CVS means "Concurrent Versioning System" (I think). It is the repository where source code and documentation and everything else is kept. It allows multiple people to work on documents at the same time, making changes independently and then merging changes and maintaining revision history.
Information about the Apache CVS is at http://jakarta.apache.org/site/cvsindex.html CVS is not for the faint of heart though. However, once you get used to it you will never be able to go back to whatever you were using before (at least that is how I feel.) :-) Sincerely, Anthony Eden > -----Original Message----- > From: Glenn Parsons [mailto:[EMAIL PROTECTED]] > Sent: Thursday, April 25, 2002 4:44 PM > To: Tomcat Users List > Subject: RE: tomcat and SSL (keyfile password) > > > Hello Peter, > > Forgive my ignorance (perhaps this is why people aren't finding this sort > of information), but whatr exactly *IS* the CVS? And *WHERE* is it? > > Thanks, > Glenn > > At 10:34 PM 4/25/02 +0200, you wrote: > >Mhhh, there is an updated version of the ssl-howto in the > >CVS for MONTHS now, that describes the installation of official > >certs (like Verisign, Thawte, Trustcenter...) step by step. > >But it is *NOT* in TC 4.03 and it is not on the jakarta-webpage. > > > >I simply wonder why? People are dealing with this topic again > >and again... And I know how frustrating this can get... :-( > > > >Peter > > > > > -----Original Message----- > > > From: Dave North [mailto:[EMAIL PROTECTED]] > > > Sent: Thursday, April 25, 2002 8:33 PM > > > To: Tomcat Users List > > > Subject: RE: tomcat and SSL (keyfile password) > > > > > > > > > OK, here's what I did (this was using a test versign cert but the > > > procedure is the same for a "real" production cert): > > > > > > STEP A - generate your private key > > > > > > Pre-req: JDK must be installed > > > > > > 1) cd to $JAVA_HOME/jre/bin > > > > > > 2) run ./keytool -genkey -alias tomcat -keyalg RSA -keystore <FULL PATH > > > TO KEYSTORE> > > > > > > 3) You will be prompted for a password for the keystore > > > > > > 3) at the prompts, enter: > > > > > > What is your first and last name? > > > [Unknown]: <DO NOT USE NAME - ENTER THE NAME OF YOUR MACHINE AS IT'S > > > KNOWN TO VISITORS> > > > What is the name of your organizational unit? > > > [Unknown]: <WHATEVER YOU LIKE> > > > What is the name of your organization? > > > [Unknown]: <TYPICALLY COMPANY NAME> > > > What is the name of your City or Locality? > > > [Unknown]: <YOUR CITY> > > > What is the name of your State or Province? > > > [Unknown]: <STATE OR PROV> > > > What is the two-letter country code for this unit? > > > [Unknown]: <COUNTRY CODE> > > > > > > 4) You will then be prompted for another password - use the same (ie. > > > Press ENTER) > > > > > > STEP B - Generate a Certificate Request > > > > > > 1) cd to $JAVA_HOME/jre/bin > > > > > > 2) ./keytool -certreq -alias tomcat -file csr.txt -keystore <FULL PATH > > > TO SAME KEYSTORE CREATED IN STEP A> > > > > > > STEP C - Get the new cert from Verisign > > > > > > www.versign.com has all the info here > > > > > > STEP D - Install the Verisign ROOT CA cert AND your server cert > > > > > > When you get your cert in step C, they will provide you with the root > > > cert > > > > > > 1) cd to $JAVA_HOME/jre/bin > > > > > > 2) ./keytool -import -alias verisign -file <FILE THAT CONTAINS THE > > > VERSIGN ROOT CA CERT> -keystore <PATH TO KEYSTORE> > > > > > > 3) ./keytool -import -trustcacerts -alias tomcat -file <FILE THAT > > > CONTAINS YOUR CERT FROM VERISIGN> -keystore <PATH TO KEYSTORE> > > > > > > > > > STEP E - Configure an SSL listener for tomcat > > > > > > 1) edit $JAKARTA_HOME/conf/server.xml and add the following: > > > > > > <!-- Define an SSL HTTP/1.1 Connector on port 443 --> > > > <Connector className="org.apache.catalina.connector.http.HttpConnector" > > > port="443" minProcessors="5" maxProcessors="75" > > > enableLookups="true" > > > acceptCount="10" debug="10" scheme="https" secure="true"> > > > <Factory className="org.apache.catalina.net.SSLServerSocketFactory" > > > clientAuth="false" protocol="TLS" > > > keystoreFile="<FULL PATH TO KEYSTORE FILE>" > > > keystorePass="<PASSWORD HERE>"/> > > > </Connector> > > > > > > 2) Stop and start the tomcat server > > > > > > -----Original Message----- > > > From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] > > > Sent: Thursday, April 25, 2002 2:29 PM > > > To: Tomcat Users List > > > Subject: Re: tomcat and SSL (keyfile password) > > > > > > > > > Hi Dave > > > > > > ohhh...good to know that. > > > > > > I need to set up the tomcat 4.0.3 with verisign. > > > > > > Can you please send those doc to me ? > > > > > > I appreciate your help > > > > > > thanks in advance > > > BM > > > > > > Dave North wrote: > > > > > > > Hello, > > > > After a few hours trying to get this working, I've finally got > > > > my tomcat server working with a certificate signed by Verisign. This > > > > all works great. However, to do this, I need to configure the > > > > keyfilePass into the server.xml file. This is bad as our security > > > > policy is "thou shall not have any passwords in plain text". We also > > > > use SSL on our iPlanet server and it prompts at start time for the > > > > password (they use the term software token but it's the same). So, > > > the > > > > question is: is it possible to have tomcat prompt for this and/or how > > > > have others got around keeping this in plain text? > > > > > > > > BTW: if anyone's interested, I have the complete step-by-step of how I > > > > got the versign cert working...the info is out there but it seems to > > > be > > > > all over the place. > > > > > > > > Thanks > > > > > > > > Dave > > > > > > > > Dave North > > > > SIGNIANT Inc. > > > > Trusted Data Transfer Services > > > > www.signiant.com > > > > Phone: 613-761-3623 > > > > Mobile: 613-294-3231 > > > > Fax: 613-761-3629 > > > > Email: [EMAIL PROTECTED] > > > > > > > > -- > > > > To unsubscribe: <mailto:[EMAIL PROTECTED]> > > > > For additional commands: <mailto:[EMAIL PROTECTED]> > > > > Troubles with the list: <mailto:[EMAIL PROTECTED]> > > > > > > > > > -- > > > To unsubscribe: <mailto:[EMAIL PROTECTED]> > > > For additional commands: <mailto:[EMAIL PROTECTED]> > > > Troubles with the list: <mailto:[EMAIL PROTECTED]> > > > > > > > > > -- > > > To unsubscribe: <mailto:[EMAIL PROTECTED]> > > > For additional commands: <mailto:[EMAIL PROTECTED]> > > > Troubles with the list: <mailto:[EMAIL PROTECTED]> > > > > > > >-- > >To unsubscribe: <mailto:[EMAIL PROTECTED]> > >For additional commands: <mailto:[EMAIL PROTECTED]> > >Troubles with the list: <mailto:[EMAIL PROTECTED]> > > > -- > To unsubscribe: <mailto:[EMAIL PROTECTED]> > For additional commands: <mailto:[EMAIL PROTECTED]> > Troubles with the list: <mailto:[EMAIL PROTECTED]> > -- To unsubscribe: <mailto:[EMAIL PROTECTED]> For additional commands: <mailto:[EMAIL PROTECTED]> Troubles with the list: <mailto:[EMAIL PROTECTED]>
