Ben Monnahan wrote:

> I'm following the instructions for installing a certificate from a CA
> found here:
> http://jakarta.apache.org/tomcat/tomcat-5.0-doc/ssl-howto.html
>
> Everything went fine until the step where you import the chain cert.
> I entered this command:
> keytool -import -v -alias root -keystore .keystore -trustcacerts \
> -file amon-chain.cer

I just installed my first "real" cert (from Thawte) on my Tomcat
4.1.29 installation, and feeling uncertainty due in part to having
accidentally stomped on my keystore between request generation and
receipt :-) asked Thawte why their install instructions differed
from the Tomcat doc. As in, theirs (Thawte's) said you don't need
the "chain" cert at all.

And apparently they're right :-)

I just imported the PKCS7-format cert they gave me, including the
-trustcacerts flag, and tickety-boo and Bob's y'r uncle.

HTH!
--
Hassan Schroeder ----------------------------- hassan@(protected)
Webtuitive Design === (+1) 408-938-0567  === http://webtuitive.com

                 dream. code.



---------------------------------------------------------------------
To unsubscribe, e-mail: tomcat-user-unsubscribe@(protected)
For additional commands, e-mail: tomcat-user-help@(protected)