You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@tomcat.apache.org by François Andromaque <fr...@sib.fr> on 2001/05/28 17:45:37 UTC
Signed certificate and tomcat
How configure tomcat, after have create a new self signed certificate server.crt
Re: Signed certificate and tomcat
Posted by François Andromaque <fr...@sib.fr>.
You can go to
http://jakarta.apache.org/tomcat/tomcat-3.2-doc/tomcat-ssl-howto.html
----- Original Message -----
From: "Bo Xu" <bo...@cybershop.ca>
To: <to...@jakarta.apache.org>
Sent: Tuesday, May 29, 2001 7:12 PM
Subject: Re: Signed certificate and tomcat
> François Andromaque wrote:
>
> > I'm using tomcat on stand-alone (without apache), i want to configure
> > tomcat to work with SSL by self signing my server certificate. The
> > documentation TOMCAT and SSL (SSL direct) suggest to import a cert
> > with openssl :[...]
>
>
>
> Hi :-) could anybody tell me where I can find the documentation about
> how to config the
> following in TOMCAT:
> - https
> - SSL
>
> Thanks in advance!
>
>
> Bo
> May.29, 2001
>
>
Re: Signed certificate and tomcat
Posted by Bo Xu <bo...@cybershop.ca>.
François Andromaque wrote:
> I'm using tomcat on stand-alone (without apache), i want to configure
> tomcat to work with SSL by self signing my server certificate. The
> documentation TOMCAT and SSL (SSL direct) suggest to import a cert
> with openssl :[...]
Hi :-) could anybody tell me where I can find the documentation about
how to config the
following in TOMCAT:
- https
- SSL
Thanks in advance!
Bo
May.29, 2001
Re: Signed certificate and tomcat
Posted by François Andromaque <fr...@sib.fr>.
I'm using tomcat on stand-alone (without apache), i want to configure tomcat to work with SSL by self signing my server certificate.
The documentation TOMCAT and SSL (SSL direct) suggest to import a cert with openssl :
openssl req -new -out REQ.pem -keyout KEY.pem
openssl req -x509 -in REQ.pem -key KEY.pem -out CERT.pem (password='xx')
keytool -import -v -trustcacerts -alias tomcat -file CERT.pem
saved in /root/.keystore
server.xml :
....
<Connector className="org.apache.tomcat.service.PoolTcpConnector">
<Parameter name="handler" value="org.apache.tomcat.service.http.HttpConnectionHandler"/>
<Parameter name="port" value="8443"/> (it is the same with value="443")
<Parameter name="socketFactory" value="org.apache.tomcat.net.SSLSocketFactory" />
<Parameter name="keystore" value="/root/.keystore" />
<Parameter name="keypass" value="xx" />
<Parameter name="clientAuth" value="false" />
</Connector>
....
if I try : https://my_ip_adress:8443 ( or 443 ), the navigator returns connexion refused,
i have also tried to create my own ca :
openssl genrsa -des3 -out ca.key 1024
openssl rsa req -new -x509 -days 365 -key ca.key -out ca.crt
and a cert for the server ( CERT.pem can not be signed by this ca and using sign.sh from mod_ssl )
openssl genrsa -des3 -out server.key 1024
openssl req -new -key server.key -out server.csr
server.csr can be signed : sign.sh server.csr, and server.crt is created, can i configure tomcat to use this self signed cert?
otherwise what can i do for configure tomcat to use jsse1.0.2 with a self signed certificate without installing tomcat.
----- Original Message -----
From: Rams
To: tomcat-user@jakarta.apache.org
Sent: Tuesday, May 29, 2001 8:23 AM
Subject: RE: Signed certificate and tomcat
Hi Andromaque,
can u elaborate ur doubt?
Rams
-----Original Message-----
From: François Andromaque [mailto:francois.andromaque@sib.fr]
Sent: Monday, May 28, 2001 9:16 PM
To: tomcat-user@jakarta.apache.org
Subject: Signed certificate and tomcat
How configure tomcat, after have create a new self signed certificate server.crt
RE: Signed certificate and tomcat
Posted by Rams <ra...@cmcltd.com>.
Hi Andromaque,
can u elaborate ur doubt?
Rams
-----Original Message-----
From: François Andromaque [mailto:francois.andromaque@sib.fr]
Sent: Monday, May 28, 2001 9:16 PM
To: tomcat-user@jakarta.apache.org
Subject: Signed certificate and tomcat
How configure tomcat, after have create a new self signed certificate
server.crt