Hello Victor- you may want to follow the directions on how to create an empty keystore and then import Import the private key/certificate chain into the java keystore using extkeytool http://www.switch.ch/aai/certificates/certificateupdate.html
then take a look at the keys afterwards at keytool -v -list -keystore www.example.edu.jks Anyone else? M-- This e-mail communication and any attachments may contain confidential and privileged information for the use of the designated recipients named above. If you are not the intended recipient, you are hereby notified that you have received this communication in error and that any review, disclosure, dissemination, distribution or copying of it or its contents ----- Original Message ----- From: "Víctor Torres - UPF" <[EMAIL PROTECTED]> To: <users@tomcat.apache.org> Sent: Tuesday, October 24, 2006 9:14 AM Subject: problem with truststoreFile in server.xml > Dear all, > > I have configured my Tomcat 5.5.17 to require SSL client authentication. For > this purpose, I have stored my root CA certificate into a PKCS12 keystore > which I use as truststoreFile by configuring server.xml. This CA certificate > is used to sign user certificates that I want to be trusted. > > The problem I have is the following: > - truststoreFile (PKCS12) contains root CA certificate + private key -> > everything works perfectly. > - truststoreFile (PKCS12) contains root CA certificate -> clients cannot > connect. > > truststoreFile should not contain private keys, so why does Tomcat behave in > this way? > > Thanks in advance. > > > > > > > --------------------------------------------------------------------- > To start a new topic, e-mail: users@tomcat.apache.org > To unsubscribe, e-mail: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED] > >
