Hi All,
This question has been posted before by many. But I guess I have some different
problem. I went through archives but I cant find a solution. I hope somebody has a
solution for it.
I have problems using trusted certificate with Tomcat. We are moving from Weblogic to
Tomcat. The certificate issued by Verisign is working with Weblogic at this point. I
did exactly what it has been said in Tomcat SSL how-to.
1. I imported the cert file given by Verisign in to a keystore,
keytool -import -alias tomcat -trustcacerts -v -file myversign.cert.
- it asked for password, i gave the password as 'changeit'
-it asked for trust the certificate (no)?. I gave 'y'
it created a file called .keystore in my home directory i.e.
/home/skandave/.keystore.
2. In the server.xml I uncommented the SSL Section. Added the attribute
keystoreFile=/home/skandave/.keystore in the Factory tag.
I can bring the server up and it listens to that appropriate port for SSL. But when i
try to invoke the page in IE, it fails, the page doesn't get displayed and IE throws a
DNS look up error.
Then I tried starting up the server with -Djavax.net.debug=all. I see the server has
sent a bunch of certificates and this message is printed,
%% Created: [Session-2, SSL_NULL_WITH_NULL_NULL]
HttpProcessor[9443][4], SEND SSL v3.0 ALERT: fatal, description=handshake_failure
HttpProcessor[9443][4], WRITE: SSL v3.0 ALERT, length=2
I guess there is aproblem in my import of my certificate but I don't how to solve it.
Please help!!
thanks,
Shiv
Visit our website at http://www.ubswarburg.com
This message contains confidential information and is intended only for the individual
named. If you are not the named addressee you should not disseminate, distribute or
copy this e-mail. Please notify the sender immediately by e-mail if you have received
this e-mail by mistake and delete this e-mail from your system.
E-mail transmission cannot be guaranteed to be secure or error-free as information
could be intercepted, corrupted, lost, destroyed, arrive late or incomplete, or
contain viruses. The sender therefore does not accept liability for any errors or
omissions in the contents of this message which arise as a result of e-mail
transmission. If verification is required please request a hard-copy version. This
message is provided for informational purposes and should not be construed as a
solicitation or offer to buy or sell any securities or related financial instruments.
--
To unsubscribe: <mailto:[EMAIL PROTECTED]>
For additional commands: <mailto:[EMAIL PROTECTED]>
Troubles with the list: <mailto:[EMAIL PROTECTED]>
