tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Bill Barker" <wbar...@wilshire.com>
Subject Re: Apache security certificate vs. Tomcat security certificate
Date Sat, 03 Apr 2004 21:23:23 GMT

"Hollerman Geralyn M" <gmh2441@louisiana.edu> wrote in message
news:406DD47A.8090604@louisiana.edu...
> I currently have Tomcat 5.0.16 running using the SSL connector and a
self-signed
> certificate - I followed the directions in the Tomcat SSL HOW-TO in how to
> create the certificate and set up Tomcat for SSL. This is running with no
> problems in my development environment.
>
> I have been asked to put SSL on our production Tomcat. It is also v
5.0.16. My
> sysadmin gave me two files he uses for Apache, running with SSL, on
another
> system; he said he thought I would need them. They are called server.crt
and
> server.key - he said he was giving me the certificate and the key for it.
How do
> I intergrate this with Tomcat? How does this correspond to what I've got
for
> Tomcat - I presume that the .crt file is like the .cer file I exported
from
> cacerts.jks (my keystore), but what does the .key file correspond to? How
does
> that fit in?
>

The '.key' file is the private key corresponding to the public key stored in
the '.crt' file.

IMHO, the easiest way to integrate your Apache cert with Tomcat is to export
the cert and the key to a PKCS12 file (see the "Prepare the Certificate
Keystore" section of the Tomcat ssl-howto for an example of how to do this),
and just use this file as your keystoreFile in Tomcat (remembering to set
keystoreType="PKCS12" as well :).

There are also utilities floating around the net to import Apache certs into
a JKS keystore (e.g. http://www.comu.de/docs/tomcat_ssl.htm).  You can try
Google and/or searching the archives for other solutions (since this topic
comes up a lot :).

> Thanks!
> -- 
> Lynn Hollerman.




---------------------------------------------------------------------
To unsubscribe, e-mail: tomcat-user-unsubscribe@jakarta.apache.org
For additional commands, e-mail: tomcat-user-help@jakarta.apache.org


Mime
View raw message