tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Ognjen Blagojevic <ognjen.d.blagoje...@gmail.com>
Subject Re: Secure Tomcat With SSL
Date Sat, 26 Oct 2013 22:47:26 GMT
Chris,

On 26.10.2013 23:39, Chris Arnold wrote:
> Tomcat 7.0.42 on SLES11. I am following http://tomcat.apache.org/tomcat-7.0-doc/ssl-howto.html#Configuration
to secure tomcat. I have uncommented the SSL HTTP section. The configuration section of that
doc, importing the certificate: i have a go daddy bundle in crt format. I can download the
cert bundle from go daddy for tomcat but it also is a crt file. Do i have to run this exact
command:
>
> openssl pkcs12 -export -in mycert.crt -inkey mykey.key \
>                          -out mycert.p12 -name tomcat -CAfile myCA.crt \
>                          -caname root -chain

It looks ok to me. Does it work for you?

It will create PKCS#12 keystore file (mycert.p12), so you may:

1. add parameter keystoreType="pkcs12" to your HTTPS connector, and use 
that file, or
2. convert PKCS#12 keystore to Java Keystore format, and use default 
keystore type (JKS).

This is both possible, only if you plan to use either BIO or NIO HTTP 
connector. If you plan to use APR, connector configuration is completely 
different.

-Ognjen

---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org


Mime
View raw message