Hi Lucas, I'm using following <connector/> configuration:
<Connector port="8443" maxHttpHeaderSize="8192" maxThreads="150" minSpareThreads="25" maxSpareThreads="75" enableLookups="false" disableUploadTimeout="true" acceptCount="100" scheme="https" secure="true" clientAuth="false" sslProtocol="TLS" /> <Factory className="org.apache.coyote.tomcat4.CoyoteServerSocketFactory" clientAuth="false" protocol="TLS" keystoreFile="keystore/.keystore" keystorePass="changeit" keystoreType="pkcs12" /> Please let me know in case any other details are needed. Thanks, -Hitesh -----Original Message----- From: Lucas Galfaso [mailto:[EMAIL PROTECTED] Sent: Friday, October 26, 2007 7:39 PM To: Tomcat Users List Subject: Re: PKCS#12 type SSL certificate support in Tomcat Can you post the <Connector /> configuration that you are using? - lg On 10/26/07, Hitesh Raghav <[EMAIL PROTECTED]> wrote: > Dear All, > > Is there any limitation to support PKCS#12 type SSL certificate in > Tomcat. > > As per Tomcat User Guide, Tomcat currently operates with JKS, PKCS11 > or > PKCS12 format keystores. > http://tomcat.apache.org/tomcat-5.5-doc/ssl-howto.html > > But, I'm unable to use PKCS#12 certificate in my Tomcat. > > It throws: > > java.io.IOException: Invalid keystore format > at > sun.security.provider.JavaKeyStore.engineLoad(JavaKeyStore.java:633) > at > sun.security.provider.JavaKeyStore$JKS.engineLoad(JavaKeyStore.java:38) > at java.security.KeyStore.load(KeyStore.java:1185) > at > org.apache.tomcat.util.net.jsse.JSSESocketFactory.getStore(JSSESocketF > ac > tory.java:287) > at > org.apache.tomcat.util.net.jsse.JSSESocketFactory.getKeystore(JSSESock > et > Factory.java:227) > at > org.apache.tomcat.util.net.jsse.JSSE14SocketFactory.getKeyManagers(JSS > E1 > 4SocketFactory.java:142) > at > org.apache.tomcat.util.net.jsse.JSSE14SocketFactory.init(JSSE14SocketF > ac > tory.java:110) > at > org.apache.tomcat.util.net.jsse.JSSESocketFactory.createSocket(JSSESoc > ke > tFactory.java:89) > at > org.apache.tomcat.util.net.PoolTcpEndpoint.initEndpoint(PoolTcpEndpoint. > java:293) > at > org.apache.coyote.http11.Http11BaseProtocol.init(Http11BaseProtocol.ja > va > :139) > at > org.apache.catalina.connector.Connector.initialize(Connector.java:1017) > at > org.apache.catalina.core.StandardService.initialize(StandardService.ja > va > :578) > at > org.apache.catalina.core.StandardServer.initialize(StandardServer.java > :7 > 82) > at > org.apache.catalina.startup.Catalina.load(Catalina.java:504) > at > org.apache.catalina.startup.Catalina.load(Catalina.java:524) > at sun.reflect.NativeMethodAccessorImpl.invoke0(Native > Method) > at > sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.j > av > a:39) > at > sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccess > or > Impl.java:25) > at java.lang.reflect.Method.invoke(Method.java:597) > at > org.apache.catalina.startup.Bootstrap.load(Bootstrap.java:267) > at > org.apache.catalina.startup.Bootstrap.main(Bootstrap.java:432) > > Could you please throw some light on PKCS#12 type certificate support. > > Please let me know in case any details are needed. > > > Thanks, > -Hitesh > > --------------------------------------------------------------------- To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] --------------------------------------------------------------------- To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]