Re: SSL in Tomcat

Tue, 03 Sep 2002 01:05:01 -0700 

Dear Randie,
                as far as i know .. certificates should be given the name of
the web server on which it is hosted.
                there is no use of having a personal certificate. for
testing it is ok but when this goes to production env the certificate should
be of the host...

okie ....
now how do you want to access it ? using something like www.randie.com ? and
host it on carnelian ? and do not get an exception on the browser ?

do let me know with full details

Guru


-----Original Message-----
From: randie ursal [mailto:[EMAIL PROTECTED]]
Sent: 03 September 2002 07:53
To: [EMAIL PROTECTED]
Subject: SSL in Tomcat


hi,

sorry for this off the list topic but i really need some
idea.

  when i created my self-signed certificate using keytool to make SSL
  available in Tomcat i specify in my certificate information

   ex.
     keytool -genkey -dname "CN=Mark Smith, OU=JavaSoft, O=Sun, L=Cupertino,
             S=California, C=US" -alias mark

  but when i access my webserver both through browser and java application
  by using "https://carnelian:8443/testApp";
  i got and exception which says that HTTPS hostname is wrong or certificate
  is not the same as site name.

  so i change the "CN" key equal to my hostname (ex."Carnelian"), now it
  works...why is this?

  keytool docs says that "CN" could be any valid full name...just like the
  example above when i use "Mark Smith".

  is there a way i can specify the certificate information using the full
  name instead of the web server hostname?....and access it using https
  without getting an exception.

  i'm using Apache Tomcat 4.0, JSSE1.0.3, JDK1.3.1

thanks in advance

  randie

___________________________________________________________________________
To unsubscribe, send email to [EMAIL PROTECTED] and include in the body
of the message "signoff SERVLET-INTEREST".

Archives: http://archives.java.sun.com/archives/servlet-interest.html
Resources: http://java.sun.com/products/servlet/external-resources.html
LISTSERV Help: http://www.lsoft.com/manuals/user/user.html

___________________________________________________________________________
To unsubscribe, send email to [EMAIL PROTECTED] and include in the body
of the message "signoff SERVLET-INTEREST".

Archives: http://archives.java.sun.com/archives/servlet-interest.html
Resources: http://java.sun.com/products/servlet/external-resources.html
LISTSERV Help: http://www.lsoft.com/manuals/user/user.html

Reply via email to