svn commit: r1364769 - /cxf/fediz/trunk/examples/samplekeys/HowToGenerateKeysREADME.html

Mon, 23 Jul 2012 12:43:35 -0700 

Author: gmazza
Date: Mon Jul 23 19:43:11 2012
New Revision: 1364769

URL: http://svn.apache.org/viewvc?rev=1364769&view=rev
Log:
Clarified keystore/truststore needs.

Modified:
    cxf/fediz/trunk/examples/samplekeys/HowToGenerateKeysREADME.html

Modified: cxf/fediz/trunk/examples/samplekeys/HowToGenerateKeysREADME.html
URL: 
http://svn.apache.org/viewvc/cxf/fediz/trunk/examples/samplekeys/HowToGenerateKeysREADME.html?rev=1364769&r1=1364768&r2=1364769&view=diff
==============================================================================
--- cxf/fediz/trunk/examples/samplekeys/HowToGenerateKeysREADME.html (original)
+++ cxf/fediz/trunk/examples/samplekeys/HowToGenerateKeysREADME.html Mon Jul 23 
19:43:11 2012
@@ -13,7 +13,7 @@ is recommended.</p>
 <tr><td>tomcat-idp.jks (tompass)</td><td>mytomidpkey (tompass)</td><td>base 
folder of Tomcat instance holding the IDP and IDP STS</td>
     <td><code>keytool -genkeypair -validity 730 -alias mytomidpkey -keystore 
tomcat-idp.jks -dname "cn=localhost" -keypass tompass -storepass 
tompass</code><br/><br/><code>keytool -keystore tomcat-idp.jks -storepass 
tompass -export -alias mytomidpkey -file MyTCIDP.cer</code></td>
     <td>Nobody</td><td>IDP app</td></tr> 
-<tr><td>tomcat-rp.jks (tompass)</td><td>mytomrpkey (tompass)</td><td>base 
folder of Tomcat instance holding the relying party applications for both 
samples (simpleWebapp and wsclientWebapp); has Tomcat Fediz plugin configured 
to make STS calls</td>
+<tr><td>tomcat-rp.jks (tompass)</td><td>mytomrpkey (tompass)</td><td>base 
folder of Tomcat instance holding the relying party applications for both 
samples (simpleWebapp and wsclientWebapp); has the STS public cert added to it 
because this keystore is configured in conf/fediz_config.xml. <p><em>Note: If 
desired can avoid adding STS public cert to this keystore if you create a 
separate truststore for Fediz w/STS public cert (identical to 
webserviceKeystore.jks below), and use that in fediz_config.xml 
instead.</em></p></td>
     <td><code>keytool -genkeypair -validity 730 -alias mytomrpkey -keystore 
tomcat-rp.jks -dname "cn=localhost" -keypass tompass -storepass 
tompass<br/><br/>keytool -import -trustcacerts -keystore tomcat-rp.jks 
-storepass tompass -alias mystskey -file MySTS.cer -noprompt (see stsstore.jks 
below for MySTS.cer)</code></td>
     <td>IDP STS (Fediz Tomcat plugin makes STS call)</td><td>Nobody</td></tr> 
 <tr><td>tomcat-wsp.jks (tompass)</td><td>mytomwspkey (tompass)</td><td>base 
folder of Tomcat instance holding the web service provider in the second 
(wsClientWebapp) sample</td>

Reply via email to