tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Michael Rooz" <>
Subject RE: ssl
Date Tue, 30 Dec 2008 11:28:41 GMT
I agree that in general this would be the preferable way of working with
the trust store however using self signed certificates streamlines much
better with my application and therefore my preference at this point is
to find a proper way of refreshing the trust store in the

I'm still looking for a solution to this...

-----Original Message-----
From: Mark Thomas [] 
Sent: Tuesday, December 30, 2008 12:28 PM
To: Tomcat Users List
Subject: Re: ssl

Michael Rooz wrote:
> Hi Bill,
> Well - first the reason we need to update the truststore often is
because we
> use self signed certificates and therefore each client certifcate
needs to
> be in there.

If your processes allow, you would be better off creating your own
root CA, using that to sign client certs and then adding your CA to
trust store. That way you can add new client certs without any changes
to Tomcat.


To unsubscribe, e-mail:
For additional commands, e-mail:

To unsubscribe, e-mail:
For additional commands, e-mail:

View raw message