apache tomcat 5 & Internet Explorer cannot display the webpage

Originally, my cert expired but i can still access my website(https://mysite.com:8443/app) with the expiration cert status displayed by IE. With that in mind, I know ssl connection for apache on 8443 is good. As soon as I replace the keystore file that my application uses with the new keystore file generated from my comodo signed certs I get “Internet Explorer cannot display the webpage”, even after restarting apache tomcat service. I put back the original keystore, restart apache service, site works with expired cert. So something is wrong with the keystore generated from the comodo signed certs.


I generated the keystore with no errors:

keytool -genkey -keyalg RSA -keystore “C:\comodoKeys.jks” -validity 1825 -alias tomcat -keypass password123 -storepass password123

confirmed with:
Is CN=www.mysite.ca, OU=mysite, O=mysite, L=Calgary, ST=Alberta, C=
CA correct?
[no]: yes

generated the CSR with no errors:

keytool -certreq -alias tomcat -file c:\comodo.cer -keystore “C:\comodoKeys.jks” -storepass password123

submitted cer file to comodo.

recvd 3 certs from comodo:

imported the 3 certs with no errors:

keytool -import -trustcacerts -alias root -file “c:\root.cer” -keystore “C:\comodoKeys.jks” -storepass password123
keytool -import -trustcacerts -alias INTER -file “c:\intermediate.cer” -keystore “C:\comodoKeys.jks” -storepass password123
keytool -import -trustcacerts -alias tomcat -file “c:\domain.cer” -keystore “C:\comodoKeys.jks” -storepass password123

chatted with support, told me to regenerate CSR, it will be my 3rd time submitting a CSR which i don’t feel will help since i’ve been copying and pasting the commands above and verifying they are each executed on 1 line at a time. also if you notice i use the storepass/keypass switches so i don’t type in the password manually

can someone shed some light please? i’ve only had class experience which was a long time ago

i’ve not tried using the right click “install certificate” in windows since it’s too general and i don’t see how you can specify aliases and storepasses.


I suspect that the server unable to locate the correct private key. It may occur if you have more than one pair of private/public keys. The private key does not match with certificate.

Please submit a ticket at https://support.comodo.com/ with order# that will help us to serve you better.