tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From johannes.fi...@fwd.at
Subject SOLVED: Re: Issuing self-signed certificates to users for SSLv3
Date Sat, 05 Apr 2003 18:46:10 GMT
Hi there,

Mark: thx for the hint, unfortunately I'm not using tomcat connector right 
now. I'll come back to you if I'm using one later.
Ramsay: thx for the useful link!

just in case anybody else needs to issue certificates using openssl:

================================
Commandline OpenSSL for Windows
================================
http://gnuwin32.sourceforge.net/packages/openssl.htm
(so you don't have to compile yourself)

================================
SimpleCA/OpenSSL
================================
http://users.skynet.be/ballet/joris/SimpleCA/

allows to create a CA, create certificates, sign them and revoke them.
keeps a log of all the actions done using openssl, so they can easily be 
entered in openssl commandline modus later.
very good for learning how openssl works (since the docs of openssl are a 
bit lousy).

cheers
Johannes





"Mark W. Webb" <mark@dolphtech.com> 
04.04.2003 19:14
Please respond to
"Tomcat Users List" <tomcat-user@jakarta.apache.org>


To
Tomcat Users List <tomcat-user@jakarta.apache.org>
cc

Subject
Re: Issuing self-signed certificates to users for SSLv3






openssl is what I have been using. 

PS.  If you are doing SSL using a tomcat connector, I could use some 
help.  My servlets can only get the user's certificate when I run tomcat 
in stand-alone mode.  I would like it if apache could handle the SSL, 
and pass of servlet processing to tomcat.

johannes.fiala@fwd.at wrote:

>Hi there,
>
>I know it's not absolutely tomcat-specific, but maybe another Tomcat-user 

>has come across this issue.
>
>We want to set up a Certificate Authority and issue self-signed 
>certificates to users which then will use SSLv3 client certificate 
>authentication to authenticate with Tomcat.
>
>Does anybody know an easy tool to generate certificates and package them 
>into PKCS #12 files (PFX-files, password-protected).
>
>Thanks alot
>Johannes
> 
>

-- 
Mark Webb
Software Engineer
Dolphin Technology
474 Phoenix Drive
Rome, NY  13441-4911
 
Phone : 315.838.7000 
      : 315.838.7024 
Fax   : 315.838.7096
Email : mark@dolphtech.com





---------------------------------------------------------------------
To unsubscribe, e-mail: tomcat-user-unsubscribe@jakarta.apache.org
For additional commands, e-mail: tomcat-user-help@jakarta.apache.org



Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message