People on both the Tomcat and Java400-L Lists nailed the problem: it
turned out to be a PTF issue.
Once the customer got the box's PTFs fully in order, Tomcat started up
without a problem, a self-signed certificate brought up their SSL, and
our WAR file uploaded and deployed normally.
They still need to fix their firewall to plumb at least one more port to
the outside world, and of course, they need to get their certificate
signed by a well-known CA, but other than that, they seem to be fine now.
One observation: it seems that for some reason, while Keystore Explorer
(on my Mac) seems to work at least as well as Keytool for most keystore
operations, for some reason, Java keystores that *originate* in Keystore
Explorer get rejected (at least by Tomcat running on IBM Midrange
boxes), whereas those orignating in Keytool work just fine (but Keytool,
for some reason, doesn't seem to work at all on IBM Midrange boxes).
Puzzling.
--
JHHL
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org