Hi folks!!

I'm new to SSL and I've been working arround for 3 days to adapt my servlets
to HTTPS.

I've correctly configured jakarta-tomcat 4.1.30 as shown in
http://jakarta.apache.org/tomcat-4.1-doc/ssl-howto.html on a WinXP box.

My servlet "users" works fine with
http://localhost:8080/myapp/services/users

But when I call it with https://localhost:8443/myapp/services/users on IE6.0
and Mozilla1.6 both show me info about certificate and I accept,  then two
results occurs on each client:

1. Internet Explorer: show me the user form correctly, but no security
status icon is shown, if i click where it should be the icon, IE show me
info aboud the certificate and tells me is valid, every thing seems to be
correct.  But no icon is shown.

2. Mozilla: tells me "You have requested an encripted page that contains
some unencrypted information.  Information that you see or enter on this
page could easily be read by a third party." and the security status icon is
closed but scratched in red.

When I change to a non SSL address both clients tell me I'm leaving a "ssl
connection".

I've generated the certificate with keyTool from JDK1.4.1_04.

Mi servlet does nothing at all about security, because I understand that
tomcat is container security based.

And now I'm lost at this point.  Did I forget something??? I hope nop!

Please, anyone can help to solve what's going on??
Saludos
David G. Folch (Barcelona/Spain)