It's not anything with Tomcat, but with JDK. First ensure you've created the keys:
keytool -genkey -keyalg RSA -alias tomcat -keystore yourkeystorefilename (You typically need to answer the questions, start with the web server name, like www.host.com, and fully spell out the city, state, etc.. The password and keystore file name you use will be configured into Tomcat.) To generate the CSR: keytool -certreq -alias tomcat -keyalg RSA -file certreq.csr -keystore yourkeystorefilename Then to import (assuming PKCS#7 encoded): keytool -import -alias tomcat -trustcacerts -file certfilegiventoyoubyCA -keystore yourkeystorefilename Good luck, David ----- Original Message ----- From: "Richard Panek" <[EMAIL PROTECTED]> To: "Tomcat Users List" <[EMAIL PROTECTED]>; <[EMAIL PROTECTED]> Sent: Friday, December 17, 2004 9:30 AM Subject: RE: CSR in Tomcat 5.0 > Ben, > > The command line doesn't work and will not create the CSR. What was the > command line you used? > > Rich > > -----Original Message----- > From: Ben Souther [mailto:[EMAIL PROTECTED] > Sent: Friday, December 17, 2004 11:08 AM > To: Tomcat Users List > Subject: Re: CSR in Tomcat 5.0 > > I've used the -keyalg with -certreq. > > > On Fri, 2004-12-17 at 10:23, Richard Panek wrote: > > Anyone have any idea how to properly create a CSR in Tomcat 5.0 to > > submit to Verisign? > > > > > > > > > > > > The command line is: > > > > > > > > Keytool -certreq -keyalg RSA -alias tomcat -file certreq.csr \ > -keystore > > <your_keystore_filename> > > > > > > > > The problem is that the -keyalg switch does not exist with the syntax > > for the -certreq switch. I can create the CSR file without the > -keyalg > > switch. What affect will this have when submitting this to the CA? > > What encryption level? > > > > > > > > > > > > Richard Panek > > > > [EMAIL PROTECTED] > > > > > --------------------------------------------------------------------- > To unsubscribe, e-mail: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED] > > > --------------------------------------------------------------------- > To unsubscribe, e-mail: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED] > --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
