RE: Instruction: How to install Verisign certificate to Tomcat.

Fri, 19 Apr 2002 02:34:00 -0700 

Excellent! Thank you very much.

-----Original Message-----
From: Evgeniy Strokin [mailto:[EMAIL PROTECTED]]
Sent: April 18, 2002 10:49 AM
To: [EMAIL PROTECTED]
Subject: Instruction: How to install Verisign certificate to Tomcat.


Instruction: How to install Verisign certificate to
Tomcat.
Hope it helps somebody.

1. Make self-signed certificate:

keytool -genkey -keystore your.keystore

You should get:
Enter keystore password:  your_password
What is your first and last name?
  [Unknown]: somename.com
That's right, you should put domain name here, not
your first and last name. -) Answer all next
questions.

2. Check it:

keytool -list -v -keystore your.keystore

Enter keystore password:  your_password
You should get something like this:

Keystore type: jks
Keystore provider: SUN

Your keystore contains 1 entry:

Alias name: mykey
Creation date: Mon Mar 25 13:15:11 EST 2002
Entry type: keyEntry
Certificate chain length: 1
Certificate[1]:
Owner: CN=somename.com, OU= some name L.L.C., O= some
name Inc, L=some town, ST=some state, C=some country
Issuer: CN= somename.com, OU= some name L.L.C., O=
some name Inc, L= some town, ST= some state, C= some
country
Serial number: 3c9f6345
Valid from: Mon Mar 25 13:15:02 EST 2002 until: Sun
Jun 23 14:15:02 EDT 2002
Certificate fingerprints:
         MD5: 
6F:F3:64:D7:D1:6A:5F:2E:AB:0F:2B:B5:8C:87:59:84
         SHA1:
D8:B1:19:1C:E4:3F:25:2C:5A:E8:05:C0:A7:4B:5F:BB:05:1E:94:02


*******************************************
*******************************************

3. Make request certificate:

keytool -certreq - keystore your.keystore

Enter keystore password:  your_password
You should get:
-----BEGIN NEW CERTIFICATE REQUEST-----
MIIB1zCCAUACAQAwgZYxCzAJBgNVBAYTAlVTMRMwEQYDVQQIEwpOZXcg
........
........
nELWwLTxds8FSK6eqsU1NENMFg==
-----END NEW CERTIFICATE REQUEST-----
Copy it to textbox in Verisign website when you'll be
order certificate (you'll be asked about that). 

4. You get your certificate signed by Verisign
(usually by email). Copy it to file somename.cer.
After that:

keytool -import -trustcacerts -file somename.cer
-keystore your.keystore

Enter keystore password:  your_password
You should get:
Certificate reply was installed in keystore

5. Check it:

keytool -list -v -keystore your.keystore

Enter keystore password:  your_password
You should get something like this:

Keystore type: jks
Keystore provider: SUN

Your keystore contains 1 entry:

Alias name: mykey
Creation date: Thu Apr 18 12:52:25 EDT 2002
Entry type: keyEntry
Certificate chain length: 2
Certificate[1]:
Owner: CN=somename.com, OU=some name L.L.C., O=some
name Inc, L=some town, ST=some state, C=some country
Issuer: OU=Secure Server Certification Authority,
O="RSA Data Security, Inc.", C=US
Serial number: 48a29e834c57a88bc1c3350x23454395
Valid from: Tue Apr 09 20:00:00 EDT 2002 until: Thu
Apr 10 19:59:59 EDT 2003
Certificate fingerprints:
         MD5: 
8F:5A:F0:A2:9E:B1:A7:50:FA:59:0C:4C:49:AD:BE:A5
         SHA1:
C2:61:A4:BE:AA:85:97:AC:F1:DF:07:24:9D:DC:FA:5F:FF:D4:5A:28
Certificate[2]:
Owner: OU=Secure Server Certification Authority,
O="RSA Data Security, Inc.", C=US
Issuer: OU=Secure Server Certification Authority,
O="RSA Data Security, Inc.", C=US
Serial number: 2ad667e4e45fe5e576f3c98195eddc0
Valid from: Tue Nov 08 19:00:00 EST 1994 until: Thu
Jan 07 18:59:59 EST 2010
Certificate fingerprints:
         MD5: 
74:7B:82:03:43:F0:00:9E:6B:B3:EC:47:BF:85:A5:93
         SHA1:
44:63:C5:31:D7:CC:C1:00:67:94:61:2B:B6:56:D3:BF:82:57:84:6F


*******************************************
*******************************************

6. Copy file your.keystore to tomcat_home directory.
Check server.xml. It should contain:
<Connector
className="org.apache.tomcat.service.PoolTcpConnector">
        <Parameter name="handler"
value="org.apache.tomcat.service.http.HttpConnectionHandler"/>
        <Parameter name="port" value="443"/>
        <Parameter name="socketFactory"
value="org.apache.tomcat.net.SSLSocketFactory"/>
        <Parameter name="keystore" value="your.keystore"/>
        <Parameter name="keypass" value="your_password"/>
        <Parameter name="clientAuth" value="false"/>
</Connector>

7. Restart/run your Tomcat.


__________________________________________________
Do You Yahoo!?
Yahoo! Tax Center - online filing with TurboTax
http://taxes.yahoo.com/

--
To unsubscribe:   <mailto:[EMAIL PROTECTED]>
For additional commands: <mailto:[EMAIL PROTECTED]>
Troubles with the list: <mailto:[EMAIL PROTECTED]>

--
To unsubscribe:   <mailto:[EMAIL PROTECTED]>
For additional commands: <mailto:[EMAIL PROTECTED]>
Troubles with the list: <mailto:[EMAIL PROTECTED]>

Reply via email to