I'm using tomcat on stand-alone (without apache), i
want to configure tomcat to work with SSL by self signing my server
certificate.
The documentation TOMCAT and SSL (SSL direct)
suggest to import a cert with openssl :
openssl req -new -out REQ.pem -keyout
KEY.pem
openssl req -x509 -in REQ.pem -key KEY.pem -out
CERT.pem (password='xx')
keytool -import -v -trustcacerts -alias tomcat -file CERT.pem
saved in
/root/.keystore
server.xml :
....
<Connector
className="org.apache.tomcat.service.PoolTcpConnector">
<Parameter name="handler" value="org.apache.tomcat.service.http.HttpConnectionHandler"/> <Parameter name="port" value="8443"/> (it is the same with value="443") <Parameter name="socketFactory" value="org.apache.tomcat.net.SSLSocketFactory" /> <Parameter name="keystore" value="/root/.keystore" /> <Parameter name="keypass" value="xx" /> <Parameter
name="clientAuth" value="false"
/>
</Connector> ....
if I try : https://my_ip_adress:8443 ( or 443 ), the
navigator returns connexion refused,
i have also tried to create my own ca
:
openssl genrsa -des3 -out ca.key 1024
openssl rsa req -new -x509 -days 365 -key ca.key
-out ca.crt
and a cert for the server ( CERT.pem can not be
signed by this ca and using sign.sh from mod_ssl )
openssl genrsa -des3 -out server.key
1024
openssl req -new -key server.key -out
server.csr
server.csr can be signed : sign.sh server.csr, and
server.crt is created, can i configure tomcat to use this self signed
cert?
otherwise what can i do for configure tomcat to use
jsse1.0.2 with a self signed certificate without installing tomcat.
|
- Signed certificate and tomcat François Andromaque
- RE: Signed certificate and tomcat Rams
- Re: Signed certificate and tomcat François Andromaque
- Re: Signed certificate and tomcat Bo Xu
- Re: Signed certificate and tomcat François Andromaque