Apache Web server + Tomcat + SSL

["Magnotta, Salvatore" <sm...@stoltenberg.com>]

Hi list,

I have integrated the Apache web server and Tomcat on a Win2K PC with the latest versions of software.  I have also successfully used OpenSSL to create my own CA (certificate authority) and create a keystore through keytool so that I can use SSL with Tomcat.

On the client side I needed to accept and install two certificates -- one for my "home-made" certificate authority (the root certificate mydomain.com), and then another for the actual server certificate (mypc.mydomain.com).  This seems like a pain as I had to install both certificates in the client Trusted Root Certificate keystore in order for the certificate dialog box not to pop up on the client machine when accessing the server URL through https.

Is there a way so that the client side only has to install one of the certificates?  Do I have to add SSL to the Apache web server side through mod_ssl --- is this legal as I have been told that Apache-SSL and Apache + mod_ssl are not legal everywhere in the world -- here in the US for example?

Thanks,
Sal

---------------------------------------------------------------------
To unsubscribe, e-mail: tomcat-user-unsubscribe@jakarta.apache.org
For additional commands, e-mail: tomcat-user-help@jakarta.apache.org