tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "John Roth" <john.r...@providersolutions.net>
Subject RE: How many SSL certificates are needed for Tomcat with IIS?
Date Mon, 15 Apr 2002 13:24:22 GMT
Also, each server sends a machine+server specific character set to Verisign
(or any other certifier).  For example: a keystore generated CertRequest
will create a different request than an IIS generated CertRequest, all other
things being equal (IP address, domain name, etc.).

In a normal Web Server/Tomcat (App) Server environment, the Web Server is
what is responsible for SSL encryption.  This is the same regardless of the
web server (IIS, Apache, Netscape, or any other).  In some environments
Tomcat is the web server, hence the SSL support in Tomcat.

Summary:
Only the web server needs the certificate.  If this is IIS, you must
generate the request via IIS.  If the web server is going to be Tomcat, via
the HTTPConnector, use keystore to generate the request.

John

-----Original Message-----
From: Hugh Brien [mailto:hpbrien@comcast.net]
Sent: Sunday, April 14, 2002 12:44 AM
To: Tomcat Users List
Subject: Re: How many SSL certificates are needed for Tomcat with IIS?


What was the error?  Did you search for the error code to see if anyone had
the same problem?  Certs are based on 509 however there are extensions that
different vendors support.
r,
Hugh

----- Original Message -----
From: "Hawkins, Keith (Keith)" <kphawkins@avaya.com>
To: "tomcat-user" <tomcat-user@jakarta.apache.org>
Sent: Friday, April 12, 2002 5:46 PM
Subject: How many SSL certificates are needed for Tomcat with IIS?



I generated CSR via Sun's keytool, sent it to verisign, and imported the
resulting certificate into a keystore file.
I tried to get IIS to import this certificate, but it rejects it.  Do I have
to request the certificate from IIS?  Do I need to
have two certificates, one for tomcat and one for IIS?

Thanks,
Keith




--
To unsubscribe:   <mailto:tomcat-user-unsubscribe@jakarta.apache.org>
For additional commands: <mailto:tomcat-user-help@jakarta.apache.org>
Troubles with the list: <mailto:tomcat-user-owner@jakarta.apache.org>


--
To unsubscribe:   <mailto:tomcat-user-unsubscribe@jakarta.apache.org>
For additional commands: <mailto:tomcat-user-help@jakarta.apache.org>
Troubles with the list: <mailto:tomcat-user-owner@jakarta.apache.org>


Mime
View raw message