You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@tomcat.apache.org by François Andromaque <fr...@sib.fr> on 2001/05/29 15:07:50 UTC
TOMCAT and SELF-SIGNED CERTIFICATE
i have tried to follow your instructions :
generate a key :
keytool -genkey -alias tomcat -keyalg RSA -keystore $JAVA_HOME/jre/lib/security/jssecacerts
generate CSR
keytool -certreq -alias tomcat -keystore $JAVA_HOME/jre/lib/security/jssecacerts -file server.csr
create a ca with openssl :
openssl genrsa -des3 -out ca.key 1024
openssl req -new -x509 -days 365 -key ca.key -out ca.crt
after have imported sign.sh from mod_ssl, i've signed myself my cert :
sign.sh server.crs
I've now a server.crt cert, ca.db.certs/01.pem cert, ca.db.index, ca.db.serial
import the cert into the jssecacerts keystore by trying
keytool -certreq -alias tomcat -keystore $JAVA_HOME/jre/lib/security/jssecacerts -file server.csr
and keytool -certreq -alias tomcat -keystore $JAVA_HOME/jre/lib/security/jssecacerts -file ca.db.certs/01.pem
the both commands result is : java.security.cert.Certificate Exception : IOException : Sequence tag error
can you tell where my mistake is?