java ssl management - keytool assistance

William Muriithi william.muriithi-Re5JQEeQqe8AvxtiuMwx3w at public.gmane.org
Tue Nov 30 21:08:35 UTC 2010


Hello

Got a quick question.  I got an tomcat running on a box and currently
uses a self signed certificate. We purchases a real PKCS certificate
recently and I am struggling swapping the old self signed certificate
for the verisign issued certificate.  Actually, java seem to have
accepted the certificate, but after restarting tomcat, pointing
firefox to the tomcat server still make the browser complain that the
certificate is not valid - in another word, tomcat is still using the
old certificate.

This is how I went about it

/usr/java/jdk1.6.0_21/bin/keytool -import -alias tomcat  -keystore
/usr/java/jdk1.6.0_21/jre/lib/security/cacerts -file key_pkcs3.txt

This run successfully and when I run it again, failed with an error
message that the certificate is already installed.  Which is a
positive thing I guess.

When I run

/usr/java/jdk1.6.0_21/bin/keytool -list  -keystore
/usr/java/jdk1.6.0_21/jre/lib/security/cacerts

I can see the certificate on the list.

I have removed the alias that I had used to install the self signed
certificate, but this have not helped.

What could I be missing here?

William
--
The Toronto Linux Users Group.      Meetings: http://gtalug.org/
TLUG requests: Linux topics, No HTML, wrap text below 80 columns
How to UNSUBSCRIBE: http://gtalug.org/wiki/Mailing_lists





More information about the Legacy mailing list