2 Replies Latest reply on Jan 23, 2004 11:00 AM by danielo_d

    Certificate Chain in Tomcat

    Dietmar Scheidl Newbie

      Hi,

      I have a problem with the certificate chain, which is returned by Tomcat on any request.

      Yesterday the intermediate certificate of Verisign expired. I have replaced the old certificate with the new one from Verisign but all browsers still show me the old one.

      I am using JBoss 3.2.1 with Tomcat on a Win 2000 Server with Java 1.4.2_03.

      Do I have to replace the intermediate certificate at any other place than the certificate store of Tomcat?

      Regards,
      Dietmar

        • 1. Re: Certificate Chain in Tomcat
          Dietmar Scheidl Newbie

          Ok, I found it myself.

          First of all, simply replacing the old intermediate certificate does not do the job.

          You need to reimport your server certificate as well after importing the new intermediate certificate of Verisign.

          • 2. Re: Certificate Chain in Tomcat
            danielo_d Newbie

            Didi1976, was that on the Tomcat server or the browser or the JBoss app? Is there an keystore you have to do provide to JBoss?

            Have a client w/JBoss monitoring availability of a site w/SSL.
            The webserver is Win2000 using IIS. Imported new Interm Cert on server and several browsers verified the chain. However, the JBoss app still doesn't see the new Interm CA. Trust store issue of JBoss?