tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Baran Topal <jazziiil...@gmail.com>
Subject Tomcat 6 SSL issue
Date Fri, 10 Oct 2014 19:06:39 GMT
Hi;

I have created a keystore and CSR for SSL with the following command:

%JAVA_HOME%\bin\keytool -genkey -alias server -keyalg RSA \
  -keystore \path\to\my\keystore


Then I received 2 files from the certificate authority, abc.com.cer
and abc.om.p7b


>From this point, no matter what I have done, i couldn't make the SSL
work on my Tomcat 6.

I followed the steps under,
http://tomcat.apache.org/tomcat-6.0-doc/ssl-howto.html

but I failed to import p7b so I convert it crt file and successfully import it.

My application for http, is using 55012 and I want to use the port 443
for https.

Following is my server.xml

<Connector port="443"
maxHttpHeaderSize="8192" maxThreads="150" minSpareThreads="25"
maxSpareThreads="75" enableLookups="false"
disableUploadTimeout="true" acceptCount="100"
scheme="https" secure="true" SSLEnabled="true"
clientAuth="false" sslProtocol="TLS"
keyAlias="server" keystoreFile="/path/to/JKSfile/your_site_name.jks"
keystorePass="your_keystore_password" />


Now my questions are


1) my keystore alias is server and i send my csr after this.

To clean the things up, I want to delete my keystore but is it fine if
I generate the key with another alias, e.g. tomcat as in the tomcat
documentation?

2) I have the files, cer and crt (p7b), so is fine or should I need stg extra?

3) Is the order of import important?`first crt then cer?

4) What are the correct import commands? Should I trust tomcat
documentation or authorities documentation?


My tomcat version is as follows:


Server version: Apache Tomcat/6.0.36
Server built:   Oct 16 2012 09:59:09
Server number:  6.0.36.0
OS Name:        Windows 7
OS Version:     6.1
Architecture:   amd64
JVM Version:    1.7.0_21-b11
JVM Vendor:     Oracle Corporation


Regards.

Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message