You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@cocoon.apache.org by Steven Noels <st...@outerthought.org> on 2004/06/14 22:05:36 UTC
Using HTTPS as a src for a file generator
Hi folks,
I'm trying to use a https source in a simple pipeline, but Java doesn't
like the server certificate on the originating side. With the help of
openssl, I managed to save a local copy of the certificate, but now I
need to add it to my local set of certificates.
Despite gazillion of web pages, I haven't quite found out how and why
(the 'how' would be enough to start with).
Has anyone experience with adding certificates to the Java security
machinery?
Thanks,
</Steven>
--
Steven Noels http://outerthought.org/
Outerthought - Open Source Java & XML An Orixo Member
Read my weblog at http://blogs.cocoondev.org/stevenn/
stevenn at outerthought.org stevenn at apache.org
Re: Using HTTPS as a src for a file generator
Posted by Steven Noels <st...@outerthought.org>.
On 14 Jun 2004, at 22:56, Steven Noels wrote:
> It sure was - I'll Wikify my success tomorrow for posterity.
http://wiki.cocoondev.org/Wiki.jsp?page=HTTPsSources
Thanks!
</Steven>
--
Steven Noels http://outerthought.org/
Outerthought - Open Source Java & XML An Orixo Member
Read my weblog at http://blogs.cocoondev.org/stevenn/
stevenn at outerthought.org stevenn at apache.org
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@cocoon.apache.org
For additional commands, e-mail: users-help@cocoon.apache.org
Re: Using HTTPS as a src for a file generator
Posted by Steven Noels <st...@outerthought.org>.
On 14 Jun 2004, at 22:56, Steven Noels wrote:
> It sure was - I'll Wikify my success tomorrow for posterity.
http://wiki.cocoondev.org/Wiki.jsp?page=HTTPsSources
Thanks!
</Steven>
--
Steven Noels http://outerthought.org/
Outerthought - Open Source Java & XML An Orixo Member
Read my weblog at http://blogs.cocoondev.org/stevenn/
stevenn at outerthought.org stevenn at apache.org
Re: Using HTTPS as a src for a file generator
Posted by Steven Noels <st...@outerthought.org>.
On 14 Jun 2004, at 22:36, Tony Collen wrote:
> I'm no expert, but this is what I've found so far:
>
> http://www.hp.com/products1/unix/java/infolibrary/install_verisign.html
>
> http://www.digicert.com/ssl-certificate-installation-java.htm
>
> http://www.pankaj-k.net/WSOverSSL/WSOverSSL-HOWTO.html
>
> That last one looks like it might be the most useful.
It sure was - I'll Wikify my success tomorrow for posterity.
I'm a happy cog. :-)
</Steven>
--
Steven Noels http://outerthought.org/
Outerthought - Open Source Java & XML An Orixo Member
Read my weblog at http://blogs.cocoondev.org/stevenn/
stevenn at outerthought.org stevenn at apache.org
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@cocoon.apache.org
For additional commands, e-mail: users-help@cocoon.apache.org
Re: Using HTTPS as a src for a file generator
Posted by Steven Noels <st...@outerthought.org>.
On 14 Jun 2004, at 22:36, Tony Collen wrote:
> I'm no expert, but this is what I've found so far:
>
> http://www.hp.com/products1/unix/java/infolibrary/install_verisign.html
>
> http://www.digicert.com/ssl-certificate-installation-java.htm
>
> http://www.pankaj-k.net/WSOverSSL/WSOverSSL-HOWTO.html
>
> That last one looks like it might be the most useful.
It sure was - I'll Wikify my success tomorrow for posterity.
I'm a happy cog. :-)
</Steven>
--
Steven Noels http://outerthought.org/
Outerthought - Open Source Java & XML An Orixo Member
Read my weblog at http://blogs.cocoondev.org/stevenn/
stevenn at outerthought.org stevenn at apache.org
Re: Using HTTPS as a src for a file generator
Posted by Tony Collen <co...@umn.edu>.
Steven Noels wrote:
> Hi folks,
>
> I'm trying to use a https source in a simple pipeline, but Java doesn't
> like the server certificate on the originating side. With the help of
> openssl, I managed to save a local copy of the certificate, but now I
> need to add it to my local set of certificates.
>
> Despite gazillion of web pages, I haven't quite found out how and why
> (the 'how' would be enough to start with).
>
> Has anyone experience with adding certificates to the Java security
> machinery?
>
> Thanks,
>
> </Steven>
I'm no expert, but this is what I've found so far:
http://www.hp.com/products1/unix/java/infolibrary/install_verisign.html
http://www.digicert.com/ssl-certificate-installation-java.htm
http://www.pankaj-k.net/WSOverSSL/WSOverSSL-HOWTO.html
That last one looks like it might be the most useful.
HTH,
Tony
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@cocoon.apache.org
For additional commands, e-mail: users-help@cocoon.apache.org
Re: Using HTTPS as a src for a file generator
Posted by Tony Collen <co...@umn.edu>.
Steven Noels wrote:
> Hi folks,
>
> I'm trying to use a https source in a simple pipeline, but Java doesn't
> like the server certificate on the originating side. With the help of
> openssl, I managed to save a local copy of the certificate, but now I
> need to add it to my local set of certificates.
>
> Despite gazillion of web pages, I haven't quite found out how and why
> (the 'how' would be enough to start with).
>
> Has anyone experience with adding certificates to the Java security
> machinery?
>
> Thanks,
>
> </Steven>
I'm no expert, but this is what I've found so far:
http://www.hp.com/products1/unix/java/infolibrary/install_verisign.html
http://www.digicert.com/ssl-certificate-installation-java.htm
http://www.pankaj-k.net/WSOverSSL/WSOverSSL-HOWTO.html
That last one looks like it might be the most useful.
HTH,
Tony
Re: Using HTTPS as a src for a file generator
Posted by ed <ed...@cyberglide.tv>.
Hi Steven
Here is a script for creating a self signed cert. Jetty can use
this keystore for https access.
#! /bin/sh
// create a key store with private key
keytool -genkey -alias server -keystore /var/keysserver/cokeys
-storepass storepassword# -keypass keypassword@ -dname "CN=cocoon.org,
OU=Security Provider, O=Apache,L=Virginia Beach, S=Virginia, C=US"
-validity 3600 -v
// generate a self signed sertificate
keytool -selfcert -alias servercert -keystore /var/keysserver/cokeys
-alias server -storepass storepassword# -keypass keypassword@ -dname
"CN=test.cocoon.org,OU=Web Services,O=Apache,L=Virginia
Beach,S=Virginia, c=US" -validity 3600 -v
Here is a script for generating a request for signing
echo "keytool -genkey"
keytool -genkey -alias cocoonkey -keyalg RSA -keystore
/var/cocoon/certs/cokeys -storepass storepass# -keypass keypass@ -dname
"CN=apache.cocoon.org, OU=PMC, O=Cocoon development, L=Suffolk,
S=Virginia, C=US" -validity 3600 -v
echo "keytool certreq"
keytool -certreq -sigalg MD5withRSA -alias cocoonkey -file
/var/cocoon/certs/cocoonreq.csr -keystore /var/cocoon/certs/cokeys
-storepass storepass# -keypass keypass@
Hva the file in /var/cocoon/certs.cocoonreq.csr signed
by an authority then import it:
echo "keytool ...import cert"
keytool -import -v -alias cocoonkey -file
/var/cocoon/certs/cocooncrt.crt -keypass keypass@ -keystore
/var/cocoon/certs/cokeys -storepass storepass# -trustcacerts
Hope this helps and is not too late.
Steven Noels wrote:
> Hi folks,
>
> I'm trying to use a https source in a simple pipeline, but Java doesn't
> like the server certificate on the originating side. With the help of
> openssl, I managed to save a local copy of the certificate, but now I
> need to add it to my local set of certificates.
>
> Despite gazillion of web pages, I haven't quite found out how and why
> (the 'how' would be enough to start with).
>
> Has anyone experience with adding certificates to the Java security
> machinery?
>
> Thanks,
>
> </Steven>