tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Fran├žois Andromaque <>
Subject Re: Signed certificate and tomcat
Date Tue, 29 May 2001 09:56:05 GMT
I'm using tomcat on stand-alone (without apache), i want to configure tomcat to work with SSL
by self signing my server certificate.

The documentation TOMCAT and SSL (SSL direct) suggest  to import a cert with openssl :
openssl req -new -out REQ.pem -keyout KEY.pem
openssl req -x509 -in REQ.pem -key KEY.pem -out CERT.pem (password='xx')
keytool -import   -v -trustcacerts -alias tomcat -file CERT.pem
    saved in /root/.keystore

server.xml :
<Connector className="org.apache.tomcat.service.PoolTcpConnector">
      <Parameter name="handler" value="org.apache.tomcat.service.http.HttpConnectionHandler"/>
      <Parameter name="port" value="8443"/> (it is the same with value="443")
      <Parameter name="socketFactory" value="" />
      <Parameter name="keystore" value="/root/.keystore" /> 
      <Parameter name="keypass" value="xx" /> 
      <Parameter name="clientAuth" value="false" />     

if I try : https://my_ip_adress:8443 ( or 443 ), the navigator returns connexion refused,

i have also tried to create my own ca :
openssl genrsa -des3 -out ca.key 1024
openssl rsa req -new -x509 -days 365 -key ca.key -out ca.crt

and a cert for the server ( CERT.pem can not be signed by this ca and using from mod_ssl
openssl genrsa -des3 -out server.key 1024
openssl req -new -key server.key -out server.csr

server.csr can be signed : server.csr, and server.crt is created, can i configure
tomcat to use this self signed cert?
otherwise what can i do for configure tomcat to use jsse1.0.2 with a self signed certificate
without installing tomcat.

  ----- Original Message ----- 
  From: Rams 
  Sent: Tuesday, May 29, 2001 8:23 AM
  Subject: RE: Signed certificate and tomcat

  Hi Andromaque,
      can u elaborate ur doubt?


   -----Original Message-----
  From: Fran├žois Andromaque []
  Sent: Monday, May 28, 2001 9:16 PM
  Subject: Signed certificate and tomcat

    How configure tomcat, after have create a new self signed certificate server.crt

View raw message