Jeffrey,
On 19.3.2013 15:33, Jeffrey D. Fisher wrote:
Yes, I do have a CA-issued certificate with a chain to a trusted CA. I've
imported it to the keystore. I am close to a solution. When I attempt to
open the default Apache web page using https: I get an error page that
says that the server
-Original Message-
From: Jeffrey D. Fisher [mailto:jeff.fisher12...@cox.net]
Sent: Tuesday, March 19, 2013 9:34 AM
To: 'Tomcat Users List'; mgai...@hotmail.com
Subject: RE: SSL Best Practices
Yes, I do have a CA-issued certificate with a chain to a trusted CA.
I've imported
-Original Message-
From: cjder...@gmail.com [mailto:cjder...@gmail.com] On Behalf Of chris
derham
Sent: Tuesday, March 19, 2013 1:58 AM
To: Tomcat Users List
Subject: Re: SSL Best Practices
If the system is only for testing, or communicates with a limited
number of systems
Best Practices
-Original Message-
From: cjder...@gmail.com [mailto:cjder...@gmail.com] On Behalf Of chris
derham
Sent: Tuesday, March 19, 2013 1:58 AM
To: Tomcat Users List
Subject: Re: SSL Best Practices
If the system is only for testing, or communicates
-Original Message-
From: Martin Gainty [mailto:mgai...@hotmail.com]
Sent: Tuesday, March 19, 2013 7:35 AM
To: Tomcat Users List
Subject: RE: SSL Best Practices
1)Have you ever tried to coerce IE to accept a self-signed cert 2)if
you purchase a pfx with a self-signed certificate
...@hotmail.com]
Sent: Monday, March 18, 2013 5:22 PM
To: Tomcat Users List
Subject: RE: SSL Best Practices
Jeff
do you have keystore and certificate..if not go to verisign and get a
CATrusted pfx...
the cost is worth it and anything you create with a self-signed cert will be
broken in less than 5 min
Feel
-Original Message-
From: Jeffrey D. Fisher [mailto:jeff.fisher12...@cox.net]
Sent: Tuesday, March 19, 2013 10:34 AM
To: 'Tomcat Users List'; mgai...@hotmail.com
Subject: RE: SSL Best Practices
Yes, I do have a CA-issued certificate with a chain to a trusted CA.
I've imported
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Martin,
On 3/18/13 6:21 PM, Martin Gainty wrote:
do you have keystore and certificate..if not go to verisign and get
a CATrusted pfx...
the cost is worth it and anything you create with a self-signed
cert will be broken in less than 5 min
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Martin,
On 3/19/13 7:34 AM, Martin Gainty wrote:
1)Have you ever tried to coerce IE to accept a self-signed cert
This is a trust issue, not a security issue. They are related, but not
equivalent.
2)if you purchase a pfx with a self-signed
: SSL Best Practices
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Martin,
On 3/19/13 7:34 AM, Martin Gainty wrote:
1)Have you ever tried to coerce IE to accept a self-signed cert
This is a trust issue, not a security issue. They are related, but not
equivalent.
2)if you purchase a pfx
-Original Message-
From: Jeffrey D. Fisher [mailto:jeff.fisher12...@cox.net]
Sent: Tuesday, March 19, 2013 11:28 AM
To: 'Tomcat Users List'
Subject: RE: SSL Best Practices
Could we dispense with the ego-clanking, please? Really? Keep in mind
that EVERYONE has the same problem
On 19/03/2013 15:28, Jeffrey D. Fisher wrote:
Could we dispense with the ego-clanking, please? Really? Keep in
mind that EVERYONE has the same problem regardless of your IQ level:
for everything you know there are three to five things you do not
know and at least one that you do not know you
-Original Message-
From: Jeffrey D. Fisher [mailto:jeff.fisher12...@cox.net]
Sent: Friday, March 15, 2013 3:03 PM
To: users@tomcat.apache.org
Subject: SSL Best Practices
Gentlemen (Ladies):
I am looking for a published best practice on editing the SERVER.XML
configuration
To: users@tomcat.apache.org
Subject: RE: SSL Best Practices
Date: Mon, 18 Mar 2013 13:34:44 +
-Original Message-
From: Jeffrey D. Fisher [mailto:jeff.fisher12...@cox.net]
Sent: Friday, March 15, 2013 3:03 PM
To: users@tomcat.apache.org
Subject: SSL Best Practices
-Original Message-
From: Martin Gainty [mailto:mgai...@hotmail.com]
Sent: Monday, March 18, 2013 6:22 PM
To: Tomcat Users List
Subject: RE: SSL Best Practices
Jeff
do you have keystore and certificate..if not go to verisign and get a
CATrusted pfx...
the cost is worth
If the system is only for testing, or communicates with a limited number of
systems (i.e.,
it is a firewalled backend system that only communicates with a front-end
system), then again,
a self-signed certificate would be fine.
+1
If his organization already uses PKI certificates, then he
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Jeffrey,
On 3/15/13 4:02 PM, Jeffrey D. Fisher wrote:
I am looking for a published best practice on editing the
SERVER.XML configuration file to use SSL/HTTPS. The key are
imported into the keystore.
Any input is appreciated.
What
17 matches
Mail list logo