oh.. i hope server.crt is the certificate you are using? right? On Wed, May 6, 2009 at 5:44 PM, Prasanna Ram Venkatachalam < [email protected]> wrote:
> Melanie, i think keytool does not create any certificate. Its just a > key/certificate management utility. > http://java.sun.com/j2se/1.4.2/docs/tooldocs/solaris/keytool.html > > What did you use to get server.crt? openssl ,selfssl or some free sites > available?? > Regards > Prasanna Ram > On Wed, May 6, 2009 at 12:22 PM, Melanie Pfefer < > [email protected]> wrote: > >> >> Hi, >> >> I have tomcat server running as a backend server and apache running as >> front-end, both on the same machine >> >> In httpd.conf, I have: >> >> SSLProxyEngine On >> RewriteEngine On >> SSLProxyCACertificatePath /usr/local/apache/conf/ssl >> RewriteRule ^/(abc.*) https://host:port/$1 [P,L] >> >> >> I am getting an error that the certificate is out of date. >> >> What I did before was: >> >> keytool -export -alias tomcat -rfc > tomcat.pem >> c_rehash /usr/local/apache/conf/ssl >> >> now /usr/local/apache/conf/ssl has >> >> server.crt >> server.key >> tomcat.pem >> cc5d41ae.0 -> tomcat.pem >> >> >> I need to know how to renew the certificate. >> >> Is it sufficient to redo: >> >> keytool -export -alias tomcat -rfc > tomcat.pem >> c_rehash /usr/local/apache/conf/ssl >> >> how to rollback in case of failures? >> >> Thank you >> >> >> >> >> >> --------------------------------------------------------------------- >> The official User-To-User support forum of the Apache HTTP Server Project. >> See <URL:http://httpd.apache.org/userslist.html> for more info. >> To unsubscribe, e-mail: [email protected] >> " from the digest: [email protected] >> For additional commands, e-mail: [email protected] >> >> > > > -- > Prasanna Ram > -- Prasanna Ram
