The way we got client auth to work is to import the trusted root cert into
the cacerts truststore contained in {JAVA_HOME}/jre/lib/security.Use keytool and a password of changeit. John > -----Original Message----- > From: Shubha Somayaji [mailto:[EMAIL PROTECTED]] > Sent: 21 September 2002 06:38 > To: [EMAIL PROTECTED] > Subject: Tomcat4.0 with SSL on windows2000 > > > Hello, > I am trying to integrate tomcat4.0 will SSL on windows2000. I did the > following steps. > > 1. Downloaded jsse and set the classpath for the jars > 2. keytool -genkey -alias tomcat -keyalg RSA > 3. keytool -certreq -keyalg RSA -alias tomcat -file certreq.csr > 4. Submited the certreq.csr to verisign for 14days trial server ID > 5. I got a file getcacert.cer and a certificate as a text by email. > 6 Copied the text and save it as xxx.crt > 7. Imported the getcacert.cer on to the IE5 Trusted root authoroities > 8. Imported both getcacert.cer and xxx.crt to .keystore created in my > home directory. > 9. Uncommented the https part of connector in server.xml and made > clientAuth=true > 10.Started the tomcat > > Now the problem is when I enter the url https://localhost:8443 it is > showing me the empty 'Client Authentication' dialog box. > I do not understand where I have gone wrong. I tried another approch of > creating the certificate using openssl and importing it to the > .keystore. But while importing it gives me error "public key and > keystore doesn't match". > Can anyone of you please help me as soon as possible with the steps to > follow in achieving this. > > Thanking you, > Regards > Shubha > > -- To unsubscribe, e-mail: <mailto:[EMAIL PROTECTED]> For additional commands, e-mail: <mailto:[EMAIL PROTECTED]>
