cxf-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From gma...@apache.org
Subject svn commit: r1364769 - /cxf/fediz/trunk/examples/samplekeys/HowToGenerateKeysREADME.html
Date Mon, 23 Jul 2012 19:43:11 GMT
Author: gmazza
Date: Mon Jul 23 19:43:11 2012
New Revision: 1364769

URL: http://svn.apache.org/viewvc?rev=1364769&view=rev
Log:
Clarified keystore/truststore needs.

Modified:
    cxf/fediz/trunk/examples/samplekeys/HowToGenerateKeysREADME.html

Modified: cxf/fediz/trunk/examples/samplekeys/HowToGenerateKeysREADME.html
URL: http://svn.apache.org/viewvc/cxf/fediz/trunk/examples/samplekeys/HowToGenerateKeysREADME.html?rev=1364769&r1=1364768&r2=1364769&view=diff
==============================================================================
--- cxf/fediz/trunk/examples/samplekeys/HowToGenerateKeysREADME.html (original)
+++ cxf/fediz/trunk/examples/samplekeys/HowToGenerateKeysREADME.html Mon Jul 23 19:43:11 2012
@@ -13,7 +13,7 @@ is recommended.</p>
 <tr><td>tomcat-idp.jks (tompass)</td><td>mytomidpkey (tompass)</td><td>base
folder of Tomcat instance holding the IDP and IDP STS</td>
     <td><code>keytool -genkeypair -validity 730 -alias mytomidpkey -keystore
tomcat-idp.jks -dname "cn=localhost" -keypass tompass -storepass tompass</code><br/><br/><code>keytool
-keystore tomcat-idp.jks -storepass tompass -export -alias mytomidpkey -file MyTCIDP.cer</code></td>
     <td>Nobody</td><td>IDP app</td></tr> 
-<tr><td>tomcat-rp.jks (tompass)</td><td>mytomrpkey (tompass)</td><td>base
folder of Tomcat instance holding the relying party applications for both samples (simpleWebapp
and wsclientWebapp); has Tomcat Fediz plugin configured to make STS calls</td>
+<tr><td>tomcat-rp.jks (tompass)</td><td>mytomrpkey (tompass)</td><td>base
folder of Tomcat instance holding the relying party applications for both samples (simpleWebapp
and wsclientWebapp); has the STS public cert added to it because this keystore is configured
in conf/fediz_config.xml. <p><em>Note: If desired can avoid adding STS public
cert to this keystore if you create a separate truststore for Fediz w/STS public cert (identical
to webserviceKeystore.jks below), and use that in fediz_config.xml instead.</em></p></td>
     <td><code>keytool -genkeypair -validity 730 -alias mytomrpkey -keystore tomcat-rp.jks
-dname "cn=localhost" -keypass tompass -storepass tompass<br/><br/>keytool -import
-trustcacerts -keystore tomcat-rp.jks -storepass tompass -alias mystskey -file MySTS.cer -noprompt
(see stsstore.jks below for MySTS.cer)</code></td>
     <td>IDP STS (Fediz Tomcat plugin makes STS call)</td><td>Nobody</td></tr>

 <tr><td>tomcat-wsp.jks (tompass)</td><td>mytomwspkey (tompass)</td><td>base
folder of Tomcat instance holding the web service provider in the second (wsClientWebapp)
sample</td>



Mime
View raw message