Hi Adam,

Your first step was:
># keytool -genkey -alias tomcat -keyalg RSA

and your last step was:
># keytool -import trustcacerts -file public.crt -alias tomcat

So you used the same alias ("tomcat") for both the private key and the
signed public key. This is what doesn't work for me, because when I import
the signed public key using the same ("tomcat") alias, my private key gets
overwritten. I've verified this using "keytool list -keystore ./.keystore"

I also have the root cert from GeoTrust in there with alias "root". The
root cert is actually an Equifax cert valid from 1998 to 2018, but the
GeoTrust tech support rep told me to use that one. Could this be the
problem?

Other ideas?

Thanks,

Sonny

>From: Adam Hardy <ahardy.struts@(protected)>

>On 10/11/2003 09:08 PM Sonny Sukumar wrote:
>>
>>[I sent this once before, but got no response, and I'm not sure what to
>>do. Thanks in advance.]
>>
>>Hi guys,
>>
>>I'm trying to setup my Tomcat (4.1.27) server to work with SSL. I got a
>>CA-signed cert to go with my private key and CA root cert, but I'm
>>confused as to how to name the alias for the CA-signed-cert and my private
>>key.
>>
>>The Tomcat SSL How-To is confusing me, becuase it says to give the
>>"tomcat" alias to both the private key and the CA-signed key. I tried it
>>and it overwrote my private key (luckily I made a backup of my keystore).
>>
>>I'm looking at this documentation:
>>http://jakarta.apache.org/tomcat/tomcat-4.1-doc/ssl-howto.html
>>
>>It also doesn't seem possible to configure the alias names in server.xml.
>>So what alias names should I use? :-)

_________________________________________________________________
Instant message with integrated webcam using MSN Messenger 6.0. Try it now
FREE! http://msnmessenger-download.com


---------------------------------------------------------------------
To unsubscribe, e-mail: tomcat-user-unsubscribe@(protected)
For additional commands, e-mail: tomcat-user-help@(protected)