Thanks, Ricardo, I'll check it out and give it a try.
Jon
----- Original Message -----
From: "Ricardo" <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Sent: Monday, September 17, 2001 1:19 AM
Subject: Re: Possible to import SSL private/public key pair from Apache into
Tomcat?
> There's a way to do this -----> http://www.comu.de/docs/tomcat_ssl.htm.
> I recently solve this problem, because i was working with openssl. But i
> have a question in the group and nobody answer me yet.
> I'm usign client authentication with apache+mod_ssl and i want to change
to
> tomcat. The fact is that i don't know how to configure
> the keystore with the CA public key for validating client certificates...
> I hope the information i give you will be useful, and i will be very happy
> if i get an answer.
>
> Thanks all,
> ============================
> Ricardo Borillo Domenech
> Programaci� - Servei d'Inform�tica
> Universitat Jaume I
> ----- Original Message -----
> From: "Jonathan Eric Miller" <[EMAIL PROTECTED]>
> To: "Tomcat User List" <[EMAIL PROTECTED]>
> Sent: Saturday, September 15, 2001 5:28 AM
> Subject: Possible to import SSL private/public key pair from Apache into
> Tomcat?
>
>
> > This question is kind of about Tomcat, but, also to some extent about
> > keytool and SSL in general.
> >
> > I've been running Apache Web Server 1.3.x as a Web server with JRun as a
> > Java Servlet engine in our production environment. I have SSL enabled on
> the
> > Apache Web Server and I have the certificate signed by Verisign which I
> paid
> > $$$ for.
> >
> > What I want to do now is to switch to using Tomcat in standalone mode. I
> > have this up and running no problem. I was able to generate a private
key
> > and then sign that with a test CA that I have. The steps to do this are
to
> > run keytool with -genkey, then -certreq, and then -import.
> >
> > However, I want to import the private/public key pair from Apache Web
> Server
> > into my Java keystore. Does anyone know if this is possible? As far as I
> can
> > tell, there is no way to import a private key. I wonder if I send
Verisign
> a
> > certificate request that I generated from Tomcat, if they will make me
buy
> > another certificate (even though it's for use on the same server and
will
> > replace the original certificate)?
> >
> > Jon
> >
> >
> >
>
