tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From e..@swapsimple.com
Subject Re: ssl certs
Date Tue, 24 Aug 2004 20:11:25 GMT
On Tue, Aug 24, 2004 at 04:14:19PM +0000, Didier McGillis wrote:
> The site is all Java, tomcat is the app and web server, I have never dealt 
> with Tomcat as a web server so is it easy to setup tomcat to handle ssl 
> certs and https requests.  Any thing I have to watch out for?
	One thing you want to watch out for is how you generate the certificate.
If you use the standard JKS format keystore then it is extremely difficult
to get the private key into or out of the keystore.  Therefore you need to
make sure to generate the certificate using keytool, instead of (e.g.)
openssl.
	There are ways to get around this.  For instance, you can configure
tomcat to use a different keystore type by setting the keystoreType
attribute on the <Connector> element in server.xml.
	The existing docs are not very helpful with this.  I wrote up a page
(mostly for my own use) at:
http://www.swapsimple.com/tomcat_java_certificates.html
It might be a little more helpful.

eric

---------------------------------------------------------------------
To unsubscribe, e-mail: tomcat-user-unsubscribe@jakarta.apache.org
For additional commands, e-mail: tomcat-user-help@jakarta.apache.org


Mime
View raw message