You can revoke/renew with verisign for NO CHARGE within 30days. FWIW: We specify RSA.
Bruce Perryman wrote:
Thanks Mark, and all others, for your help.
As I mentioned, we did get this to work. The only
problem was that we didn't specify the keyalg param
nor rsa so the default is dsa.
I posted another question "Is DSA OK", but no one seems to know. It appears that DSA doesn't handle encryption, but I'm not sure also it seems that there can be compatiblity issues between RSA and DSA. But since I've already gotten the cert from the CA, I may be screwed.
Any ideas?
--- Mark Thomas <[EMAIL PROTECTED]> wrote:
---------------------------------------------------------------------Bruce,
Sorry. Don't know. I have only ever got it working
using RSA. However, when I did this I got so many things wrong the first
20 or so times I tried it it could have been anything stopping it
working.
Mark
Bruce Perryman wrote:
Thanks,
It worked, the only problem is that we failed to specify the RSA algorithm.
Are we screwed for using DSA?
--- Mark Thomas <[EMAIL PROTECTED]> wrote:
The following steps should work (although I have
only ever done this using my own CA).
1. Create tomcat key in your own keystore
2. Create CSR
3. Submit CSR
4. Get response
5. Import CA's root cert to cacerts
(%JAVA_HOME%\jre\lib\security\cacerts)
6. Import new cert to same keystore as 1 (use same
alias & trustcacerts option)
7. Restart Tomcat
HTH
Mark
To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
__________________________________________________
Do You Yahoo!?
Tired of spam? Yahoo! Mail has the best spam protection around http://mail.yahoo.com
--------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
--------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
