importing ssl certificates

rockpapergoat
Contributor III

on a rhel 6.2 install with openjdk and the official linux jss installed (not via source), i'm trying to import ssl certs to the tomcat keystore.

importing the root CA and the cert for the host looks like it works fine. both show up in the keystore.

upon restarting tomcat, i get the following:

SEVERE: Failed to initialize end point associated with ProtocolHandler ["http-bio-8443"] java.io.IOException: SSL configuration is invalid due to No available certificate or key corresponds to the SSL cipher suites which are enabled.

what am i missing here, if anything?

3 REPLIES 3

jarednichols
Honored Contributor

You importing the Root CA to the same keystore or the cacerts keystore? I believe at some point Tomcat (late 6/early 7?) moved where it would look for Root CA to only the cacerts keystore ($JAVA_HOME/jre/lib/security/cacerts)

I also assume you've got the private key too, though that seems a bit too level 1 for you ;)

rockpapergoat
Contributor III

hmmm… i'll check on that. i think i have pub and private keys here, so that should be good. i'll try importing the root to the cacerts store if it's not there already.

jarednichols
Honored Contributor

Also, if you're running GUI on that server, check out Portecle. http://portecle.sourceforge.net/