You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@tomcat.apache.org by Balakrishna Kudaravalli <bk...@cisco.com> on 2003/04/23 23:41:37 UTC
Tomcat 4.1.24 enable SSL
Hi All,
Issue: Enabling SSL for Tomcat 4.1.24
1. I have created a cert using keytool -genkey -alias tomcat -keyalg
RSA and have given a password "changeit" (default)
2. Uncommented SSL coyote HTTP/1.1 connector in server.xml. Since the
Keystore is at a deafault loc, I have not given a keystoreFile attribute
3. On starting up Tomcat, HTTPS works fine
Issue:
4. Now, I need to replace the default cert with the certs provided by our
internal folks. How do I do that ? the certs provided to me are in pkcs 12
format:
5. Should I convert the pkcs12 certs into x509 ?
6. What certs should I import into the keystore (server, client, ca) ?
Your help would be greatly appreciated.
Thank you,
-Bala
Re: Tomcat 4.1.24 enable SSL
Posted by Balakrishna Kudaravalli <bk...@cisco.com>.
Hi Mark,
Could you please let me know the command I need to use to import a pkcs12
server cert into a keystore (assuming I need to create a new keystore). Do
I need to have only a server cert in the keystore or both server & CA certs
to enable SSL on Tomcat.
Thanks for all your help.
Regards,
-Bala
At 07:03 AM 4/24/2003 -0400, you wrote:
>you should be able to use PKCS12. Just change the keystore type from JKS
>(default) to PKCS12.
>
>Balakrishna Kudaravalli wrote:
>
>>Hi All,
>>
>>Issue: Enabling SSL for Tomcat 4.1.24
>>
>>1. I have created a cert using keytool -genkey -alias tomcat -keyalg
>>RSA and have given a password "changeit" (default)
>>2. Uncommented SSL coyote HTTP/1.1 connector in server.xml. Since the
>>Keystore is at a deafault loc, I have not given a keystoreFile attribute
>>3. On starting up Tomcat, HTTPS works fine
>>
>>Issue:
>>4. Now, I need to replace the default cert with the certs provided by our
>>internal folks. How do I do that ? the certs provided to me are in pkcs
>>12 format:
>>
>>5. Should I convert the pkcs12 certs into x509 ?
>>
>>6. What certs should I import into the keystore (server, client, ca) ?
>>
>>Your help would be greatly appreciated.
>>
>>Thank you,
>>-Bala
>>
>>
>
>
>
>---------------------------------------------------------------------
>To unsubscribe, e-mail: tomcat-user-unsubscribe@jakarta.apache.org
>For additional commands, e-mail: tomcat-user-help@jakarta.apache.org
>
---------------------------------------------------------------------
To unsubscribe, e-mail: tomcat-user-unsubscribe@jakarta.apache.org
For additional commands, e-mail: tomcat-user-help@jakarta.apache.org
Re: Tomcat 4.1.24 enable SSL
Posted by "Mark W. Webb" <ma...@dolphtech.com>.
you should be able to use PKCS12. Just change the keystore type from
JKS (default) to PKCS12.
Balakrishna Kudaravalli wrote:
> Hi All,
>
> Issue: Enabling SSL for Tomcat 4.1.24
>
> 1. I have created a cert using keytool -genkey -alias tomcat -keyalg
> RSA and have given a password "changeit" (default)
> 2. Uncommented SSL coyote HTTP/1.1 connector in server.xml. Since the
> Keystore is at a deafault loc, I have not given a keystoreFile attribute
> 3. On starting up Tomcat, HTTPS works fine
>
> Issue:
> 4. Now, I need to replace the default cert with the certs provided by
> our internal folks. How do I do that ? the certs provided to me are in
> pkcs 12 format:
>
> 5. Should I convert the pkcs12 certs into x509 ?
>
> 6. What certs should I import into the keystore (server, client, ca) ?
>
> Your help would be greatly appreciated.
>
> Thank you,
> -Bala
>
>
>
---------------------------------------------------------------------
To unsubscribe, e-mail: tomcat-user-unsubscribe@jakarta.apache.org
For additional commands, e-mail: tomcat-user-help@jakarta.apache.org