I had to deal with this issue in Websphere, got Thwate certificate and no matter what i was not able to get the primary and secondary certificate to work in IE browser, only in Firefox and chrome, finally i got a certificate from Verisign and it works well in IE and chrome but not in firefox, this certificate business is very murky with these companies making deals with browser companies and making our life difficult, I bet If you add the primary and intermediate certificate to IE browser it will work fine, if there is another web service who needs to call this then that web service must know all the 3 certificates to authenticate your certificate
On Thu, Nov 17, 2011 at 9:26 AM, Daniel Mikusa <dmik...@vmware.com> wrote: > > On Thu, 2011-11-17 at 05:02 -0800, rosiere wrote: > > Hello, > > > > Of course I restarted my Tomcat. > > No offense meant, had to ask. Can't assume anything. > > > > > This is the SSL portion of my server.xml and it has noting wrong. > > > > > > <Connector port="8443" protocol="HTTP/1.1" SSLEnabled="true" > > maxThreads="150" scheme="https" secure="true" > > keystoreFile="$pathToMyKeystoreFile" > > keyAlias="tomcat" > > keystorePass="tomcat" > > clientAuth="false" sslProtocol="TLS" /> > > > > Yes, agreed. Looks fine assuming that "$pathToMyKeystoreFile" points to > the correct keystore file. > > > What do you see in the output of "keytool -list -v -keystore > $pathToMyKeystoreFile"? In particular, what is listed for "Alias > name:", "Entry type:" and "Certificate chain length" for each entry? > > > Dan > -- Ashish www.ayurwellness.com www.mysoftwareneeds.com
