tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Christopher Schultz <ch...@christopherschultz.net>
Subject Re: installing certificates
Date Fri, 13 Oct 2017 02:45:15 GMT
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Adam,

On 10/9/17 6:13 PM, Adam Pease wrote:
> Hi Chris, Many thanks for the quick response!  There's a lot of new
> terminology (to me) to all this and it's quite confusing I'm
> afraid.
> 
> I tried Let's Encrypt just now but since I'm running Tomcat sites 
> either I'm not doing it right, or it doesn't know how to verify
> domains when they don't answer on port 80.  So I get "The server
> could not connect to the client to verify the domain :: Timeout" 
> Following the process at "gethttpsforfree.com" resulted in two
> long hex keys: one titled "Signed Certificate" and one titled
> "Intermediate Certificate".  I'm not sure what a "server
> certificate" is.  Is that a public/private key pair that I
> generated at the beginning of this process with
> 
> openssl genrsa 4096 > account.key
> 
> or what I did at the beginning of the tomcat instructions
> 
> $JAVA_HOME/bin/keytool -genkey -alias tomcat -keyalg RSA
> 
> But that generates a .keystore file which is already a parameter to
> the failing command.
> 
> I really appreciate your help.

Have a look at this page:
http://tomcat.apache.org/presentations.html

Search for "let's encrypt".

There's a ton of stuff in there that you don't need, but the basics
are in fact there, including (IIRC) every single command you'll need
to execute in order to get yourself a certificate signed, installed,
and running in Tomcat.

- -chris
-----BEGIN PGP SIGNATURE-----
Comment: GPGTools - http://gpgtools.org
Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/

iQIzBAEBCAAdFiEEMmKgYcQvxMe7tcJcHPApP6U8pFgFAlngKLsACgkQHPApP6U8
pFi2pQ//SAjMDzTHWMT/Eg3HDs7+Es++0e4ysYjBNFP2+pq/krtaF6T4mUIVscBq
3KCNdaBIjM/WDrHCwD41G3rZ7OWeTXb4mPXKMeyYzVUdcZKNe/GvmA0rCgV345Uy
o+21S0SYUI4sH8Cuh8h44WCzScyzRvFmrwIzPuC+lo11klk3C1GSZAu9achjKfjr
Q5DqLlpfQUu3RL17HIy6JsFogTU3qhVhgzUIxWl2c/SBE3p1FvCMvCx2HNA57/1D
iakOX5smGW/NU9B2RiWf9LlXdwH4qvwfmTXbqe90ewww3DyUQMAK2JvoydcaIL2+
g8fjtKwTBsswRSsXpOXeXFDK8f5dpeAvNkJXS//Vu6oyt9gg3MYf3CUd3+wVoAaL
XZ/Tnx2lSjwHibwf1amzvgPTqFqXlowIaXrnafk3eKdCawQCEUvJrcvlpqviZVHS
BgQR0ebphM0Q4s+Nro8lfOSo9v1ekFLxyU0wXQt6qVsQ8RYTyaDZ8szHvis/cdOh
I1srYMkRPJjcK97gb1zF1064SH4uKbwo9cTxGSichocUQZzET1BVIVSnAA7wLlk9
C/MgHRAB620a03MWeA1tDj48mccHiX94T6LlQAJGccAESPyZinvWg2MSfqkRCxct
8YfZTHfPYNo3LrAXYrd4fa17VUhnjTXwLf3JgUcy9QAJ1urTYOA=
=2f+C
-----END PGP SIGNATURE-----

---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org


Mime
View raw message