tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Ziggy <zigg...@gmail.com>
Subject Re: How to install an updated third party SSL certificate for B2B transactions
Date Wed, 09 Sep 2009 16:47:36 GMT
On 9/8/09, Peter Crowther <peter.crowther@melandra.com> wrote:
> 2009/9/8 David Uctaa <ductaa@gmail.com>
>
>> I have inherited a Tomcat 5.5 installation running on Windows XP.  There
>> are
>> processes on this box which do server-to-server connections with a third
>> party via HTTPS over SSL.  We have installed the third party's SSL
>> certificate on our server, and they have done likewise with ours.  We use
>> their certificate for recognizing messages that they have signed and
>> encrypted, etc.
>
>
> OK.  So the first step is to work out what piece of code uses "their"
> certificate.
>
> It's unlikely to be Tomcat, which probably uses "your" certificate to
> identify itself to "them" - but it's possible.
>
> It's more likely to be one or more B2B web applications (webapps) running
> inside Tomcat, which probably check returns from "them" to make sure the
> correct cert has been seen from "their" server.
>
>  They have now updated their certificate and sent it to us.
>> But I do not know how or where to update this on our system.  Do I need to
>> do something with the keystore?  Are there resources online which will
>> give
>> me the how-tos on this?  I've googled around and only managed to confuse
>> myself further.
>>
>
> I think it'll stay confusing until you answer the above question.  You'll
> have to find / create / mind-read the documentation about which part of the
> system needs to know about which certificates.  I suspect finding that out,
> or simply finding the architecture diagram that shows what apps are hosted
> in what containers and how they communicate, would be very useful to you!
>
> Once you've got more information, you can then ask far more targeted
> questions.  They might be of the Tomcat users if that's relevant, or they
> might be of some other group that knows about the technology in your B2B
> webapps.
>
> Hope that helps.  I'm not trying to fob you off; I just think we all need
> some more information about what's on the box!
>
> - Peter
>

-- 
Sent from my mobile device

---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org


Mime
View raw message