On Sun, May 3, 2015 at 7:48 PM, jairaj kamal <jairaj.ka...@gmail.com> wrote:
> Hello, > > I created a keystore via Keytool, CSR file and received below root and > intermediate certificates. > > I have got both TestRoot.cer & TestCA.cer certificates imported in keystore > via keytool but still in browser it shows in red and looks issue with > certificate is not resolved yet. > > Do i need to convert dot extension of above certs to PKCS12 format, how to > resolve it ? > There's a lot that could be going on here. You need to try and narrow down the problem. 1.) Include the <Connector /> tag from `conf/server.xml` so we can see how you've configured Tomcat. 2.) Include the exact version of Tomcat you're using. 3.) Are you connecting directly to Tomcat or is there an HTTPD or some other server acting as a reverse proxy in between? 4.) Look at the certificate as displayed by your browser. In Chrome, click the lock in the tool bar, other browsers are similar. Look at the details on the certificate and see what certificate you're being presented. Is it the once that you purchased? or perhaps an older self-signed on? That should get you started. Dan > > *Jairaj Kamal* >
