tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Raueber Hotzenplotz <>
Subject Re: KeyStore question
Date Sun, 23 Oct 2005 14:21:21 GMT
Here is the link to the source code files:

--- Raueber Hotzenplotz <> wrote:

> Hi all
> I still want to use Tomcat with SSL (still not working). I've got a servlet
> that acts as a CA.
> 1. Question(s):
> Should I have separate keystores (JKS) for the web application and the Tomcat
> server? Where do you usually place the Tomcat keystore? At the moment I'm
> including the web application keystore in the war file and have the Tomcat
> keystore stored somewhere else.
> 2. Question(s):
> If I want to use SSL I don't need to change an existing servlet - Tomcat
> handles secure requests. Is that correct? My problem is, web browsers accept
> my
> selfsigned certificates (https://localhost:8443) (after I tell them to do
> so),
> but as soon as I make a secure xmlrpc call to my servlet, I get
> SSLHandshakeExeptions. Secure xmlrpc calls between two clients
> (SecureWebServer/SecureXmlRpcClient) work. I've got my own 'open'
> trustmanager
> and hostnameverifier (see attached code). The only thing I changed was the
> server.xml file (now includes keystore/password for Tomcat server). Are there
> any other things? I also tried to add my selfsigned certificate to
> $JAVA_HOME/jre/lib/security/cacerts, but that didn't help either. 
> 3. Question(s):
> I've already asked in other places, but I still can't make it work. I would
> be
> a very happy person, if someone could post a complete client + server code
> using SSL preferably xmlrpc using instead of
> (that's
> a bit off topic). Do I need to implement my own trustmanager/hostnameverifier
> on both sides client and server or just on the client side?
> Thanks!!
> Rudi
> ___________________________________________________________ 
> Yahoo! Messenger - NEW crystal clear PC to PC calling worldwide with
> voicemail
> > ---------------------------------------------------------------------
> To unsubscribe, e-mail:
> For additional commands, e-mail:

To help you stay safe and secure online, we've developed the all new Yahoo! Security Centre.

To unsubscribe, e-mail:
For additional commands, e-mail:

View raw message