Victoria Johnson - Kio wrote:
> The text on Apache is really confusing me about setting up SSL on
Tomcat,
what do I do with this command
%JAVA_HOME%\bin\keytool -genkey -alias tomcat -keyalg RSA
Well, first you need to be sure you're NOT running this on an AS/400.
For some reason, Keytool is broken under OS/400.
At any rate, you need to find out where Java is on the computer you're
using, and put it into your executable path.
Then you call the Keytool command:
keytool -genkey -keystore <whatever you want to call your keystore>
-alias <whatever alias you wish to use> -keyalg RSA [-keysize <keylength>]
or for a more concrete example,
-genkey -keystore foo.ks -alias bar -keyalg RSA -keysize 2048
You will be prompted for a password; the default for Tomcat is
"changeit"; you should probably give it this password unless you have a
reason to do otherwise.
You will be prompted for a "first and last name." DON'T give it that.
Give it the URL of your website, e.g., "www.foobar.com" so that people
don't get "certificate is for the wrong domain" warnings in their browsers.
You will be prompted for the particulars of who you are and where you
are. These are important if you plan on having it signed by a CA, so
that people don't get "self-signed certificate" warnings in their browsers.
Once you have a keystore, you can hook it to your Tomcat server by
editing the server.xml file.
--
JHHL
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org
