tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Fran├žois Andromaque <francois.androma...@sib.fr>
Subject Re: Signed certificate and tomcat
Date Tue, 29 May 2001 09:56:05 GMT
I'm using tomcat on stand-alone (without apache), i want to configure tomcat to work with SSL
by self signing my server certificate.

The documentation TOMCAT and SSL (SSL direct) suggest  to import a cert with openssl :
openssl req -new -out REQ.pem -keyout KEY.pem
openssl req -x509 -in REQ.pem -key KEY.pem -out CERT.pem (password='xx')
keytool -import   -v -trustcacerts -alias tomcat -file CERT.pem
    saved in /root/.keystore

server.xml :
....
<Connector className="org.apache.tomcat.service.PoolTcpConnector">
      <Parameter name="handler" value="org.apache.tomcat.service.http.HttpConnectionHandler"/>
      <Parameter name="port" value="8443"/> (it is the same with value="443")
      <Parameter name="socketFactory" value="org.apache.tomcat.net.SSLSocketFactory" />
      <Parameter name="keystore" value="/root/.keystore" /> 
      <Parameter name="keypass" value="xx" /> 
      <Parameter name="clientAuth" value="false" />     
</Connector> 
....

if I try : https://my_ip_adress:8443 ( or 443 ), the navigator returns connexion refused,

i have also tried to create my own ca :
openssl genrsa -des3 -out ca.key 1024
openssl rsa req -new -x509 -days 365 -key ca.key -out ca.crt

and a cert for the server ( CERT.pem can not be signed by this ca and using sign.sh from mod_ssl
)
openssl genrsa -des3 -out server.key 1024
openssl req -new -key server.key -out server.csr

server.csr can be signed : sign.sh server.csr, and server.crt is created, can i configure
tomcat to use this self signed cert?
otherwise what can i do for configure tomcat to use jsse1.0.2 with a self signed certificate
without installing tomcat.

  ----- Original Message ----- 
  From: Rams 
  To: tomcat-user@jakarta.apache.org 
  Sent: Tuesday, May 29, 2001 8:23 AM
  Subject: RE: Signed certificate and tomcat


  Hi Andromaque,
      can u elaborate ur doubt?

  Rams 


   -----Original Message-----
  From: Fran├žois Andromaque [mailto:francois.andromaque@sib.fr]
  Sent: Monday, May 28, 2001 9:16 PM
  To: tomcat-user@jakarta.apache.org
  Subject: Signed certificate and tomcat



    How configure tomcat, after have create a new self signed certificate server.crt

Mime
View raw message