Hey Enrico,
I think you have to change which certificate within the keystore is to be used, in tomcat's server.xml file. The default key for tomcat is the first one found in the keystore, so that's probably the original one. You'll need to add a "keyAlias" attribute that points to your self-signed cert.
See http://tomcat.apache.org/tomcat-6.0-doc/config/http.html#SSL_Support


On 01/27/2012 10:54 AM, Enrico Anello (OEKM) wrote:
Dear all,

I have a fedora installation with embedded tomcat which runs with SSL sharing the default self-signed certificate coming with the installation.
Since I need to change that certificate with another self-signed cert made by myself how can I do it?

I've been digging through and I see that tomcats loads the keystore by those parameters:
-Djavax.net.ssl.trustStore=/var/fedora/server/truststore -Djavax.net.ssl.trustStorePassword=tomcat

I have actually changed that truststore with the one generated by myself but nothing happened; if from the browser I check the certificate it keeps saying that is the default one coming from the original installation!

Any tips?

Thank you and Regards,
Enrico Anello

Food and Agriculture Organization of the United Nations
Via delle terme di Caracalla, 1 - 00100 - Rome (Italy)

------------------------------------------------------------------------------ Try before you buy = See our experts in action! The most comprehensive online learning library for Microsoft developers is just $99.99! Visual Studio, SharePoint, SQL - plus HTML5, CSS3, MVC3, Metro Style Apps, more. Free future releases when you subscribe now! http://p.sf.net/sfu/learndevnow-dev2
_______________________________________________ Fedora-commons-users mailing list Fedora-commons-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/fedora-commons-users

Gregory N. Jansen
Developer - Carolina Digital Repository
UNC Chapel Hill Libraries