dbyrne's questions

I've generated an SSL certificate with keytool:

keytool -keystore keystore -alias mySite -genkey -keyalg RSA -keysize 2048

I got this configured and working fine, but obviously it wasn't signed by a trusted CA, so I generated a CSR:

keytool -certreq -alias mySite -keystore keystore -file mySite.csr

GoDaddy gave me two certificates back, which I imported into my keystore:

keytool -keystore keystore -import -alias mySite.com -file mySite.com.crt
keytool -keystore keystore -import -alias gd_bundle -file gd_bundle.crt

I thought this would be sufficient, but I am still getting an untrusted certificate warning when I hit my app through the browser. Am I missing a step? My app is running on Jetty, and the only configuration I've provided is the keystore and the key-password.

I am getting the following exception:

javax.net.ssl.SSLHandshakeException: Received fatal alert: bad_certificate

I am configuring a subversion repository to use basic LDAP authentication. I have an entry in my http.conf file that looks like this:

<Location /company/some/location>
DAV svn
SVNPath /repository/some/location
AuthType Basic
AuthName LDAP
AuthBasicProvider ldap
Require valid-user
AuthLDAPBindDN "cn=SubversionAdmin,ou=admins,o=company.com"
AuthLDAPBindPassword "XXXXXXX"
AuthLDAPURL "ldap://company.com/ou=people,o=company.com?personid"
</Location>

This works fine for living, breathing people who need to log in. However, I also need to provide application accounts access to the repository. These accounts are in a different OU. Do I need to add a whole new <location> element, or can I add a second AuthLDAPURLto the existing entry?