I'm setting up a dev server and wanted to import a certificate. I followed the steps but when i import keytool
-import -alias tomcat -keystore tomcat.keystore -file <name> I get an error "signed fields invalid". Also, because the IT Contracting agency manages the certificates they applied it to the server i needed to export the PFX file to use in the keytool script. Any thoughts???
Hi @brianapeters
If you're importing a pfx you may want to read this and follow these steps: https://knowledge.safe.com/questions/25131/how-can-i-use-an-ssl-wildcard-certificate-from-a-p.html
One thing you'll need to make sure is when you create the tomcat keystone file it needs to have the exact same password as the certificate that you're importing.
Hi @brianapeters
If you're importing a pfx you may want to read this and follow these steps: https://knowledge.safe.com/questions/25131/how-can-i-use-an-ssl-wildcard-certificate-from-a-p.html
One thing you'll need to make sure is when you create the tomcat keystone file it needs to have the exact same password as the certificate that you're importing.
cancelled"
I did use the same password when creating the keystore using fme instructions and exporting the pfx. My fme appliction serivce will not start? I dont see logs files in the folder mentioned? If i delete the tomcat.keystore and run the import again it will create another but still dont work? I must be missing something?
cancelled"
I did use the same password when creating the keystore using fme instructions and exporting the pfx. My fme appliction serivce will not start? I dont see logs files in the folder mentioned? If i delete the tomcat.keystore and run the import again it will create another but still dont work? I must be missing something?
What does the catalina log file say? You should be able to find this in the tomcat log folder in your FME Server System Share resources folder.
What does the catalina log file say? You should be able to find this in the tomcat log folder in your FME Server System Share resources folder.
--------------------------------------------------------------------------------------
19-Sep-2018 10:37:45.653 SEVERE Emain] org.apache.tomcat.util.digester.Digester.fatalError Parse Fatal Error at line 108 column 5: The string "--" is not permitted within comments.
--------------------------------------------------------------------------------------
--------------------------------------------------------------------------------------
19-Sep-2018 10:37:45.653 SEVERE Rmain] org.apache.tomcat.util.digester.Digester.fatalError Parse Fatal Error at line 108 column 5: The string "--" is not permitted within comments.
--------------------------------------------------------------------------------------
What does the catalina log file say? You should be able to find this in the tomcat log folder in your FME Server System Share resources folder.
What does the catalina log file say? You should be able to find this in the tomcat log folder in your FME Server System Share resources folder.
What are the service urls set to?
What are the service urls set to?
What are the service urls set to?
Update for this question:
Through direct support the HTTPS/SSL configuration got to a nearly good place, with the FME Server web ui working, but jobs wouldn't run: 'Error submitting the job'.
In the tomcat localhost log we identified a pkix path building error.
In order to resolve this issue, we configured FME Server using the steps in this article, put together to help any other users who may be importing pfx certificates.