I'm using tomcat on stand-alone (without apache), i
want to configure tomcat to work with SSL by self signing my server
certificate.
The documentation TOMCAT and SSL (SSL direct)
suggest to import a cert with openssl :
openssl req -new -out REQ.pem -keyout
KEY.pem
openssl req -x509 -in REQ.pem -key KEY.pem -out
CERT.pem (password='xx')
keytool -import -v -trustcacerts -alias tomcat -file CERT.pem
saved in
/root/.keystore
server.xml :
Connector
className="org.apache.tomcat.service.PoolTcpConnector"Parameter
name="handler"
value="org.apache.tomcat.service.http.HttpConnectionHandler"/Parameter
name="port" value="8443"/ (it is the same with
value="443")Parameter
name="socketFactory" value="org.apache.tomcat.net.SSLSocketFactory"
/Parameter name="keystore"
value="/root/.keystore"
/Parameter name="keypass"
value="xx" /
Parameter
name="clientAuth" value="false"
//Connector
if I try : https://my_ip_adress:8443 ( or 443 ), the
navigator returns connexion refused,
i have also tried to create my own ca
:
openssl genrsa -des3 -out ca.key 1024
openssl rsa req -new -x509 -days 365 -key ca.key
-out ca.crt
and a cert for the server ( CERT.pem can not be
signed by this ca and using sign.sh from mod_ssl )
openssl genrsa -des3 -out server.key
1024
openssl req -new -key server.key -out
server.csr
server.csr can be signed : sign.sh server.csr, and
server.crtis created, can i configure tomcat to use this self signed
cert?
otherwise what can i do for configure tomcat to use
jsse1.0.2 with a self signed certificate without installing tomcat.
----- Original Message -
From:
Rams
To: [EMAIL PROTECTED]
Sent: Tuesday, May 29, 2001 8:23 AM
Subject: RE: Signed certificate and
tomcat
Hi
Andromaque,
can u elaborate ur
doubt?
Rams
-Original Message-From: François Andromaque [mailto:[EMAIL PROTECTED]]Sent:
Monday, May 28, 2001 9:16 PMTo: [EMAIL PROTECTED]Subject:
Signed certificate and tomcat
How configure tomcat, after have create a new
self signed certificate
server.crt
