it works for me with this conf. <Connector port="8443" protocol="HTTP/1.1" SSLEnabled="true" address="<IPADDRESS>" executor="<THREADNAME>" scheme="https" secure="true" keystoreFile="<PATH of keystore file>" keystorePass="<PASSWRD>" sslProtocol="TLSv1" />
On Mon, Nov 24, 2014 at 11:27 AM, Niranjan Babu Bommu < niranjan.bo...@gmail.com> wrote: > Are you able to see the 8443 port listening? > > nc -z <ipaddress> 8443 > > On Mon, Nov 24, 2014 at 11:25 AM, Kernel freak <kernelfr...@gmail.com> > wrote: > >> I have added the certificate. I modified the server.xml code to add the >> following lines : >> <Connector port="8443" protocol="HTTP/1.1" SSLEnabled="true" >> maxThreads="150" >> scheme="https" secure="true" clientAuth="false" >> sslProtocol="TLS" >> keystoreFile="/root/.keystore" keystorepass="password for >> keystore" /> >> >> Now when I open the application, it redirects to https, but it says unable >> to connect, your connection to this website maynotbe encrypted. What am I >> doing wrong? >> >> >> >> On Mon, Nov 24, 2014 at 5:20 PM, Niranjan Babu Bommu < >> niranjan.bo...@gmail.com> wrote: >> >> > Sorry, I did not notice that. >> > >> > >> > - *Import a root or intermediate CA certificate to an existing Java >> > keystore* >> > >> > keytool -import -trustcacerts -alias root -file *ca.crt* -keystore >> > *yourkeystore.jks* >> > >> > >> > On Mon, Nov 24, 2014 at 11:02 AM, Kernel freak <kernelfr...@gmail.com> >> > wrote: >> > >> > > Thank you, and what about the CA-Bundle file? Did you got a chance to >> > look >> > > at the question I have posted on Stackoverflow mentioned in the >> original >> > > question? >> > > >> > > On Mon, Nov 24, 2014 at 4:51 PM, Niranjan Babu Bommu < >> > > niranjan.bo...@gmail.com> wrote: >> > > >> > > > Hi Kernel, >> > > > >> > > > I think you have create a keystore from the cert, please follow >> these >> > > > instruction and ket me know. >> > > > >> > > > Create store with temporary key inside: >> > > > >> > > > keytool -genkey -alias <alias name> -keystore yourkeystore.jks >> > -storepass >> > > > Hello1 >> > > > Then delete existing entry: >> > > > >> > > > keytool -delete -alias temp -keystore yourkeystore.jks -storepass >> > Hello1 >> > > > Now you've got empty store. You can check that it's empty: >> > > > >> > > > keytool -list -keystore yourkeystore.jks -storepass Hello1 >> > > > Then import your certificate to the store: >> > > > >> > > > keytool -import -alias <alias name> -file cert_file.crt -keypass >> > keypass >> > > > -keystore yourkeystore.jks -storepass Hello1 >> > > > >> > > > >> > > > Thanks >> > > > Niranjan >> > > > >> > > > >> > > > On Mon, Nov 24, 2014 at 10:13 AM, Kernel freak < >> kernelfr...@gmail.com> >> > > > wrote: >> > > > >> > > > > Hello friends, >> > > > > >> > > > > I am using apache tomcat and I would like to deploy a Spring-MVC >> > > > > application which I am working on. In that, via Spring-Security I >> > have >> > > > > specified to use https which requires to install the SSL >> certificate >> > on >> > > > the >> > > > > server. >> > > > > I am running a Debian Wheezy server, and I have certificate files >> > with >> > > > > extension as .crt and .ca-bundle. Unfortunately I cannot find any >> > > > resources >> > > > > which mention where and how to install these files. What I found >> was >> > > > these >> > > > > files are meant for webserver. Is that correct? If yes, can I use >> > them >> > > to >> > > > > deploy these 2 files? Kindly let me know. Also if anyone can help >> me >> > > with >> > > > > one more problem I have posted on StackOverflow : >> > > > > >> > > > > >> > > > >> > > >> > >> http://stackoverflow.com/questions/27106983/configuring-apache-tomcat-to-start-webapp-by-default >> > > > > >> > > > > Regards, >> > > > > Kernel >> > > > > >> > > > >> > > > >> > > > >> > > > -- >> > > > *Thanks* >> > > > *Niranjan* >> > > > *+1 781.956.6900* >> > > > >> > > >> > >> > >> > >> > -- >> > *Thanks* >> > *Niranjan* >> > *+1 781.956.6900* >> > >> > > > > -- > *Thanks* > *Niranjan* > *+1 781.956.6900 <%2B1%20781.956.6900>* > -- *Thanks* *Niranjan* *+1 781.956.6900*