I've gotten that error message millions of times. It's not helpful; almost
any setup problem can cause it. Possibly untrusted server certificate on
the client side, but you would see that at the command prompt, right?
I'm not [yet] an OpenSSL user, but my guess is that the docs
(tomcat-ssl-howto.html) are buggy. You actually generate the key pair using
OpenSSL, but that (private) key isn't moved to any Java keystore. The
trustcacerts import takes care of trust for the client-side, but how does
tomcat know where its private key is? I.e. how do you configure server.xml
in this case? Can you just assign keystore=key.pem? Don't think so. Any
guesses?
Second guess: are you sure you're importing into the the .keystore file in
the correct directory? I'm not really a Unix/Linux person, but under
Windows the default .keystore locations for Tomcat and Java are different.
So in your keytool commands you have to use the -keystore <path/filename>
option to ensure that you're importing to the right place.
Darrell Drake*
IBM Japan, TRL
+81-46-215-4175
[EMAIL PROTECTED]
* - Notes ID has a misspelling of my name
From: Eric Wong <[EMAIL PROTECTED]> on 2001-03-23 10:33
Please respond to [EMAIL PROTECTED]
To: "'[EMAIL PROTECTED]'" <[EMAIL PROTECTED]>
cc:
Subject: Problem with Tomcat SSL Direct.
I get the following exceptions form tomcat:
2001-03-22 03:47:18 - Ctx( ): 400 R( /) null
2001-03-22 03:47:18 - Ctx( ): IOException in: R( /) Socket closed
And the browser displays the following message:
The page cannot be displayed
I can get Tomcat SSL working if I generate the .keystore the following way:
keytool -genkey -alias tomcat -keyalg RSA
But [not] when I:
1. generate a request and key;
openssl req -new -out REQ.pem -keyout KEY.pem
2. generate a self signed certificate;
openssl req -x509 -in REQ.pem -key KEY.pem -out CERT.pem
3. and finally import the certificate into the .keystore;
keytool -import -v -trustcacerts -alias tomcat -file
CERT.pem
I need this to work so I can use a certificate from verisign.
Please help!!!
Thanks!!!
Eric W.
