-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Valintin,
On 7/11/20 17:52, Valentin wrote: > Hello, > > I try to configure my tomcat 9.0.37 installed on a windows server > 2016 to use a certificate located in *cert:LocalMachine\My* > > I mention that I am an administrator of this machine. This > certificate is also used by IIS. > > What I did was to configure my server.xml file like this : > > <Connector port="8443" > protocol="org.apache.coyote.http11.Http11NioProtocol" > SSLEnabled="true" maxThreads="150" scheme="https" secure="true" > keyAlias="myserver.domain.com" keystoreFile="" keystorePass="" > keystoreType="Windows-My" clientAuth="false" sslProtocol="TLS" /> > > The error I got in tomcat logs was that the keyAlias doesn't exist > but I used the CN mentioned in the description of my certificate. > > Is it possible for tomcat to use the windows certificate store ? > The only link I found about this was : > https://bz.apache.org/bugzilla/show_bug.cgi?id=56021 What user is the Tomcat process running as? Windows-MY is a user-specific keystore, and LocalAccess or whatever user is being used probably has a different Windows-MY keystore than the "Valintin" user (the login you are logged-in as). - -chris -----BEGIN PGP SIGNATURE----- Comment: Using GnuPG with Thunderbird - https://www.enigmail.net/ iQIzBAEBCAAdFiEEMmKgYcQvxMe7tcJcHPApP6U8pFgFAl8M2zUACgkQHPApP6U8 pFinHA//bdiEo0qRrjc8cFWY99yRm2BTlOUJ6/6kC4yPjBVOBuaP20S0nx8lxSvz cyRyH6xhgSAjtdRAA+uUdlmZ5oU7P7q15L9a+InNHqL0crr8xlmlwGIT/jXIA5iQ E+c2sXYYi+HCLNp2rA/OC8DTA7XI6SI+pQS7kXkEA2gJ1b2BEwJ5qPfLKVq9LzfC r2b2vfWoPXkAxbKslM7dgY2rdQg0Z2UIcmmHfUGsFraa0JEXm7FSw1E6vQQzwvFs rECltE6v/QKLd/sCkuMQ7l7/WFWlcGwKna0IRApYEaTF66+0DKTOLtRzXORZgsbg bH4rKqfEt1/DGGC0m6UMT2vz2CpETVaKx9D0dy9CB9kkbsjyCZTLwzznFkTSjedZ dRDZXU8bfN3l/Iwzsc3zlQLkGpGyhbrHNc2EFFpI087VvyvibGLNWTrgFbGJ8mm1 F3eDjCerfK7CI70x/yxvr8FKpCNCBKyrpqQoj+V58aSBmFHzBaKiZgyExgVwVtp+ PLQC4MvKTxSRoYRRJ1OLrSKTw9zEmVZDJIbMaJeWiJFfrC9ti7nLL3uOPkwqyb2j 4t7HadblRcl8ytGRkyB66vMHaGDCR1BsPnlOmruid3MCWwU+Xh2joSDeku8YP92d Sh9uLm6bK9xc4//RTVMyIwytCWw/zRfT4hK3habjGRYRIJWR/7w= =pUGV -----END PGP SIGNATURE----- --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org