People on both the Tomcat and Java400-L Lists nailed the problem: it
turned out to be a PTF issue.
Once the customer got the box's PTFs fully in order, Tomcat started up
without a problem, a self-signed certificate brought up their SSL, and
our WAR file uploaded and deployed normally.
They still need to fix their firewall to plumb at least one more port to
the outside world, and of course, they need to get their certificate
signed by a well-known CA, but other than that, they seem to be fine now.
One observation: it seems that for some reason, while Keystore Explorer
(on my Mac) seems to work at least as well as Keytool for most keystore
operations, for some reason, Java keystores that *originate* in Keystore
Explorer get rejected (at least by Tomcat running on IBM Midrange
boxes), whereas those orignating in Keytool work just fine (but Keytool,
for some reason, doesn't seem to work at all on IBM Midrange boxes).
As an Amazon Associate we earn from qualifying purchases.
This mailing list archive is Copyright 1997-2021 by midrange.com and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available on our policy page. If you have questions about this, please contact
Operating expenses for this site are earned using the Amazon Associate program and Google Adsense.