On 30 September 2015 16:13:38 BST, Kernel freak <kernelfr...@gmail.com> wrote: >Hi guys, > >I am trying to setup https on tomcat, but not having much luck since 5 >hours. I am always getting no_cypher_overlap errror. >The certificate is not self-signed, but issued. The crt file I am >importing >for both root and tomcat alias. > >These are the files I have domainname.ca-bundle, .crt, .csr, .key, >.p12, >domainname.jks, > >THis is the command I gave : > >keytool -import -trustcacerts -alias root -file domainname.crt -keyalg >RSA >-keystore domainaname.jks > >Connector looks like this : > > <Connector port="443" protocol="HTTP/1.1" SSLEnabled="true" >maxThreads="200" compression="force" > compressionMinSize="1024" scheme="https" secure="true" >clientAuth="false" sslEnabledProtocols="TLSv1.2,TLSv1.1,TLSv1" >sslProtocol="TLS" URIEncoding="utf-8" > compressableMimeType="text/html,text/xml,text/plain,text/css,text/ >javascript,application/x-javascript,application/javascript" > keystoreFile="domain.jks" keystorePass="pass" /> > >Still it is not working, there are so many users out there, who have >the > >same problem, and still there is no good solution for this. > >I have also posted it on Stackoverflow(Link below), no help there too. >If > >anyone knows what I can do, kindly let me know. THis is messed up to > >configure https for 5 hours with issued certificate. Thanks. > >http://stackoverflow.com/questions/32866528/apache-tomcat-importing-already-existing-certificates-into-keystore > >Regards, >Kernel
ssllabs is your friend. Mark
