You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@tomcat.apache.org by Hollerman Geralyn M <gm...@louisiana.edu> on 2004/04/02 23:00:42 UTC
Apache security certificate vs. Tomcat security certificate
I currently have Tomcat 5.0.16 running using the SSL connector and a self-signed
certificate - I followed the directions in the Tomcat SSL HOW-TO in how to
create the certificate and set up Tomcat for SSL. This is running with no
problems in my development environment.
I have been asked to put SSL on our production Tomcat. It is also v 5.0.16. My
sysadmin gave me two files he uses for Apache, running with SSL, on another
system; he said he thought I would need them. They are called server.crt and
server.key - he said he was giving me the certificate and the key for it. How do
I intergrate this with Tomcat? How does this correspond to what I've got for
Tomcat - I presume that the .crt file is like the .cer file I exported from
cacerts.jks (my keystore), but what does the .key file correspond to? How does
that fit in?
Thanks!
--
Lynn Hollerman.
---------------------------------------------------------------------
To unsubscribe, e-mail: tomcat-user-unsubscribe@jakarta.apache.org
For additional commands, e-mail: tomcat-user-help@jakarta.apache.org
Re: Apache security certificate vs. Tomcat security certificate
Posted by Bill Barker <wb...@wilshire.com>.
"Hollerman Geralyn M" <gm...@louisiana.edu> wrote in message
news:406DD47A.8090604@louisiana.edu...
> I currently have Tomcat 5.0.16 running using the SSL connector and a
self-signed
> certificate - I followed the directions in the Tomcat SSL HOW-TO in how to
> create the certificate and set up Tomcat for SSL. This is running with no
> problems in my development environment.
>
> I have been asked to put SSL on our production Tomcat. It is also v
5.0.16. My
> sysadmin gave me two files he uses for Apache, running with SSL, on
another
> system; he said he thought I would need them. They are called server.crt
and
> server.key - he said he was giving me the certificate and the key for it.
How do
> I intergrate this with Tomcat? How does this correspond to what I've got
for
> Tomcat - I presume that the .crt file is like the .cer file I exported
from
> cacerts.jks (my keystore), but what does the .key file correspond to? How
does
> that fit in?
>
The '.key' file is the private key corresponding to the public key stored in
the '.crt' file.
IMHO, the easiest way to integrate your Apache cert with Tomcat is to export
the cert and the key to a PKCS12 file (see the "Prepare the Certificate
Keystore" section of the Tomcat ssl-howto for an example of how to do this),
and just use this file as your keystoreFile in Tomcat (remembering to set
keystoreType="PKCS12" as well :).
There are also utilities floating around the net to import Apache certs into
a JKS keystore (e.g. http://www.comu.de/docs/tomcat_ssl.htm). You can try
Google and/or searching the archives for other solutions (since this topic
comes up a lot :).
> Thanks!
> --
> Lynn Hollerman.
---------------------------------------------------------------------
To unsubscribe, e-mail: tomcat-user-unsubscribe@jakarta.apache.org
For additional commands, e-mail: tomcat-user-help@jakarta.apache.org