Where is this command typed into the system? Where do I key this information into the system? Are the commands entered in DOS?
I have JSSE installed and the 3 jar files are in place in my CLASSPATH and in JAVA_HOME.
IIS has a wizard that I use to create certificates and it does not permit me to enter the keytool parameters.
I guess my next questions are:
How do I created a certificate in my environment without using the wizard?
Have the steps changed to get SSL to work in version 6.0 of IIS and version 5.0.28 of Tomcat?
And if so, what steps do I now need to take to set this up properly?
Your help in my setup issue is greatly apprieciated.
DIRECT SSL
Generate a SSL certificate (RSA) for tomcat
I succeed (at least) with my IBM JDK 1.3 after:
jsse jars MUST BE IN BOTH CLASSPATH and $JAVA_HOME/jre/lib/ext (JAVA > 1.2)
from server.xml doc.You _need_ to set up a server certificate if you want this to work, and you need JSSE.
Add JSSE jars to CLASSPATH
Edit $JAVA_HOME/jre/lib/security/java.security
Add: security.provider.2=com.sun.net.ssl.internal.ssl.Provider
Do: keytool -genkey -alias tomcat -keyalg RSA
RSA is essential to work with Netscape and IIS. Use "changeit" as password (or add keypass attribute). You don't need to sign the certificate. You can set parameter keystore and keypass if you want to change the default ($HOME/.keystore with changeit)
I suggest you install jcert.jar, jnet.jar and jsse.jar in $JAVA_HOME/jre/lib/ext and then add them to your CLASSPATH export
CLASSPATH=$JAVA_HOME/jre/lib/ext/jcert.jar:$CLASSPATH export CLASSPATH=$JAVA_HOME/jre/lib/ext/jnet.jar:$CLASSPATH export CLASSPATH=$JAVA_HOME/jre/lib/ext/jsse.jar:$CLASSPATH
You could also copy the 3 jars into $TOMCAT_HOME/lib/ so they are under the existing CLASSPATH at tomcat startup (tomcat.sh).
--------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
