Baran,
On 16.10.2014 19:20, Baran Topal wrote:
I did the new CSR with the new private key.
Ok.
"You could also add protocol attribute to force JSSE connector (BIO or
NIO), to prevent connector auto-selection."
1) What is the protocol attribute and where to add it?
To your Connector config
Thanks for prompt response. I simply missed your mail.
I did the new CSR with the new private key.
"You could also add protocol attribute to force JSSE connector (BIO or
NIO), to prevent connector auto-selection."
1) What is the protocol attribute and where to add it?
2) I think those old cer and
Baran,
On 10.10.2014 21:06, Baran Topal wrote:
Then I received 2 files from the certificate authority, abc.com.cer
and abc.om.p7b
What certificates do those files contain?
Attribute maxSpareThreads is not listed in docs:
http://tomcat.apache.org/tomcat-6.0-doc/config/http.html
You co
Hi;
I have created a keystore and CSR for SSL with the following command:
%JAVA_HOME%\bin\keytool -genkey -alias server -keyalg RSA \
-keystore \path\to\my\keystore
Then I received 2 files from the certificate authority, abc.com.cer
and abc.om.p7b
>From this point, no matter what I have don
Thanks everyone, this has been very informative.
Mark,
On 4.4.2014 23:54, Mark Thomas wrote:
The CA that signed your certificate might not be one of the root CAs
trusted by the user agent. Most likely it is an intermediate CA. The
root CA will have signed the intermediate CA's certificate and the
intermediate CA will have signed your certifica
Mark,
On 4.4.2014 23:00, Mark Murphy wrote:
So let me try to understand what is going on here. I generate a keystore
using keytool, that contains a key. At this point it is equal to a self
signed certificate, and it works, but the browser complains that there is
no CA.
(Standard on this list i
On 04/04/2014 22:00, Mark Murphy wrote:
> So let me try to understand what is going on here. I generate a keystore
> using keytool, that contains a key. At this point it is equal to a self
> signed certificate, and it works, but the browser complains that there is
> no CA. I then need to create a c
Another option I normally use that may work for you (just confirmed it for
myself with tomcat):
1. Copy your private key and signed public certificate in PEM format into a
single file looking like this:
-BEGIN RSA PRIVATE KEY-
Proc-Type: 4,ENCRYPTED
DEK-Info: DES-EDE3-CBC,F2CCC247E25D
Sorry for the dumb questions, I am new to SSL, and want to understand what
I am doing, not just run these instructions, and it should work.
On Fri, Apr 4, 2014 at 5:00 PM, Mark Murphy wrote:
> So let me try to understand what is going on here. I generate a keystore
> using keytool, that contain
So let me try to understand what is going on here. I generate a keystore
using keytool, that contains a key. At this point it is equal to a self
signed certificate, and it works, but the browser complains that there is
no CA. I then need to create a certificate request ad send that off to
goDaddy.
On Apr 4, 2014, at 4:42 PM, Mark Murphy wrote:
> I saw something on StackOverflow that said the key type in the keystore
> needs to be PrivateKeyEntry and not trustedCertEntry. Is this true? When I
> look at my keystore, it is trustedCertEntry for all the certs.
>
> But when I look at the type
On 04/04/2014 21:42, Mark Murphy wrote:
> I saw something on StackOverflow that said the key type in the keystore
> needs to be PrivateKeyEntry and not trustedCertEntry. Is this true? When I
> look at my keystore, it is trustedCertEntry for all the certs.
>
> But when I look at the type for the se
On Apr 4, 2014, at 4:34 PM, Mark Murphy wrote:
> 1.5.0_15
Any chance you could try a more recent JVM? Java 6 or preferably Java 7.
That’s really old.
Dan
>
> On Fri, Apr 4, 2014 at 3:23 PM, Daniel Mikusa wrote:
>> On Apr 4, 2014, at 2:52 PM, Mark Murphy wrote:
>>
>>> Created my keystore
I saw something on StackOverflow that said the key type in the keystore
needs to be PrivateKeyEntry and not trustedCertEntry. Is this true? When I
look at my keystore, it is trustedCertEntry for all the certs.
But when I look at the type for the self signed certificate (which works),
it shows keyE
1.5.0_15
On Fri, Apr 4, 2014 at 3:23 PM, Daniel Mikusa wrote:
> On Apr 4, 2014, at 2:52 PM, Mark Murphy wrote:
>
>> Created my keystore according to the directions here:
>> http://support.godaddy.com/help/article/5239/generating-a-csr-and-installing-an-ssl-certificate-in-tomcat-4x5x6x7x
>
> Ok.
On Apr 4, 2014, at 2:52 PM, Mark Murphy wrote:
> Created my keystore according to the directions here:
> http://support.godaddy.com/help/article/5239/generating-a-csr-and-installing-an-ssl-certificate-in-tomcat-4x5x6x7x
Ok. Good start.
> This is what I see in Chrome:
>
> SSL Connection Error
Created my keystore according to the directions here:
http://support.godaddy.com/help/article/5239/generating-a-csr-and-installing-an-ssl-certificate-in-tomcat-4x5x6x7x
This is what I see in Chrome:
SSL Connection Error
Unable to make a secure connection to the server. This may be a
problem wit
On Apr 4, 2014, at 1:24 PM, Mark Murphy wrote:
> I am trying to set up SSL on tomcat with a CA certificate from goDaddy.
>
> I am unable to load the Web Page using HTTPS.
What exactly happens when you try to access it? Please include browser
behavior and any errors / messages it gives you abo
I am trying to set up SSL on tomcat with a CA certificate from goDaddy.
I am unable to load the Web Page using HTTPS.
When I try to use a self signed certificate, everything works as expected,
but when I change the keystore to point to the one with the CA certificate
in it, I get nothing. There i
>redirectPort="8443" />
> [snip]
>
It seems that you have both the HTTP connectors enabled and that too for the
same port hence the error. Either start those connectors on different ports
or comment one of them.
-sasuke
--
View this message in context:
http
On 24/07/2010 05:20, aung bar hlay wrote:
> I'm running on WindowsXP.
> Path to my keystore file is "c:\is.keystore".
>
>
> And this is server.xml file.
>
>
> ---server.xml---
I'm running on WindowsXP.
Path to my keystore file is "c:\is.keystore".
And this is server.xml file.
---server.xml---
> From: aung bar hlay [mailto:aungbarh...@gmail.com]
> Subject: Tomcat 6 SSL configuration error
>
> I've read tomcat 6 ssl configuration and
> have gone through all the steps.
Be precise - tell us exactly what you did. "All the steps" means nothing,
since th
Try "http://localhost:8443/ <https://localhost:8443/>" (i.e. without the
https). Perhaps the sslEnabled parameter is not configured properly?
--Steve
On Fri, Jul 23, 2010 at 6:26 AM, aung bar hlay wrote:
> hi
>
> I've read tomcat 6 ssl configuration and
>
hi
I've read tomcat 6 ssl configuration and
have gone through all the steps.
My problem is when i open browser and
type "https://localhost:8443/";,
then,it takes too long and at last
display error "connection was reset".
I'm using Apache Tomcat 6.0.18,
Mozilla F
Hello Mark,
Yes. My action was
1) modify server.xml (ciphers="foo,bar"), then
2) restart tomcat server, then
3) test SSL setting with HTTPS, then
4) result: still work well!?
P.S. I also set protocol="org.apache.coyote.http11.Http11Protocol" and
sslProtocol="TLS"
>Lilia wrote:
>> Does anyone
Lilia wrote:
> Does anyone have experience with "ciphers" parameter? Is it possible to limit
> ciphers allowed?
Haven't checked for a while, but it worked the last time I looked. Are you
restarting Tomcat after you change server.xml?
Mark
Hello all,
I use Tomcat 6.0.14, using SSL.
In http://tomcat.apache.org/tomcat-6.0-doc/ssl-howto.html , it says "ciphers
The comma separated list of encryption ciphers that this socket is allowed to
use. By default, any available cipher is allowed."
I try to limit my cipher to
"TLS_RSA_WITH_D
ote:
> From: Roger Roger [mailto:[EMAIL PROTECTED]
> Subject: Re: Tomcat 6 + SSL
>
> I've installed Tomcat 6.0, the default installation
Look in Tomcat's bin directory; if there's a tcnative-1.dll there, you
have APR installed and are using it. If you want to avoid use
> From: Roger Roger [mailto:[EMAIL PROTECTED]
> Subject: Re: Tomcat 6 + SSL
>
> I would like to know what is better to use, and more secure.
Security should be the same, regardless of the connector flavor. APR
should perform better, if that's a concern.
- Chuck
THIS
ns more work. I suppose it's
something you have to do one time.
Cheers, Roger
On 5/23/07, Caldarale, Charles R <[EMAIL PROTECTED]> wrote:
> From: Roger Roger [mailto:[EMAIL PROTECTED]
> Subject: Re: Tomcat 6 + SSL
>
> I've installed Tomcat 6.0, the default installation
Roger Roger wrote:
> Hi Markus, I'm not sure. I've installed Tomcat 6.0, the default
> installation, and don't know about APR. Googling for it I see it refers to
> Apache Portable Runtime.
Yep.
> When I look at the server.xml I find the following:
>
> SSLEngine="on" />
>
> So it looks like it
> From: Roger Roger [mailto:[EMAIL PROTECTED]
> Subject: Re: Tomcat 6 + SSL
>
> I've installed Tomcat 6.0, the default installation
Look in Tomcat's bin directory; if there's a tcnative-1.dll there, you
have APR installed and are using it. If you want to avoid use o
Hi Markus, I'm not sure. I've installed Tomcat 6.0, the default
installation, and don't know about APR. Googling for it I see it refers to
Apache Portable Runtime.
When I look at the server.xml I find the following:
So it looks like it does use APR but I'm not sure about it. If I comment
this
Markus Schönhaber wrote:
> setup wouldn't help you at all wrt creating a HTTP Connector.
Sorry, HTTP*S* Connector was what I wanted to say.
Regards
mks
-
To start a new topic, e-mail: users@tomcat.apache.org
To unsubscribe, e
Roger Roger wrote:
> I used the following connector:
> keystoreFile="C:\Tomcat\keystore\.keystore"
>maxThreads="150" scheme="https" secure="true"
>clientAuth="false" sslProtocol="TLS" />
>
> I tried this with a keystore filename without the starting dot, but that
-Original Message-
> From: Velidanda Srinivas [mailto:[EMAIL PROTECTED]
> Sent: 23 May 2007 15:30
> To: Tomcat Users List
> Subject: RE: Tomcat 6 + SSL
>
>
> Do you have valid .keystore file in the required path,
> usually it refers to C:\Documents and Settings\Defau
5:30
> To: Tomcat Users List
> Subject: RE: Tomcat 6 + SSL
>
>
> Do you have valid .keystore file in the required path,
> usually it refers to C:\Documents and Settings\Default
> User\.keystore file.
>
> Check it out..
>
> > -Original Message-
> > F
Do you have valid .keystore file in the required path,
usually it refers to C:\Documents and Settings\Default User\.keystore file.
Check it out..
> -Original Message-
> From: Roger Roger [mailto:[EMAIL PROTECTED]
> Sent: 23 May 2007 15:27
> To: Tomcat Users List
> Subjec
Thanks Srinivas. I did that, then restarted Tomcat, then if I open
https://127.0.0.1:8443/ or https://localhost:8443/ nothing happens. I get an
error after a long time (more than a minute). Running netstat I see port
8443 is "established". If I try to open a page on a non-existent port, I get
an e
I think you need to uncomment the below
in conf\server.xml as this will be commented by default.
Srinivas.
> -Original Message-
> From: Roger Roger [mailto:[EMAIL PROTECTED]
> Sent: 23 May 2007 15:02
> To: users@tomcat.apache.org
> Subject: Tomcat 6 + SSL
>
&g
I would like to install Tomcat 6.0 with SSL. Tomcat 6.0 works, and I can get
Tomcat 5.5 working with SSL. For some reason I cannot get this to work with
6.0. Do you have any ideas or suggestions what might cause this? I'm working
on a Windows machine.
Thanks, Roger
43 matches
Mail list logo
