Chris,
On 26.10.2013 23:39, Chris Arnold wrote:
Tomcat 7.0.42 on SLES11. I am following
http://tomcat.apache.org/tomcat-7.0-doc/ssl-howto.html#Configuration to secure
tomcat. I have uncommented the SSL HTTP section. The configuration section of
that doc, importing the certificate: i have a go daddy bundle in crt format. I
can download the cert bundle from go daddy for tomcat but it also is a crt
file. Do i have to run this exact command:
openssl pkcs12 -export -in mycert.crt -inkey mykey.key \
-out mycert.p12 -name tomcat -CAfile myCA.crt \
-caname root -chain
It looks ok to me. Does it work for you?
It will create PKCS#12 keystore file (mycert.p12), so you may:
1. add parameter keystoreType="pkcs12" to your HTTPS connector, and use
that file, or
2. convert PKCS#12 keystore to Java Keystore format, and use default
keystore type (JKS).
This is both possible, only if you plan to use either BIO or NIO HTTP
connector. If you plan to use APR, connector configuration is completely
different.
-Ognjen
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org
