cocoon-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From ed <>
Subject Re: Using HTTPS as a src for a file generator
Date Tue, 22 Jun 2004 01:34:33 GMT
Hi Steven

Here is a script for creating a self signed cert.  Jetty can use
this keystore for https access.

#! /bin/sh
// create a key store with private key
keytool -genkey -alias server -keystore /var/keysserver/cokeys 
-storepass storepassword# -keypass keypassword@ -dname ", 
OU=Security Provider, O=Apache,L=Virginia Beach, S=Virginia, C=US" 
-validity 3600 -v

// generate a self signed sertificate
keytool -selfcert -alias servercert -keystore /var/keysserver/cokeys 
-alias server -storepass storepassword# -keypass keypassword@ -dname 
",OU=Web Services,O=Apache,L=Virginia 
Beach,S=Virginia, c=US" -validity 3600 -v

Here is a script for generating a request for signing

echo "keytool -genkey"
keytool -genkey -alias cocoonkey -keyalg RSA -keystore 
/var/cocoon/certs/cokeys -storepass storepass# -keypass keypass@ -dname 
", OU=PMC, O=Cocoon development, L=Suffolk, 
S=Virginia, C=US" -validity 3600 -v
echo "keytool certreq"
keytool -certreq -sigalg MD5withRSA -alias cocoonkey -file 
/var/cocoon/certs/cocoonreq.csr -keystore /var/cocoon/certs/cokeys 
-storepass storepass# -keypass keypass@

Hva the file in /var/cocoon/certs.cocoonreq.csr signed
by an authority then import it:

echo "keytool ...import cert"
keytool -import -v -alias cocoonkey -file 
/var/cocoon/certs/cocooncrt.crt -keypass keypass@ -keystore 
/var/cocoon/certs/cokeys -storepass storepass# -trustcacerts

Hope this helps and is not too late.

Steven Noels wrote:
> Hi folks,
> I'm trying to use a https source in a simple pipeline, but Java doesn't 
> like the server certificate on the originating side. With the help of 
> openssl, I managed to save a local copy of the certificate, but now I 
> need to add it to my local set of certificates.
> Despite gazillion of web pages, I haven't quite found out how and why 
> (the 'how' would be enough to start with).
> Has anyone experience with adding certificates to the Java security 
> machinery?
> Thanks,
> </Steven>

View raw message