Gene, On 3.1.2014 14:55, Gene Matthews wrote:
Thie symantec instructions say to ensure the alias for the ssl cert has an Entry Type of PrivateKeyEntry. Mine DOES NOT. Instructions say if it does not, to please import the certificate in the “Private Key” alias.
With JKS keystore you must keep private key and certificates in the same keystore. Therefore, you shouldn't import server certificate and inter. certificates into brand new keystore, but into the "old" keystore -- the one you used to create key pair, and to generate CSR.
I find it strange that Symantec/Verisign didn't mention that explicitly in their documentation.
It also says to ensure the Certificate chain length is 4.
Once you import certificates into the right keystore, check that again.
PS: How does one search the archives of this list? When I browse the archive site I don’t see a search field anywhere. So I’ve been googling without coming up with a solution. it is probably out there but I don’t know enough to recognize it :-(
http://tomcat.apache.org/lists.html Search for "Archives". -Ognjen --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org