Using Tomcat 6.0.14 on an amazon EC2 server instance, trying to get SSL
working.
1) succeeded when following Tomcat doc for installing a self-signed
certificate so I know server works and can do SSL
2) tomcat gives errors on startup using a .keystore made with java keytool
by adding cert chain from go-daddy.
Here's server.xml connector being used:
<Connector protocol="HTTP/1.1" port="443" SSLEnabled="true"
keystoreFile="/root/tomcat.keystore" keystorePass="changeit"
maxThreads="150" scheme="https" secure="true"
clientAuth="false" sslProtocol="TLS" />
I proved that it is finding the tomcat.keystore by renaming and getting a
not-found error.
Running keytool -list on it reveals 3 entries:
Keystore type: JKS
Keystore provider: SUN
Your keystore contains 3 entries
intermediate, Jul 8, 2010, trustedCertEntry,
Certificate fingerprint (MD5):
D5:DF:85:B7:9A:52:87:D1:8C:D5:0F:90:23:2D:B5:34
tomcat, Jul 8, 2010, trustedCertEntry,
Certificate fingerprint (MD5):
73:B5:1A:91:E5:F5:56:A1:10:8A:95:E1:A5:7A:0D:AF
cross, Jul 8, 2010, trustedCertEntry,
Certificate fingerprint (MD5):
82:BD:9A:0B:82:6A:0E:3E:91:AD:3E:27:04:2B:3F:45
After startup.sh, my catalina.out says:
javax.net.ssl.SSLException: No available certificate or key corresponds to
the SSL cipher suites which are enabled.
Anything obvious I'm missing??
Allen Razdow
founder & president
True Engineering Technology, LLC
One Broadway, Cambridge, MA 02142 USA
T: +1.617.674.2460 x101
E-mail: [email protected]
