Godaddy Certificate problem Tomcat 7.0.57

Hi,

I have a seemingly normal basic 7.0.57 Tomcat WebServer built. I have done a few others without this problem...

Ordered Godaddy cert after running the CSR and Keystore command below, and upon recieving the zip file, I ran the last 3 commands of the list. This has worked on other windows 2012 servers and I havent had to jump through the hoops that seems apparent with this one for some reason.

The current error when going to the site is as follows.

"A secure connection cannot be established because this site uses an unsupported protocol."
Error code: ERR_SSL_VERSION_OR_CIPHER_MISMATCH

I installed all three certs, root, then intermed, then site cert. I even tried the cross cert one time, with no luck...

Here are the commands I ran.
_____________________________________________
"c:\program files\Java\jre7\bin\keytool" -keysize 2048 -genkey -alias tomcat -keyalg RSA -keystore c:\tomcat.keystore

"c:\program files\Java\jre7\bin\keytool" -certreq -keyalg RSA -alias tomcat -file c:\cert\csr.csr -keystore c:\tomcat.keystore

"c:\program files\Java\jre7\bin\keytool" -import -alias root -keystore "c:\tomcat.keystore" -trustcacerts -file "c:\gd_bundle-g2-g1.crt"

"c:\program files\Java\jre7\bin\keytool" -import -alias intermed -keystore "c:\tomcat.keystore" -trustcacerts -file "c:\gdig2.crt"

"c:\program files\Java\jre7\bin\keytool" -import -alias tomcat -keystore "c:\tomcat.keystore" -trustcacerts -file "c:\xyzxyzxyzxyz.crt"

Any help would be greatly appreciated.

Thanks,
jcorso1313Asked:
Who is Participating?

[Product update] Infrastructure Analysis Tool is now available with Business Accounts.Learn More

x
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

jcorso1313Author Commented:
just reran all of the commands and rekeyed again, started over completely.

New error now.

This server requires a certificate for authentication, and didn't accept the one sent by the browser. Your certificate may have expired, or the server may not trust its issuer. You can try again with a different certificate, if you have one, or you may have to obtain a valid certificate from elsewhere.
Error code: ERR_BAD_SSL_CLIENT_AUTH_CERT

Any ideas?

Thanks
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
David Johnson, CD, MVPOwnerCommented:
where did the client get its certificate?  if from a local ca did you add the root and issuing CA certificates to the trusted certificate root store?
0
gheistCommented:
Setup differs. Yours is correct for apache java connector. If you install tcnative apr connector you need to use OpeNSSL crt/key/chain.
0
jcorso1313Author Commented:
Download root/intermed from repository
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Apache Web Server

From novice to tech pro — start learning today.