You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@tomcat.apache.org by John Gardner <jo...@tagish.co.uk> on 2008/04/15 16:26:59 UTC
Tomcat and SSL Certifcates
For one of our projects, we have created our own CA for Tomcat using the
methods laid out here;
http://users.skynet.be/pascalbotte/art/ca.htm
http://marc.info/?l=tomcat-user&m=106293430225790&w=2
Now, Tomcat is up and running and serving the site over HTTPS using our
certificates and browsers can connect securely.
However, we have another client connecting, which is a SOAP app running
on another Tomcat server elsewhere. They need to connect on HTTPS to
our Tomcat server for their encrypted SOAP traffic, but currently their
connection is failing as there SOAP client has no certificate in common.
Once they send me their CSR, how do I sign it at my end so that I can
then send it back, ready for them to import it at their end?
I know this is probably more of a Java keystore question than Tomcat
directly, but I appreciate any help on it.
Thanks
---------------------------------------------------------------------
To start a new topic, e-mail: users@tomcat.apache.org
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org
Re: Tomcat and SSL Certifcates
Posted by Bill Barker <wb...@wilshire.com>.
If you really did follow the links, then the easiest is to continue to use
OpenSSL. Assuming that you have already set up an OpenSSL CA, then just
sign the CRS as normal, and send the resulting cert file back to the client.
They will need to import it into their keystore file (which should be no
problem, as long as it was the same one that generated the CSR) as well as
importing your CA cert into their keystore. After that, your client should
start trusting you again ;).
"John Gardner" <jo...@tagish.co.uk> wrote in message
news:4804BB33.9010303@tagish.co.uk...
> For one of our projects, we have created our own CA for Tomcat using the
> methods laid out here;
>
> http://users.skynet.be/pascalbotte/art/ca.htm
> http://marc.info/?l=tomcat-user&m=106293430225790&w=2
>
> Now, Tomcat is up and running and serving the site over HTTPS using our
> certificates and browsers can connect securely.
>
> However, we have another client connecting, which is a SOAP app running on
> another Tomcat server elsewhere. They need to connect on HTTPS to our
> Tomcat server for their encrypted SOAP traffic, but currently their
> connection is failing as there SOAP client has no certificate in common.
>
> Once they send me their CSR, how do I sign it at my end so that I can then
> send it back, ready for them to import it at their end?
>
> I know this is probably more of a Java keystore question than Tomcat
> directly, but I appreciate any help on it.
>
> Thanks
>
> ---------------------------------------------------------------------
> To start a new topic, e-mail: users@tomcat.apache.org
> To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
> For additional commands, e-mail: users-help@tomcat.apache.org
>
>
---------------------------------------------------------------------
To start a new topic, e-mail: users@tomcat.apache.org
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org