Hi Adam,
Did you do something like this?
keytool -import -trustcacerts -file mycert.cer
Notice the -trustcacerts flag.
Your host name has nothing to do with the cert.
The important part is the fully qualified domain name,
which has to match.
I am a little worried because I was pretty sure the
domain name was the OU, not the CN. You might
want to check what you have with keytool -list -v.
Regards,
Dave
What I suspect from the error message
----- Original Message -----
From: "Adam Le" <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Sent: Wednesday, December 27, 2000 3:32 PM
Subject: Tomcat and SSL and Palm Problem
> Hi all,
>
> Has anyone had luck implementing a real CA signed certificate with Tomcat?
>
> I have been able to:
> - install JSSE 1.0.2 into Tomcat v3.2.1 Release
> - create my own self signed key pairs using keytool
> - create the CSR and sent it to VeriSign
> - import the Trial certificate from VeriSign
>
> Tomcat runs and listens on the proper ports (80, 443, and 8007)
>
> However, when my browser hits the SSL port, I get an error stating that
the
> Certificate Authority is Invalid or Incorrect. A litle research into this
> revealed that the cause is that hostname on the server doesn't match the
> Common Name in the Certificate. I have not found an option to set the
host
> name in Tomcat, except through Virtual Hosts; even then that didn't work.
>
> DNS and the CommonName on the Certificate are the same. The browser is a
> only Mozzila 2.0 compliant (palm os browser). Desktop browsers have no
> problem visiting the HTTPS site... only the palm os browser does.
>
> Is there an option to set the ServerName like there is in Apache? Or does
> anyone see what I am missing here?
>
> Thanks In Advance.
>
> Adam
>
>
