A few pointers: - You can set the keystoreFile attribute on the connector to change the location of the keystore - When you get the tomcat server cert back from the CA you need to save it in p7b format with all the certificates in the chain - If you want to use client authentication with tomcat-users.xml the user cert entry is of the form <user username="CN=Mark Thomas, OU=WWW, O=XXX, L=YYY, ST=ZZZ, C=GB" password="null" roles="tomcat,certs"/>
Hope this helps. > -----Original Message----- > From: Donald Lee [mailto:[EMAIL PROTECTED] > Sent: Tuesday, March 16, 2004 12:05 AM > To: [EMAIL PROTECTED] > Subject: SSL using Microsoft CA > > Hello, I would like to use real authenticated SSL using a > Microsoft CA > Certificate imported into Tomcat. I found on the website for > how to set up > an "anonymous" or "self signed" SSL but I am troubleshooting > an issue with > axis web services running in self signed SSL mode. I wanted > to try a real > certificate but am not sure what format to export and how to > import the > certificate using the java keytool utility. It also wants to > store this > cert in the local administrator's profile, I would rather store this > certificate in another directory such as the conf or bin directory. > Anywhere but the profile. > > Current setup: > > Windows 2003 Server Standard Edition > Tomcat 4.1.29 > Apache Axis 1.1 > Java SDK 1.4.2_03 > > standard web browsing in SSL mode works flawlessly. My Microsoft web > services application works flawlessly in non-ssl mode but > chokes with a > "connection lost" intermittently in SSL. Can anybody direct me to a > tutorial or help doc to get my certificate installed? > > Thanks in advance > Don Lee > > _________________________________________________________________ > FREE pop-up blocking with the new MSN Toolbar - get it now! > http://clk.atdmt.com/AVE/go/onm00200415ave/direct/01/ > > > --------------------------------------------------------------------- > To unsubscribe, e-mail: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED] > > --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
