httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Prasanna Ram Venkatachalam <vpra...@gmail.com>
Subject Re: [users@httpd] renewing a certificate
Date Wed, 06 May 2009 12:15:20 GMT
oh.. i hope server.crt is the certificate you are using? right?

On Wed, May 6, 2009 at 5:44 PM, Prasanna Ram Venkatachalam <
vpram86@gmail.com> wrote:

> Melanie, i think keytool does not create any certificate. Its just a
> key/certificate management utility.
> http://java.sun.com/j2se/1.4.2/docs/tooldocs/solaris/keytool.html
>
> What did you use to get server.crt? openssl ,selfssl or some free sites
> available??
> Regards
> Prasanna Ram
>   On Wed, May 6, 2009 at 12:22 PM, Melanie Pfefer <
> melanie_pfefer@yahoo.co.uk> wrote:
>
>>
>> Hi,
>>
>> I have tomcat server running as a backend server and apache running as
>> front-end, both on the same machine
>>
>> In httpd.conf, I have:
>>
>> SSLProxyEngine On
>> RewriteEngine On
>> SSLProxyCACertificatePath /usr/local/apache/conf/ssl
>> RewriteRule ^/(abc.*) https://host:port/$1 [P,L]
>>
>>
>> I am getting an error that the certificate is out of date.
>>
>> What I did before was:
>>
>> keytool -export -alias tomcat -rfc > tomcat.pem
>> c_rehash  /usr/local/apache/conf/ssl
>>
>> now /usr/local/apache/conf/ssl has
>>
>> server.crt
>> server.key
>> tomcat.pem
>> cc5d41ae.0 -> tomcat.pem
>>
>>
>> I need to know how to renew the certificate.
>>
>> Is it sufficient to redo:
>>
>> keytool -export -alias tomcat -rfc > tomcat.pem
>> c_rehash  /usr/local/apache/conf/ssl
>>
>> how to rollback in case of failures?
>>
>> Thank you
>>
>>
>>
>>
>>
>> ---------------------------------------------------------------------
>> The official User-To-User support forum of the Apache HTTP Server Project.
>> See <URL:http://httpd.apache.org/userslist.html> for more info.
>> To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
>>   "   from the digest: users-digest-unsubscribe@httpd.apache.org
>> For additional commands, e-mail: users-help@httpd.apache.org
>>
>>
>
>
> --
> Prasanna Ram
>



-- 
Prasanna Ram

Mime
View raw message