Re: Installing certificate chain on Tomat

2010-04-13 Thread Christopher Schultz
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Michael, On 4/12/2010 4:55 PM, Michael Dockery wrote: because tomcat has the root for the client cert loaded into its truststore, and the matching client cert subject name (ie: user) loaded in its auth realm the client is therefore

Re: Installing certificate chain on Tomat

2010-04-12 Thread Christopher Schultz
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 /U, On 4/10/2010 3:31 PM, /U wrote: Connector port=443 protocol=HTTP/1.1 SSLEnabled=true maxThreads=150 scheme=https secure=true clientAuth=false sslProtocol=TLS keystoreFile=/users/me/.keystore

Re: Installing certificate chain on Tomat

2010-04-12 Thread Christopher Schultz
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 /U, On 4/10/2010 4:13 PM, /U wrote: i am confused about one thing: whil keystore is explicitly specified in connector config, what about the truststore? It can also be configured in the Connector. Have you not read any of the documentation? i

Re: Installing certificate chain on Tomat

2010-04-12 Thread Michael Dockery
@tomcat.apache.org Sent: Mon, April 12, 2010 9:32:32 AM Subject: Re: Installing certificate chain on Tomat -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 /U, On 4/10/2010 3:31 PM, /U wrote:     Connector port=443 protocol=HTTP/1.1 SSLEnabled=true                 maxThreads=150 scheme=https secure

Re: Installing certificate chain on Tomat

2010-04-10 Thread nowled.excite
Maybe you are getting the certificate myhost issued by CA X is not trusted, because you a fucking virus -Original Message- From: /U [uma...@comcast.net] Date: 04/10/2010 12:02 AM To: users@tomcat.apache.org Subject: Re: Installing certificate chain on Tomat Note: Original message

Re: Installing certificate chain on Tomat

2010-04-10 Thread Pid *
@tomcat.apache.org Subject: Re: Installing certificate chain on Tomat Note: Original message sent as attachment - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h

Re: Installing certificate chain on Tomat

2010-04-10 Thread /U
@tomcat.apache.org Subject: Re: Installing certificate chain on Tomat Note: Original message sent as attachment - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h

Re: Installing certificate chain on Tomat

2010-04-10 Thread Michael Dockery
AM To: users@tomcat.apache.org Subject: Re: Installing certificate chain on Tomat Note: Original message sent as attachment - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users

Re: Installing certificate chain on Tomat

2010-04-10 Thread Crypto Sal
On 04/10/2010 12:01 AM, /U wrote: i am installing certificate chain on tomcat 6.x (JRE 1.6). From my CA I have private key (PEM), identity cert (PEM) (CA X trusts myhost) and a cert chain file (PEM file) (entrust trusts CA X) The cert chain is: (entrust) === trusts == (CA X) ==

Re: Installing certificate chain on Tomat

2010-04-10 Thread Christopher Schultz
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 /U, On 4/10/2010 12:01 AM, /U wrote: i am installing certificate chain on tomcat 6.x (JRE 1.6). From my CA I have private key (PEM), identity cert (PEM) (CA X trusts myhost) and a cert chain file (PEM file) (entrust trusts CA X)

Re: Installing certificate chain on Tomat

2010-04-10 Thread Christopher Schultz
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 /U, On 4/10/2010 10:07 AM, /U wrote: am i right in assuming that the identity certificate+private key is installed in keystoreFile of the SSL connector (C:\keystore below) and the CA certificate chain is installed in jre/lib/security/cacerts?

Re: Installing certificate chain on Tomat

2010-04-10 Thread /U
- - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org -- View this message in context: http://old.nabble.com/Installing-certificate-chain-on-Tomat-tp28199836p28204196.html Sent from the Tomcat

Re: Installing certificate chain on Tomat

2010-04-10 Thread /U
- - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org -- View this message in context: http://old.nabble.com/Installing-certificate-chain-on-Tomat-tp28199836p2820.html Sent from the Tomcat - User mailing list archive at Nabble.com

Installing certificate chain on Tomat

2010-04-09 Thread /U
. It seems like browser does not get full cert chain (entrust = CA X = myhost). what could I be doing wrong? pl help. Regs, /U -- View this message in context: http://old.nabble.com/Installing-certificate-chain-on-Tomat-tp28199836p28199836.html Sent from the Tomcat - User mailing list archive