tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Peter Crowther <peter.crowt...@melandra.com>
Subject Re: How to install an updated third party SSL certificate for B2B transactions
Date Tue, 08 Sep 2009 14:20:45 GMT
2009/9/8 David Uctaa <ductaa@gmail.com>

> I have inherited a Tomcat 5.5 installation running on Windows XP.  There
> are
> processes on this box which do server-to-server connections with a third
> party via HTTPS over SSL.  We have installed the third party's SSL
> certificate on our server, and they have done likewise with ours.  We use
> their certificate for recognizing messages that they have signed and
> encrypted, etc.


OK.  So the first step is to work out what piece of code uses "their"
certificate.

It's unlikely to be Tomcat, which probably uses "your" certificate to
identify itself to "them" - but it's possible.

It's more likely to be one or more B2B web applications (webapps) running
inside Tomcat, which probably check returns from "them" to make sure the
correct cert has been seen from "their" server.

 They have now updated their certificate and sent it to us.
> But I do not know how or where to update this on our system.  Do I need to
> do something with the keystore?  Are there resources online which will give
> me the how-tos on this?  I've googled around and only managed to confuse
> myself further.
>

I think it'll stay confusing until you answer the above question.  You'll
have to find / create / mind-read the documentation about which part of the
system needs to know about which certificates.  I suspect finding that out,
or simply finding the architecture diagram that shows what apps are hosted
in what containers and how they communicate, would be very useful to you!

Once you've got more information, you can then ask far more targeted
questions.  They might be of the Tomcat users if that's relevant, or they
might be of some other group that knows about the technology in your B2B
webapps.

Hope that helps.  I'm not trying to fob you off; I just think we all need
some more information about what's on the box!

- Peter

Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message