ssl - Importing trusted authority key in tomcat -
i want deploy trusted ca key on tomcat, facing problems. went through documentation, , other resources on net, few errors. describe first keys have.
- server.crt : key provided hosting guys, it's server's key on tomcat there
- trustedca.crt : ssl key provided ca authorities want deploy.
as per documentation, if go , give following command :
keytool -genkey -alias tomcat -keyalg rsa
and add the trustedca.crt flag -trustcacerts, see exception mozilla saying
the key used on site self signed
if dont step 1, , plain import trustedca.crt alias tomcat, error follows :
ssl_error_no_cypher_overlap
i can't figure out doing wrong. tomcat configured use ssl connection following config in server.xml :
<connector port="8443" protocol="http/1.1" sslenabled="true" maxthreads="150" scheme="https" secure="true" keystorefile="/home/akshay/keystore/.keystore" keystorepass="password" clientauth="false" sslprotocol="tls"/>
also, if try use command mentioned below apache ssl guide, have error no certificates loaded.
openssl pkcs12 -export -in mycert.crt -inkey mykey.key \ -out mycert.p12 -name tomcat -cafile myca.crt \ -caname root -chain
i don't understand going wrong. nice. thank much.
Comments
Post a Comment