Wondering if someone can enlighten me on where im screwing this up! I have a keytool created keystore, a primary, secondary and ssl cert from Thawte. I originally created the CSR with openssl then using the process documented converted the private key to PKCS12 to import into the keystore.
I believe i have imported them all in to the keystore ok (but obviously not!) but the error i'm getting from Tomcat is: 'java.io.IOException Alias name does not identify a key entry
If i do akeytool -list -keystore keystore.ks this is what i get:
Keystore type: JKS
Keystore provider: SUN
Your keystore contains 4 entries
secondary, Jun 22, 2012, trustedCertEntry,
Certificate fingerprint (MD5): EB:A3:71:66:38:5E:3E:F4:24:64:ED:97:52:E9:9F:1B
tomcat, Jun 22, 2012, trustedCertEntry,
Certificate fingerprint (MD5): EA:D0:43:F8:7F:D5:1C:4A:BA:A7:F4:64:A9:6A:A1:B0
primary, Jun 22, 2012, trustedCertEntry,
Certificate fingerprint (MD5): D6:6A:92:1C:83:BF:A2:AE:6F:99:5B:44:E7:C2:AB:2A
1, Jul 2, 2012, PrivateKeyEntry,
Certificate fingerprint (MD5): EA:D0:43:F8:7F:D5:1C:4A:BA:A7:F4:64:A9:6A:A1:B0
I'm pretty sure my Tomcat server.xml is ok but here it is too for the https connector:
<Connector port="443"
protocol="org.apache.coyote.http11.Http11Protocol"
maxHttpHeaderSize="8192"
SSLEnabled="true"
maxThreads="150"
minSpareThreads="25"
maxSpareThreads="75"
enableLookups="false"
disableUploadTimeout="true"
acceptCount="100"
scheme="https"
secure="true"
clientAuth="false"
sslProtocol="TLS"
URIEncoding="UTF-8"
keystorePass="xxxxxx"
keystoreFile="/keys/keystore.ks"
keyAlias="tomcat"/>
Any ideas? This is the first time i've done this so maybe ive messed up something blindingly obvious?
THe site works fine on port 80.
Would LOVE to hear some suggestions :)
