In case you still want to run Tomcat Standalone The problem with your setup was that certificate was in the incorrect format. You need to conevert the certificate to der The following links give very detailed instructions on how to achive this. if you still face problems let me know. http://www.comu.de/docs/tomcat_ssl.htm
http://www.openssl.org/docs/apps/pkcs8.html#COMMAND_OPTIONS Regards, Joe --- "Justin L. Spies" <[EMAIL PROTECTED]> wrote: > Ken, > Thanks for the hints. Since they (Apache/Tomcat) > are running on the > same system at this point, that won't be an issue. > Could you point me > the direction of some documentation that would help > me get this setup? > I've setup mod_jk with standard Apache before and it > has been straight > forward. I am assuming that Apache handles the > encryption/decryption > and passes the requests off to Tomcat via the > connector AFTER it > decrypts the request--is this correct? > > Sincerely, > Pantek Incorporated > Justin L. Spies > > URI: http://www.pantek.com > Ph 440.519.1802 > Fax 440.248.5274 > Cell 440.336.3317 > > > -----Original Message----- > From: Ken Anderson [mailto:[EMAIL PROTECTED]] > Sent: Wednesday, December 18, 2002 4:51 PM > To: Tomcat Users List > Subject: Re: Tomcat SSL Setup > > > Have you considered the advantages of using one of > the apache connectors > > instead of tomcat standalone for SSL support? > > I fought with Tomcat ssl support a couple years ago, > and was unable to > get it to work. I'm sure the support is there now, > but ssl support is > transparent if you use mod_jk or mod_webapp with > Apache, and it's > easier, since you already have all the cerificates > in place. > > The downside is that the connection between apache > and tomcat is NOT > encrypted, so if you are running TC and Apache on > different servers, > this might be an issue. > > Ken A. > > > Justin L. Spies wrote: > > One piece of information I forgot to mention: > > O/S: Red Hat Linux 7.2 > > Apache: Custom Compiled 1.3.26 > > Tomcat: 4.0.4 RPM installation > > JSDK: j2sdk1.4.0_01 > > > > Thanks again. > > > > Justin L. Spies > > > > > > -----Original Message----- > > From: Justin L. Spies [mailto:[EMAIL PROTECTED]] > > Sent: Wednesday, December 18, 2002 2:43 PM > > To: [EMAIL PROTECTED] > > Subject: Tomcat SSL Setup > > > > > > Hello all, > > I've been working on getting SSL configured for > Tomcat and seem to be > > having a small problem. I must be mistyping > something because the > > only thing I get back from Netscape 7.0 is: > > "Netscape 7.0 and www.mydomain.com cannot > communicate securely > > because they have no common encryption > algorithms." > > > > Here is what I have done so far: > > > > 1. I changed /etc/tomcat4/server.xml and > uncommented the following: > > > > <Connector > > > className="org.apache.catalina.connector.http.HttpConnector" > > port="8443" minProcessors="5" > maxProcessors="75" > > enableLookups="true" > > acceptCount="10" debug="0" > scheme="https" > secure="true"> > > <Factory > > > className="org.apache.catalina.net.SSLServerSocketFactory" > > clientAuth="false" > > keystoreFile="keystores/mydomain.keystore" > keystorePass="xxxxxxxx" > > protocol="TLS"/> > > </Connector> > > > > 2. I ran the following commands to import the > Verisign key: > > /usr/java/j2sdk1.4.0_01/bin/keytool -import > -alias root \ > > -keystore > /var/tomcat4/keystores/mydomain.keystore \ > > -trustcacerts -file /etc/verisign.key > > > > 3. I ran the following commands to import a > previously created SSL > > certificate > > /usr/java/j2sdk1.4.0_01/bin/keytool -import > -alias tomcat \ > > -keystore > /var/tomcat4/keystores/mydomain.keystore \ > > -trustcacerts -file > /home/httpd/ssl/www.mydomain.com.cer > > > > 4. In /etc/tomcat4/server.xml, I noticed the > following: > > * Download and install JSSE 1.0.2 or > later, and put the JAR > > files > > into "$JAVA_HOME/jre/lib/ext". > > > > I found jsse.jar in $JAVA_HOME/jre/lib so I ran > the following: > > ln -s $JAVA_HOME/jre/lib/jsse.jar > $JAVA_HOME/jre/lib/ext/jsse.jar > > > > 5. I then restarted Tomcat and tried the following > URL: > > > http://www.mydomain.com:8080/examples/servlets/index.hml > > > > This was a test simply to make sure Tomcat > started properly. In > this > > it worked fine. > > > > 6. I then restarted Tomcat and tried the following > URL: > > > https://www.mydomain.com:8443/examples/servlets/index.html > > > > This test failed with the above error message. > > > > > > Does anyone have any ideas? Oh, and BTW, I can > visit > > https://www.mydomain.com/index.html and the home > page for the site > > comes up in SSL mode without a problem, so I know > that the SSL > > certificate, under Apache, is working fine. > > > > Thanks, > > Justin L. Spies > > > > > > > > -- > > To unsubscribe, e-mail: > > > <mailto:[EMAIL PROTECTED]> > > For additional commands, e-mail: > > <mailto:[EMAIL PROTECTED]> > > > > > > > > -- > > To unsubscribe, e-mail: > <mailto:[EMAIL PROTECTED]> > > For additional commands, e-mail: > > <mailto:[EMAIL PROTECTED]> > > > > > > > > > -- > To unsubscribe, e-mail: > <mailto:[EMAIL PROTECTED]> > For additional commands, e-mail: > <mailto:[EMAIL PROTECTED]> > > > > -- > To unsubscribe, e-mail: > <mailto:[EMAIL PROTECTED]> > For additional commands, e-mail: > <mailto:[EMAIL PROTECTED]> > === message truncated === ________________________________________________________________________ Missed your favourite TV serial last night? Try the new, Yahoo! TV. visit http://in.tv.yahoo.com -- To unsubscribe, e-mail: <mailto:[EMAIL PROTECTED]> For additional commands, e-mail: <mailto:[EMAIL PROTECTED]>
