Re: X.509 cert not exporting CA chain?

From: Aravind <aravindragunathan@xxxxxxxxx>
Date: Mon, 30 Jun 2008 03:02:49 -0700 (PDT)

Hi Ran,
Your requirement (SSL Certificate for HTTPS access to your web
application) is different from the one suggested in
http://www.dallaway.com/acad/webstart/.
http://www.dallaway.com/acad/webstart/ gives the instructions for
digitally signing a Java Web Start (JNLP) application, whereas your
requirement is to access your web application through HTTP over SSL
(HTTPS) connection.
For HTTPS connection to tomcat, you need to get a SSL Certificate as
opposed to Email Signer Certificate that you got from Thawte.

You may get a 14 day trial SSL Certificate from Verisign - http://www.verisign.com/
There are other Free SSL Certificate providers such as http://cert.startcom.org/.
However, Internet Explorer may not have the CA Root Certificate of
this provider and hence you may need to install the CA Root
certificate manually.

For more information on using the SSL Certificate with Tomcat, you can
refer to 'Installing a Certificate from a Certificate Authority'
section of http://tomcat.apache.org/tomcat-6.0-doc/ssl-howto.html

Hope this helps.

Regards,
Aravind. R

On Jun 29, 7:18 pm, "R@nsh!" <ran.sheNOThar@gmail~.com> wrote:

Hi,
Got an X.509 certificate from Thawte.
Manipulated it as described here:http://www.dallaway.com/acad/webstart/, so that now the CA reply is in
my "keystore.ks".
When I tell Tomcat to use this as my keystore, it loads and everything,
BUT it shows as "self signed" - no mention that the cert comes from
Thawte, which kinds of defeat the purpose...
Seehttps://66.166.204.121:8443/managementtool/for the exact message.

Anything wrong with the way I did the certificate request / import / export?

Thanks,

References:
- X.509 cert not exporting CA chain?
  - From: R@nsh!

Prev by Date: Re: Translate attempt
Next by Date: Re: Checked Exception loophole
Previous by thread: Re: X.509 cert not exporting CA chain?
Next by thread: Timer Schedule TimerTask for same hour every day
Index(es):
- Date
- Thread

Relevant Pages

Re: SBS2003 R2 Exchange issue
... SBS server, when you expand Public Folders, you get error: SSL certificate ... Restart Exchange System Manager. ...
(microsoft.public.windows.server.sbs)
RE: netsh error - 1312
... \par SSL Certificate add failed, ... \par I've just performed a local test, including test cert creating, ssl port registering and WCF service host and running. ... For certificate creation and ssl port registring, ...
(microsoft.public.dotnet.framework.webservices)
RE: netsh error - 1312
... Running the example from the article I was able to create the certificate ... you're encountering the following error when registring ... SSL Certificate add failed, Error: ... Microsoft MSDN Online Support Lead ...
(microsoft.public.dotnet.framework.webservices)
RE: netsh error - 1312
... Restricting netsh to domain admins does not seem like ... to log on to each workstation just to install the ssl certificate. ... certificate request wizard to generate a SSL certificate creation request. ... Microsoft MSDN Online Support Lead ...
(microsoft.public.dotnet.framework.webservices)
Re: local server name
... settings, it must match the SSL Certificate exactly. ... certificate provider reissue your certificate to match your .com address. ... how do I get an SSL certificate to bears my public FQDN ?? ... I'm testing my newly installed Exchange server. ...
(microsoft.public.exchange.setup)