Are you able to query your keystore
("D:\ourwebapp\certificate\keystore") using the specified password from
the command-line?For instance, what happens when you do this?: c:\>%JAVA_HOME%/bin/keytool -list -keystore "D:\ourwebapp\certificate\keystore" -storepass yeahsure I just downloaded TC 5.0.16, configured SSL and ran it with no problems, FWIW. Baer Peter Christoph Alexander wrote: >Yes, we set keystorePass to what we entered when >creating the keystore. > >Below are the Connectors from our server.xml. >Do you see anything wrong, here? Something, >that was ok with TC 4.0.6, but is no longer valid >for TC 5.0.16? > > Thanks in advance! > > Alex > ><snip> ><Connector > acceptCount="100" > connectionTimeout="30000" > debug="0" > disableUploadTimeout="true" > enableLookups="true" > maxSpareThreads="75" > maxThreads="150" > minSpareThreads="25" > port="8080" > redirectPort="8443" > scheme="https" > secure="yes" >/> ><!-- Define a SSL Coyote HTTP/1.1 Connector on port 8443 --> ><Connector > acceptCount="100" > debug="0" > disableUploadTimeout="true" > enableLookups="false" > maxSpareThreads="75" > maxThreads="150" > minSpareThreads="25" > port="8443" > scheme="https" > secure="true"> > <Factory > clientAuth="false" > keystoreFile="D:\ourwebapp\certificate\keystore" > keystorePass="yeahsure" > protocol="TLS" > /> ></Connector> ><!-- Define a Coyote/JK2 AJP 1.3 Connector on port 8009 --> ><Connector > debug="0" > enableLookups="false" > port="8009" > protocol="AJP/1.3" > redirectPort="8443" >/> ></snip> > > > >>-----Original Message----- >>From: Luc Foisy [mailto:[EMAIL PROTECTED] >>Sent: Monday, December 08, 2003 5:53 PM >>To: Tomcat Users List >>Subject: RE: SSL problem with TC 5.0.16 >> >> >>Did you set keystorePass? >> >>-----Original Message----- >>From: Baer Peter Christoph Alexander >>[mailto:[EMAIL PROTECTED] >>Sent: Monday, December 08, 2003 11:49 AM >>To: '[EMAIL PROTECTED]' >>Subject: SSL problem with TC 5.0.16 >> >> >>Hi, >> >>before you start throwing eggs and tomatoes at me: >>I *have* searched the mailing list archive before >>posting this message... ;-) >> >> >>I just installed Tomcat 5.0.16. Now we want to >>migrate an application from TC 4.0.6 to it. >>For this we need to run TC with SSL. >>However, there's apparently a mistake in our >>SSL configuration. After adapting server.xml >>for our webapp, we see the following startup >>error message: >> >><snip> >>INFO: Starting Coyote HTTP/1.1 on port 8080 >>08.12.2003 17:01:45 org.apache.coyote.http11.Http11Protocol start >>SCHWERWIEGEND: Error starting endpoint >>java.io.IOException: Keystore was tampered with, or password >>was incorrect >> at >>sun.security.provider.JavaKeyStore.engineLoad(JavaKeyStore.java:748) >> at java.security.KeyStore.load(KeyStore.java:652) >> at >>org.apache.tomcat.util.net.jsse.JSSESocketFactory.getStore(JSSESocket >>Factory.java:295) >> at >>org.apache.tomcat.util.net.jsse.JSSESocketFactory.getKeystore(JSSESoc >>ketFactory.java:259) >> at >>org.apache.tomcat.util.net.jsse.JSSE14SocketFactory.getKeyManagers(JS >>SE14SocketFactory.java:172) >></snip> >> >>Following the docs, we checked the password >>and we have also created quite a few new >>keystores and put there paths into the >>keystoreFile attribute of the Factory >>tag. >> >>In TC5 even the old keystore with the >>original certificate of our application >>is rejected. >> >>Has anybody seen this before? Can you provide >>some hint, what the problem could be caused >>by? We can rule out the things mentioned in >>the docs, I think! >> >>Thanks in advance! >> >> Regards >> Alex >> >>--------------------------------------------------------------------- >>To unsubscribe, e-mail: [EMAIL PROTECTED] >>For additional commands, e-mail: [EMAIL PROTECTED] >> >> >>--------------------------------------------------------------------- >>To unsubscribe, e-mail: [EMAIL PROTECTED] >>For additional commands, e-mail: [EMAIL PROTECTED] >> >> >> > >--------------------------------------------------------------------- >To unsubscribe, e-mail: [EMAIL PROTECTED] >For additional commands, e-mail: [EMAIL PROTECTED] > > > > --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
