You are viewing a plain text version of this content. The canonical link for it is here.

Posted to users@tomcat.apache.org by François Andromaque <fr...@sib.fr> on 2001/05/29 15:07:50 UTC

TOMCAT and SELF-SIGNED CERTIFICATE

i have tried to follow your instructions :
generate a key : 
    keytool -genkey -alias tomcat -keyalg RSA -keystore $JAVA_HOME/jre/lib/security/jssecacerts
generate CSR
    keytool -certreq -alias tomcat -keystore $JAVA_HOME/jre/lib/security/jssecacerts -file server.csr

create a ca with openssl :
    openssl genrsa -des3 -out ca.key 1024
    openssl req -new -x509 -days 365 -key ca.key -out ca.crt
after have imported sign.sh from mod_ssl, i've signed myself my cert :
    sign.sh server.crs

I've now a server.crt cert, ca.db.certs/01.pem cert, ca.db.index, ca.db.serial
 
import the cert into the jssecacerts keystore by trying
        keytool -certreq -alias tomcat  -keystore $JAVA_HOME/jre/lib/security/jssecacerts -file server.csr
and   keytool -certreq -alias tomcat  -keystore $JAVA_HOME/jre/lib/security/jssecacerts -file ca.db.certs/01.pem
the both commands result is : java.security.cert.Certificate Exception : IOException : Sequence tag error

can you tell where my mistake is?