Ok, I can't figure this out. I'm sure it's simple and I'm just missing it.
I created a tomcat server initially with a self-signed certificate to move forward with testing while our cert authority was re-gen-ing a certificate for us. Now, create a new keystore with the root certificate imported, update the path in server.xml, however the server is still using the self-signed cert. What am I missing? You can go to https://www.careerfish.com <https://www.careerfish.com/> to see the self-cert. I am installing on: Tomcat Version JVM Version JVM Vendor OS Name OS Version OS Architecture Apache Tomcat/4.1.30 1.4.2_04-b05 Sun Microsystems Inc. Linux 2.4.20-8smp i386 Here's a listing of the installed certs: [EMAIL PROTECTED] logs]# keytool -list -keystore /etc/careerfish.key Enter keystore password: Keystore type: jks Keystore provider: SUN Your keystore contains 3 entries root, Jun 3, 2004, trustedCertEntry, Certificate fingerprint (MD5): C4:D7:F0:B2:A3:C5:7D:61:67:F0:04:CD:43:D3:BA:58 tomcat, Jun 2, 2004, keyEntry, Certificate fingerprint (MD5): DE:93:10:3A:D1:1E:05:83:E4:EC:E0:18:D7:98:7D:FE comodo, Jun 3, 2004, trustedCertEntry, Certificate fingerprint (MD5): 2D:03:24:A9:05:F4:C8:A0:81:E9:98:9B:F5:C0:5D:21 Here's the relevant server.xml piece: <Connector className="org.apache.coyote.tomcat4.CoyoteConnector" port="443" minProcessors="5" maxProcessors="75" enableLookups="true" acceptCount="100" debug="0" scheme="https" secure="true" useURIValidationHack="false" disableUploadTimeout="true"> <Factory className="org.apache.coyote.tomcat4.CoyoteServerSocketFactory" keystoreFile="/etc/careerfish.key" keystorePass="xxxxx" clientAuth="false" protocol="TLS" /> </Connector> Thanks. Ross Rankin --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
