Windows and Tomcat8.05 with WinSimple 1.9.1


#1

Thanks for reading this topic at first.
My domain is:
atestfind.ngrok.cc
I ran this command:
letsencrypt.exe --accepttos --manualhost atestfind.ngrok.cc --webroot E:\Jobs\YIKE\server\apache-tomcat-8.0.5\webapps
It produced this output:
it produced these files like below:
atestfind.ngrok.cc-all.pfx、atestfind.ngrok.cc-chain.pem、atestfind.ngrok.cc-crt.pem、atestfind.ngrok.cc-key.pem
My operating system is (include version):windows7 SP1

My web server is (include version): Tomcat 8.05

I can login to a root shell on my machine (yes or no, or I don’t know):
yes
I’m using a control panel to manage my site (no, or provide the name and version of the control panel):
no

///////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////
I used letsencrypt-win-simple.V1.9.1 to get certificates.
When I got the certificates ,I set it like discribed by http://www.cnblogs.com/blog5277/p/6375473.html,
but the tomcat not works. I set the server.xml like below:


but I got a exception:
java.io.EOFException
at java.io.DataInputStream.readInt(DataInputStream.java:392)
at sun.security.provider.JavaKeyStore.engineLoad(JavaKeyStore.java:645)
The all files I get through letsencrypt-win-simple just like below picture:

I’ve no idea about this.
What should I do,or which one file should be set in the server.xml? Thanks.


#2

Hi @kwan

I ran through this a while ago and recorded the result below.

The error you are getting is due to the system trying to load a keystore so not sure if there is another keystore configured in Tomcat elsewhere that is missing.

Andrei


#3

Thanks a lot for your reply.I found the poblem what Tomcat 8.5 is different to below.
It can refer to this url:'https://tomcat.apache.org/tomcat-8.0-doc/ssl-howto.html’.It’s about tomcat 8.0x 's setting.
tomcat 8.0x needs a jks ,which was transfered from xxx-chain.pem and xxx-key.pem.The frist one is certificate and the 2nd file is private key.
There’re some web site support the transfer service ,like this one:‘https://www.trustasia.com/tools-cert-converter’.


#4

hi @kwan

Ok. I suggest this tool as this is what I use for working with JKS files http://keystore-explorer.org/ for now manually. It’s very intuitive

When I have had a bit more of a think I will post a hook for converting the PFX/PEM files WinSimple Creates to a JKS.

Andrei


#5

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.