Already imported your client.p12 into firefox? http://www.utexas.edu/its/help/user-certs/817
Il 16/giu/2014 00:22 Grip In <gripic...@gmail.com> ha scritto: > > Getting > > An error occurred during a connection to localhost:8443. > SSL peer cannot verify your certificate. > (Error code: ssl_error_bad_cert_alert) > > In firefox on windows 7 with tomcat 7 > > Here is what I did as per > http://tomcat.10.x6.nabble.com/tomcat-mutual-authentication-doesn-t-work-td2133404.html#a5018750 > > > 1. "keytool.exe" -genkeypair -keystore tomcat.keystore > > 2. "keytool.exe" -genkeypair -keystore client.keystore > > 3a. "keytool.exe" -exportcert -keystore client.keystore -file client.cert > > 3b. "keytool.exe" -importcert -keystore server.truststore -file client.cert > > 4. "keytool.exe" -importkeystore -srckeystore client.keystore > -srcstoretype jks -destkeystore client.p12 -deststoretype pkcs12 > > "keytool.exe" -list -keystore tomcat.keystore > Enter keystore password: > > Keystore type: JKS > Keystore provider: SUN > > Your keystore contains 1 entry > > mykey, Jun 16, 2014, PrivateKeyEntry, > Certificate fingerprint (SHA1): > E7:5E:F8:1F:BC:24:96:E2:D6:87:BF:3A:94:CD:53:14:C6:0E:A6:A5 > > "keytool.exe" -list -keystore server.truststore > Enter keystore password: > > Keystore type: JKS > Keystore provider: SUN > > Your keystore contains 1 entry > > mykey, Jun 16, 2014, trustedCertEntry, > Certificate fingerprint (SHA1): > 81:C9:BF:20:E9:D8:18:7E:E5:F7:54:B1:68:0B:00:65:DB:13:8E:52 > > > My server.xml enteries are > > <Connector port="8443" protocol="HTTP/1.1" SSLEnabled="true" > keystoreFile="path\tomcat.keystore" keystorePass="tomcat" > truststorefile="path\server.truststore" truststorepass="client" > maxThreads="1500" scheme="https" secure="true" clientAuth="true" > sslProtocol="TLS" /> > > My tomcat user enteries are > > <user username="CN=Server, OU=Gripic, O=TechnoPotence, L=Pune, ST=MH, C=IN" > password="null" roles="admin"/> > > > But could not get the resolution > > Please help urgent.