CODEWITHSUNDEEP
tomcatsslactive-directorycertificatekeytool
nmmsantos
nmmsantos

Reputation: 325

Tomcat with SSL

I'm trying to add SSL in tomcat, using certificates obtained from the AD Server.

I used the MMC tool to obtain my personal certificate, an intermediate certificate and the root certificate, of the active directory.

These are the commands that I used to import them on a keystore:

keytool -import -trustcacert -alias root -file rootcert.cer -keystore keystore
keytool -import -trustcacert -alias intermediate -file intercert.cer -keystore keystore
keytool -import -trustcacert -alias nunocert -file nunocert.cer -keystore keystore

With that done, I altered the server.xml and added this:

<Connector port="8443" maxThreads="150" scheme="https" secure="true" 
 SSLEnabled="true"   keystoreFile="D:/apache-tomcat-7.0.27/conf/keystore.jks" 
 keystorePass="password" clientAuth="false" 
 keyAlias="nunocert" sslProtocol="TLS"/>

After restarting and trying to access 

https://localhost:8443

I always get connection refused.

What am I doing wrong?

Upvotes: 0

Views: 2703

Answers (2)

Cratylus
Cratylus

Reputation: 54074

You need a keystore with the private key for Tomcat.
What you have done is import various certificates from your computer to a keystore.
Either extract your private key into a PKCS12 bundle and then set it to tomcat storetype=pkcs12 or create a keystore for use for tomcat

Upvotes: 1

helios
helios

Reputation: 2821

The configuration seems to be correct. Which broser are you using? Try adding root and intermediate certificates in the browser manually and see if that helps. If it doesn't help, restart JBoss with the VM parameter -Dssl.debug=true and check your server logs for additional information related to this failure.

Upvotes: 0

Related Questions