 and where I can find it. I checked on the archive but there is only 5.0.x and 5.5.x versions. Someone told me that he have a Tomcat 5.4 installed. thank you! Sébastien -- -- pidster.com
Re: Tomcat 6 fresh install, will not startup,
Installed apache-tomcat-6.0.26 into folder C:\apache-tomcat-6.0.26\ C:\apache-tomcat-6.0.26\bin catalina.bat version Using CATALINA_BASE: C:\apache-tomcat-6.0.26\ Using CATALINA_HOME: C:\apache-tomcat-6.0.26\ Using CATALINA_TMPDIR: C:\apache-tomcat-6.0.26\\temp Those two slashes look suspicious to me. Using JRE_HOME: C:\Program Files\Java\jdk1.6.0_19\ Using CLASSPATH: C:\apache-tomcat-6.0.26\\bin\bootstrap.jar Also these two slashes. java.io.FileNotFoundException: C:\apache-tomcat-6.0.26-Dcatalina.home=C:\apache-tomcat6.0.26\logs\catalina.2010-04-09.log Can you confirm that the path actually does have the two inverted commas in it? p Regards Robert J Wolf www.linkedin.com/in/robertwolftorontoEmail robert_wolf_toro...@yahoo.cacell Phone 416-953-7288 __ Looking for the perfect gift? Give the gift of Flickr! http://www.flickr.com/gift/ -- -- pidster.com
Re: Tomcat 6 fresh install, will not startup,
Ignore my last, didn't see your last reply. p On 10 April 2010 10:03, Pid * p...@pidster.com wrote: Installed apache-tomcat-6.0.26 into folder C:\apache-tomcat-6.0.26\ C:\apache-tomcat-6.0.26\bin catalina.bat version Using CATALINA_BASE: C:\apache-tomcat-6.0.26\ Using CATALINA_HOME: C:\apache-tomcat-6.0.26\ Using CATALINA_TMPDIR: C:\apache-tomcat-6.0.26\\temp Those two slashes look suspicious to me. Using JRE_HOME: C:\Program Files\Java\jdk1.6.0_19\ Using CLASSPATH: C:\apache-tomcat-6.0.26\\bin\bootstrap.jar Also these two slashes. java.io.FileNotFoundException: C:\apache-tomcat-6.0.26-Dcatalina.home=C:\apache-tomcat6.0.26\logs\catalina.2010-04-09.log Can you confirm that the path actually does have the two inverted commas in it? p Regards Robert J Wolf www.linkedin.com/in/robertwolftorontoEmail robert_wolf_toro...@yahoo.cacell Phone 416-953-7288 __ Looking for the perfect gift? Give the gift of Flickr! http://www.flickr.com/gift/ -- -- pidster.com -- -- pidster.com
Re: Installing certificate chain on Tomat
On 10 April 2010 08:58, nowled.excite now...@excite.com wrote: Maybe you are getting the certificate myhost issued by CA X is not trusted, because you a fucking virus No need for that. p -Original Message- From: /U [uma...@comcast.net] Date: 04/10/2010 12:02 AM To: users@tomcat.apache.org Subject: Re: Installing certificate chain on Tomat Note: Original message sent as attachment - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org -- -- pidster.com
Re: Tomcat 5.4 exist?
Pid * wrote: There is/was no Tomcat 5.4. There was a 5.5.4, which is very, very old. And 5.0.4 which is even older. D - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: Installing certificate chain on Tomat
hello Pid, am i right in assuming that the identity certificate+private key is installed in keystoreFile of the SSL connector (C:\keystore below) and the CA certificate chain is installed in jre/lib/security/cacerts? Connector port=443 protocol=HTTP/1.1 SSLEnabled=true maxThreads=150 scheme=https secure=true clientAuth=false sslProtocol=TLS keystoreFile=C:\keystore keystorePass=changeit / any assistance appreciated, /U -Original Message- From: /U [uma...@comcast.net] Date: 04/10/2010 12:02 AM To: users@tomcat.apache.org Subject: Re: Installing certificate chain on Tomat Note: Original message sent as attachment - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org -- -- pidster.com -- View this message in context: http://old.nabble.com/Installing-certificate-chain-on-Tomat-tp28199836p28202227.html Sent from the Tomcat - User mailing list archive at Nabble.com. - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: Installing certificate chain on Tomat
i had to install my ca root certs in a keystore specificed/referenced by the truststorefile parameter NOT the keystorefile parm From: /U uma...@comcast.net To: users@tomcat.apache.org Sent: Sat, April 10, 2010 10:07:47 AM Subject: Re: Installing certificate chain on Tomat hello Pid, am i right in assuming that the identity certificate+private key is installed in keystoreFile of the SSL connector (C:\keystore below) and the CA certificate chain is installed in jre/lib/security/cacerts? Connector port=443 protocol=HTTP/1.1 SSLEnabled=true maxThreads=150 scheme=https secure=true clientAuth=false sslProtocol=TLS keystoreFile=C:\keystore keystorePass=changeit / any assistance appreciated, /U -Original Message- From: /U [uma...@comcast.net] Date: 04/10/2010 12:02 AM To: users@tomcat.apache.org Subject: Re: Installing certificate chain on Tomat Note: Original message sent as attachment - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org -- -- pidster.com -- View this message in context: http://old.nabble.com/Installing-certificate-chain-on-Tomat-tp28199836p28202227.html Sent from the Tomcat - User mailing list archive at Nabble.com. - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: Installing certificate chain on Tomat
On 04/10/2010 12:01 AM, /U wrote:
i am installing certificate chain on tomcat 6.x (JRE 1.6). From my CA I have
private key (PEM),
identity cert (PEM) (CA X trusts myhost)
and a cert chain file (PEM file) (entrust trusts CA X)
The cert chain is: (entrust) === trusts == (CA X) == trusts == myhost
I have converted the private key and identify cert into DER form
and have imported into /etc/keystore (tomcat's keystore).
I have imported the certificate chain PEM file into
${JAVA_HOME}/jre/lib/security/cacerts.
when I login to tomcat i get warning that certificate
myhost isused by CA X is not trrusted.
It seems like browser does not get full cert chain (entrust = CA X =
myhost).
what could I be doing wrong? pl help.
Regs,
/U
Hello,
You may want to take a look at Comodo's documentation for Tomcat.
https://support.comodo.com/index.php?_m=knowledgebase_a=viewarticlekbarticleid=1204
It shows how to easily install a trusted certificate for use with Tomcat
(and most Java based Web Servers). I've used this documentation quite a
few times and it has always been spot on.
You may want to view the contents of the keystore: keytool -v -list
-keystore KEYSTORE_FILE; to see what is missing. Tomcat should have the
Intermediate Cert(s) and the Entity/Domain Cert inside the keystore.
Hope this helps!
-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org
Re: Installing certificate chain on Tomat
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 /U, On 4/10/2010 12:01 AM, /U wrote: i am installing certificate chain on tomcat 6.x (JRE 1.6). From my CA I have private key (PEM), identity cert (PEM) (CA X trusts myhost) and a cert chain file (PEM file) (entrust trusts CA X) The cert chain is: (entrust) === trusts == (CA X) == trusts == myhost I have converted the private key and identify cert into DER form and have imported into /etc/keystore (tomcat's keystore). Tomcat does not use /etc/keystore unless you tell it to do so. Can you show us your server.xml, specifically your SSL Connector element? - -chris -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.10 (MingW32) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iEYEARECAAYFAkvAtWgACgkQ9CaO5/Lv0PDQBgCgnPJP17/F6OI2UXPRaQ7xnKau RTUAoLYShr4IVwKZJrOfyvZKGkGAvnUQ =/uks -END PGP SIGNATURE- - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: Installing certificate chain on Tomat
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 /U, On 4/10/2010 10:07 AM, /U wrote: am i right in assuming that the identity certificate+private key is installed in keystoreFile of the SSL connector (C:\keystore below) and the CA certificate chain is installed in jre/lib/security/cacerts? Connector port=443 protocol=HTTP/1.1 SSLEnabled=true maxThreads=150 scheme=https secure=true clientAuth=false sslProtocol=TLS keystoreFile=C:\keystore keystorePass=changeit / Wait, last time you said /etc/keystore. Is this *NIX or Microsoft Windows? If you have C:\keystore as your keystore, then the keystore file should be in (you guessed it) C:\keystore - -chris -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.10 (MingW32) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iEYEARECAAYFAkvAtbsACgkQ9CaO5/Lv0PDXOACgodvxD9VWjn9tFRsDk+LLGlf3 IacAn0I58CRoEZ/R81Nf4wwvxeyfDxco =n2Tx -END PGP SIGNATURE- - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: Tomcat 6 fresh install, will not startup,
On Sat, Apr 10, 2010 at 2:43 AM, Robert Wolf robert_wolf_toro...@yahoo.cawrote: Did I fresh install and did not modify any of the files. Running on windows XP with service packs Using Sun’s java C:\apache-tomcat-6.0.26\bin java -version java version 1.6.0_19 Java(TM) SE Runtime Environment (build 1.6.0_19-b04) Java HotSpot(TM) Client VM (build 16.2-b04, mixed mode, sharing) Installed apache-tomcat-6.0.26 into folder C:\apache-tomcat-6.0.26\ C:\apache-tomcat-6.0.26\bin catalina.bat version Using CATALINA_BASE: C:\apache-tomcat-6.0.26\ Using CATALINA_HOME: C:\apache-tomcat-6.0.26\ Using CATALINA_TMPDIR: C:\apache-tomcat-6.0.26\\temp Using JRE_HOME: C:\Program Files\Java\jdk1.6.0_19\ Using CLASSPATH: C:\apache-tomcat-6.0.26\\bin\bootstrap.jar Server version: Apache Tomcat/6.0.26 Server built: March 9 2010 1805 Server number: 6.0.26.0 OS Name:Windows XP OS Version: 5.1 Architecture: x86 JVM Version: 1.6.0_19-b04 JVM Vendor: Sun Microsystems Inc. Setup two environment variables: C:\apache-tomcat-6.0.26\bin echo %JAVA_HOME% C:\Program Files\Java\jdk1.6.0_19\ C:\apache-tomcat-6.0.26\bin echo %CATALINA_HOME% C:\apache-tomcat-6.0.26\ The problem is it is not creating the log file name properly Should be C:\apache-tomcat-6.0.26\logs\catalina.2010-04-09.log But it looks like this, which is wrong C:\apache-tomcat-6.0.26 -Dcatalina.home=C:\apache-tomcat-6.0.26\logs\catalina.2010-04-09.log Try to startup and get the following error C:\apache-tomcat-6.0.26\bin catalina.bat run Using CATALINA_BASE: C:\apache-tomcat-6.0.26\ Using CATALINA_HOME: C:\apache-tomcat-6.0.26\ Using CATALINA_TMPDIR: C:\apache-tomcat-6.0.26\\temp Using JRE_HOME: C:\Program Files\Java\jdk1.6.0_19\ Using CLASSPATH: C:\apache-tomcat-6.0.26\\bin\bootstrap.jar java.util.logging.ErrorManager: 4 java.io.FileNotFoundException: C:\apache-tomcat-6.0.26 -Dcatalina.home=C:\apache-tomcat6.0.26\logs\catalina.2010-04-09.log (The filename, directory name, or volume label syntax is incorrect) at java.io.FileOutputStream.openAppend(Native Method) at java.io.FileOutputStream.init(FileOutputStream.java:177) at java.io.FileOutputStream.init(FileOutputStream.java:102) at org.apache.juli.FileHandler.openWriter(FileHandler.java:328) at org.apache.juli.FileHandler.init(FileHandler.java:65) at org.apache.juli.FileHandler.init(FileHandler.java:56) at sun.reflect.NativeConstructorAccessorImpl.newInstance0(Native Method) at sun.reflect.NativeConstructorAccessorImpl.newInstance(NativeConstructorAccessorImpl.java:39) at sun.reflect.DelegatingConstructorAccessorImpl.newInstance(DelegatingConstructorAccessorImpl.java:27) at java.lang.reflect.Constructor.newInstance(Constructor.java:513) at java.lang.Class.newInstance0(Class.java:355) at java.lang.Class.newInstance(Class.java:308) at org.apache.juli.ClassLoaderLogManager.readConfiguration(ClassLoaderLogManager.java:515) at org.apache.juli.ClassLoaderLogManager.readConfiguration(ClassLoaderLogManager.java:460) at org.apache.juli.ClassLoaderLogManager.readConfiguration(ClassLoaderLogManager.java:286) at java.util.logging.LogManager$2.run(LogManager.java:268) at java.security.AccessController.doPrivileged(Native Method) at java.util.logging.LogManager.readPrimordialConfiguration(LogManager.java:266) at java.util.logging.LogManager.getLogManager(LogManager.java:249) at java.util.logging.Logger.init(Logger.java:220) at java.util.logging.LogManager$RootLogger.init(LogManager.java:958) at java.util.logging.LogManager$RootLogger.init(LogManager.java:955) at java.util.logging.LogManager$1.run(LogManager.java:181) at java.security.AccessController.doPrivileged(Native Method) at java.util.logging.LogManager.clinit(LogManager.java:158) at java.util.logging.Logger.getLogger(Logger.java:273) at org.apache.juli.logging.DirectJDKLog.init(DirectJDKLog.java:71) at org.apache.juli.logging.DirectJDKLog.getInstance(DirectJDKLog.java:17 8) at org.apache.juli.logging.LogFactory.getInstance(LogFactory.java:171) at org.apache.juli.logging.LogFactory.getInstance(LogFactory.java:243) at org.apache.juli.logging.LogFactory.getLog(LogFactory.java:298) at org.apache.catalina.startup.Bootstrap.clinit(Bootstrap.java:55) java.util.logging.ErrorManager: 4 java.io.FileNotFoundException: C:\apache-tomcat-6.0.26 -Dcatalina.home=C:\apache-tomcat-6.0.26\logs\localhost.2010-04-09.log (The filename, directory name, or volume label syntax is incorrect) at java.io.FileOutputStream.openAppend(Native Method) at java.io.FileOutputStream.init(FileOutputStream.java:177) at
Re: Installing certificate chain on Tomat
Thank you Chris for your suggestion. Here is my connector: Connector port=443 protocol=HTTP/1.1 SSLEnabled=true maxThreads=150 scheme=https secure=true clientAuth=false sslProtocol=TLS keystoreFile=/users/me/.keystore keystorePass=changeit / I have received the following keys/certs from CA: - file1: private key for myhost - file2: identity certificate for myhost signed by CA1 - file3: certificate for CA1 signed by entrust I installed private key (file1) and myhost cert (file2) into /users/me/.keystore using the ImportKey utility. I installed the CA1's certificated into /users/me/.keystore using keytool. My keytool lookslike this: $ keytool -list -keystore /users/me/.keystore ...password... Keystore type: JKS Keystore provider: SUN Your keystore contains 2 entries CA1, Apr 10, 2010, trustedCertEntry, Certificate fingerprint (MD5): 2F:B3:00:F2:FA:12:7B:BD:82:95:70:05:99:12:17:DB:BE tomcat, Apr 10, 2010, PrivateKeyEntry, Certificate fingerprint (MD5): CD:D9:06:11:30:CD:C2:60:33:33:68:A2:30:5C:01:50 $ I did not install any certificates into truststore (jre/lib/security/cacerts). When I connect browser to https://myhost, i get a cert error that myhost is signed by CA1and cannot be trusted. Browser show only one cert (for myhost) and not show the full cert chain (myhost - CA1 and CA1 - entrust). Why is the full cert chain not sent to browser. Since entrust CA cert is in browser CA list, if tomcat send full cert chain to browser, it would be trusted. Also, when I use openss client, I see that full cert chain is not sent: C:\ openssl s_client -connect myhost:443 verify error:num=21:unable to verify the first certificate verify return:1 --- Certificate chain 0 s:/C=US/ST=YY/L=XX/O=myhost Inc./OU=IT/CN=myhost i:/C=US/O=CA1, Inc./OU=www.CA1.net is incorporated by reference/OU=..., Inc./CN=CA1Certification Authority Why does this chain not have CA1-entrust certificate. what i do wrong? should all CA certs be in truststore? what is the defaulttruststore of tomcat? what is difference between truststore and keystore. is it correct to say all CA certs be in truststore and private key and identity cert be in keystore? many thanx, /U Christopher Schultz-2 wrote: -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 /U, On 4/10/2010 12:01 AM, /U wrote: i am installing certificate chain on tomcat 6.x (JRE 1.6). From my CA I have private key (PEM), identity cert (PEM) (CA X trusts myhost) and a cert chain file (PEM file) (entrust trusts CA X) The cert chain is: (entrust) === trusts == (CA X) == trusts == myhost I have converted the private key and identify cert into DER form and have imported into /etc/keystore (tomcat's keystore). Tomcat does not use /etc/keystore unless you tell it to do so. Can you show us your server.xml, specifically your SSL Connector element? - -chris -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.10 (MingW32) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iEYEARECAAYFAkvAtWgACgkQ9CaO5/Lv0PDQBgCgnPJP17/F6OI2UXPRaQ7xnKau RTUAoLYShr4IVwKZJrOfyvZKGkGAvnUQ =/uks -END PGP SIGNATURE- - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org -- View this message in context: http://old.nabble.com/Installing-certificate-chain-on-Tomat-tp28199836p28204196.html Sent from the Tomcat - User mailing list archive at Nabble.com. - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: Installing certificate chain on Tomat
I tried this on different systems (*nix and XP) and hence the
differences in my excerpts. but in each case, the connector
config correct refers to keystore. i am sorry i quoted different
configs - will stick to *nix from now on.
i am confused about one thing: whil keystore is explicitly specified
in connector config, what about the truststore?
i assume truststore stores the trusted CA certs (as opposed to
private keys/identity cert). Is this correct?
Why does not connector config not refer to truststore config ?
Or is that by default become ${JAVA_HOME}/jre/lib/security/cacerts?
What is the relation/differences (as far as tomcat is concerned) between
keystore, truststore and {JAVA_HOME}/jre/lib/security/cacerts?
with sincere thanx!
/U
Christopher Schultz-2 wrote:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
/U,
On 4/10/2010 12:01 AM, /U wrote:
i am installing certificate chain on tomcat 6.x (JRE 1.6). From my CA I
have
private key (PEM),
identity cert (PEM) (CA X trusts myhost)
and a cert chain file (PEM file) (entrust trusts CA X)
The cert chain is: (entrust) === trusts == (CA X) == trusts == myhost
I have converted the private key and identify cert into DER form
and have imported into /etc/keystore (tomcat's keystore).
Tomcat does not use /etc/keystore unless you tell it to do so. Can you
show us your server.xml, specifically your SSL Connector element?
- -chris
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.10 (MingW32)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/
iEYEARECAAYFAkvAtWgACgkQ9CaO5/Lv0PDQBgCgnPJP17/F6OI2UXPRaQ7xnKau
RTUAoLYShr4IVwKZJrOfyvZKGkGAvnUQ
=/uks
-END PGP SIGNATURE-
-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org
--
View this message in context:
http://old.nabble.com/Installing-certificate-chain-on-Tomat-tp28199836p2820.html
Sent from the Tomcat - User mailing list archive at Nabble.com.
-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org
Re: Tomcat startup error
Christopher Schultz ch...@christopherschultz.net wrote in message news:4bbf945e.4050...@christopherschultz.net... -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Harry, On 4/9/2010 2:01 PM, Harry Metske wrote: you are using some piece of software (com.mypkg.packaging.*) that is calling tomcat code. It expects to find a method in org.apache.tomcat.util.IntrospectionUtils that is no longer there in 6.0.26, which causes the NoSuchMethodError. Basically your embedder does not support this version of Tomcat, you should contact the vendor, they should do the recompile . It's interesting that the Java Runtime throws a NoSuchMethodError since the return type is not technically part of the method signature. I've never considered this before, and it totally makes sense because the return type really is an important part of the method. Just interesting to note that the effective method signature is not the same as the official one. Another thing to note is that the Tomcat folks have made an unstable change, here, by changing a public API. It would have been better to create a method with a new signature and deprecated the old one, while leaving it there. The Tomcat developers have always considered this to be part of the internal API, not the public API. This is true of most of the classes under the org.apache.tomcat package. - -chris -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.10 (MingW32) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iEYEARECAAYFAku/lF4ACgkQ9CaO5/Lv0PCHaQCguLBWWaK6kp+md88Hxo3dGZ4z itEAnjsMKVr6fWyJG44nbNJGFUKLDsU1 =ER++ -END PGP SIGNATURE- - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
