Sorry, I'm not familiar with this environment. Which CA certificate your server certificate is signed with? Give me some important attributes. Perhaps I can send you this certificate as an attachment.
Julie McCabe <[EMAIL PROTECTED]> 27-05-2004 16:47 Antwoord a.u.b. aan "Tomcat Users List" Aan: "Tomcat Users List" <[EMAIL PROTECTED]> cc: Onderwerp: Re: Betr.: Re: X509 certificates and https Hello, I should have included this in my original mail but I am using Mozilla 1.4.1 on RedHat Linuz 9.0 - any ideas? Julie. On Thursday 27 May 2004 15:47, [EMAIL PROTECTED] wrote: > If you use Internet Explorer you simple go to the Trusted Certificate > Authorties, select the CA certificate and export it to some format. > You should then be able to import it into your trusted keystore. > > Ron > > > > > > Julie McCabe <[EMAIL PROTECTED]> > 27-05-2004 16:21 > Antwoord a.u.b. aan "Tomcat Users List" > > > Aan: "Tomcat Users List" <[EMAIL PROTECTED]> > cc: > Onderwerp: Re: X509 certificates and https > > > Hi, > > I tried the following command > > keytool -import -alias tomcat -keystore server.ks -trustcacerts -file > server.crt > > with my certificate and key which are in pem format and it returned > keytool error: java.lang.Exception: Input not an X.509 certificate > > > I have the CA certifcate stored in my browser but cant see how I can > export > it? > > Thanks > Julie. > > On Thursday 27 May 2004 15:24, [EMAIL PROTECTED] wrote: > > The only thing you have to do is running the java keytool utily with > > following command: > > > > keytool -import -alias tomcat -keystore server.ks -trustcacerts -file > > server.crt > > > > This inserts thet server.crt certificate into the keystore that tomcat > > uses. > > > > Your CA scertificate needs to be in the trusted keystore of your JRE > > under > > > which Tomcat runs. > > If this is not the case put it in there as follows: > > > > keytool -import -keystore %JAVA_HOME%/lib/security/cacerts -file ca.pem > > -alias my_alias > > > > This inserts the root certificate ca.pem into the trusted keystore of > > the > > > JRE being used. > > > > This should work. > > > > Ron Blom > > --------------------------------------------------------------------- > To unsubscribe, e-mail: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED] --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]