Thanks Mark, and all others, for your help. As I mentioned, we did get this to work. The only problem was that we didn't specify the keyalg param nor rsa so the default is dsa.
I posted another question "Is DSA OK", but no one seems to know. It appears that DSA doesn't handle encryption, but I'm not sure also it seems that there can be compatiblity issues between RSA and DSA. But since I've already gotten the cert from the CA, I may be screwed. Any ideas? --- Mark Thomas <[EMAIL PROTECTED]> wrote: > Bruce, > > Sorry. Don't know. I have only ever got it working > using RSA. However, > when I did this I got so many things wrong the first > 20 or so times I > tried it it could have been anything stopping it > working. > > Mark > > Bruce Perryman wrote: > > Thanks, > > > > It worked, the only problem is that we failed to > > specify the RSA algorithm. > > > > Are we screwed for using DSA? > > > > --- Mark Thomas <[EMAIL PROTECTED]> wrote: > > > > > >>The following steps should work (although I have > >>only ever done this > >>using my own CA). > >> > >>1. Create tomcat key in your own keystore > >>2. Create CSR > >>3. Submit CSR > >>4. Get response > >>5. Import CA's root cert to cacerts > >>(%JAVA_HOME%\jre\lib\security\cacerts) > >>6. Import new cert to same keystore as 1 (use same > >>alias & trustcacerts > >>option) > >>7. Restart Tomcat > >> > >>HTH > >> > >>Mark > > > --------------------------------------------------------------------- > To unsubscribe, e-mail: > [EMAIL PROTECTED] > For additional commands, e-mail: > [EMAIL PROTECTED] > > __________________________________________________ Do You Yahoo!? Tired of spam? Yahoo! Mail has the best spam protection around http://mail.yahoo.com --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
