Certificate Chain in Tomcat

didi1976 Jan 8, 2004 8:40 AM

Hi,

I have a problem with the certificate chain, which is returned by Tomcat on any request.

Yesterday the intermediate certificate of Verisign expired. I have replaced the old certificate with the new one from Verisign but all browsers still show me the old one.

I am using JBoss 3.2.1 with Tomcat on a Win 2000 Server with Java 1.4.2_03.

Do I have to replace the intermediate certificate at any other place than the certificate store of Tomcat?

Regards,
Dietmar

1. Re: Certificate Chain in Tomcat

didi1976 Jan 9, 2004 6:44 AM (in response to didi1976)

Ok, I found it myself.

First of all, simply replacing the old intermediate certificate does not do the job.

You need to reimport your server certificate as well after importing the new intermediate certificate of Verisign.
Actions
2. Re: Certificate Chain in Tomcat

danielo_d Jan 23, 2004 11:00 AM (in response to didi1976)

Didi1976, was that on the Tomcat server or the browser or the JBoss app? Is there an keystore you have to do provide to JBoss?

Have a client w/JBoss monitoring availability of a site w/SSL.
The webserver is Win2000 using IIS. Imported new Interm Cert on server and several browsers verified the chain. However, the JBoss app still doesn't see the new Interm CA. Trust store issue of JBoss?
Actions

Go to original post