3

I have created a certificate in my system using this command:

keytool -export -file test.cert -keystore test -storepass 123456 -alias sriram 
Ans: Certificate stored in file <test.cert>.

I have imported this certificate in cacerts of new system using the command :

keytool -importcert -trustcacerts -file "path-to-public-cert" -keystore JAVA_HOME/jre/lib/security/cacerts".

The output is something like this:Trust this certificate? [no]: yes Certificate was added to keystore.

But still I am getting the link error when I run my jar file in new system...Where I went wrong??

linuxeasy
  • 6,269
  • 7
  • 33
  • 40
user10101
  • 379
  • 1
  • 7
  • 18
  • and have you added the certificate configurations correctly in your tomcat? can you show me the tomcat server.xml with regards to ssl? – linuxeasy Apr 09 '12 at 11:48
  • http://stackoverflow.com/questions/2290570/pkix-path-building-failed-while-making-ssl-connection this link might help you – linuxeasy Apr 09 '12 at 11:52
  • [link](http://pastie.org/3755116)..This is in my system(server) – user10101 Apr 09 '12 at 11:52
  • @linuxeasy:you may go through this [basic problem](http://stackoverflow.com/questions/9989340/java-application-using-https-connectionconnection-refused-error)..so that you may get better idea of my problem... – user10101 Apr 09 '12 at 11:54
  • [link](http://pastie.org/3755134) try matching up with the config, Even I was going thru the same errors. Also try to follow [these](https://wiki.jasig.org/display/CASUM/Demo) steps, uptil certification creation and apache config, ignore CAS stuffs. May be it will help you – linuxeasy Apr 09 '12 at 11:59
  • The server.xml you specified should be on the server side?? – user10101 Apr 09 '12 at 12:13
  • yes, this should be on server side – linuxeasy Apr 09 '12 at 12:26

1 Answers1

0

Try to read the Apache Tomcat SSL Configuration How-To.

In Edit the Tomcat Configuration File paragraph it explain that you can had the keystoreFile attribute to the connector configuration.

<Connector 
           port="8443" maxThreads="200"
           scheme="https" secure="true" SSLEnabled="true"
           keystoreFile="${user.home}/.keystore" keystorePass="changeit"
           clientAuth="false" sslProtocol="TLS"/>
dash1e
  • 7,677
  • 1
  • 30
  • 35