A friendly place for programming greenhorns!
Big Moose Saloon
Register / Login
Self-signed certificate in tomcat
Joined: Jun 11, 2008
Jun 11, 2008 14:36:00
Can anyone pls help with this. I need to accept a self signed certificate in
5.5.2 and i am getting this error.
: Invalid keystore format
Can someone pls list the steps to perform this action on unix.
Author and ninkuma
Joined: Jan 10, 2002
Jun 11, 2008 17:27:00
Please use real words when posting to the forums. Abbreviations such as "pls" in place of "please" only serve to make your posts more difficult to read and less likely to generate useful responses.
for more information.
Asking smart questions
Books by Bear
Amit M Tank
Joined: Mar 28, 2004
Jun 11, 2008 17:38:00
Find the Documentation here
Joined: Dec 11, 2004
Jun 12, 2008 06:22:00
Here's the cheat sheet that I made:
Cheat Sheet for creating a self signed certificate. 1. create a directory to store your certificate. IE: "C:\ssl" 2. Open a command window (dos prompt) and CD to that directory. c: cd \ssl 3. type: keytool -genkey -alias tomcat -keyalg RSA -keystore ./keystore NOTE: The keytool will then ask you a series of questions. For. Password: Use something you will remember. First & Last Name: Use the domain or IP that you will be using to access the site with. If you're only hitting tomcat from the local machine use "localhost". If you don't, the user will be warned that the certificate is for a different domain. Organizational Unit: Any String (just remember it). Name of your organization: Your company name. Name of your city: The name of your city. Name of your state or province. Use the full spelling of your state with the first letter captialized ("Massachusetts"). The two letter contry code for this unit. Make sure it's upper case ("US") You will be shown all of your entries and asked to confirm. Hit enter. You will be asked for your password again with the option to just hit enter. Hit enter The keystore will be generated in the current working directory. 4. Open server.xml, located in TOMCAT\conf. Find and uncomment the SSL <Connector port entry. NOTE: XML uses the "<!--" start and "-->" end symbols to begin and end comments. NOTE: There is a comment just above it that looks like this: <!-- Define a SSL HTTP/1.1 Connector on port 8443 --> 5. Add two more attributes to this tag: keystoreFile="PATH TO YOUR KEY STORE" and: keystorePass="YOUR PASSWORD" 6. Restart Tomcat. Screenshot of a keytool session: ========================================================================== [bsouther@bsouther ssl]$ keytool -genkey -alias tomcat -keyalg RSA -keystore ./keystore Enter keystore password: myPassword What is your first and last name? [Unknown]: localhost What is the name of your organizational unit? [Unknown]: webdev What is the name of your organization? [Unknown]: company What is the name of your City or Locality? [Unknown]: Plymouth What is the name of your State or Province? [Unknown]: Massachusetts What is the two-letter country code for this unit? [Unknown]: US Is CN=localhost, OU=asp, O=company, L=Plymouth, ST=Massachusetts, C=US correct? [no]: yes Enter key password for <tomcat> (RETURN if same as keystore password): ========================================================================== Example of a configured server.xml file: ========================================================================== <!-- Define a SSL HTTP/1.1 Connector on port 8443 --> <Connector port="8443" maxHttpHeaderSize="8192" maxThreads="150" minSpareThreads="25" maxSpareThreads="75" enableLookups="false" disableUploadTimeout="true" acceptCount="100" scheme="https" secure="true" clientAuth="false" sslProtocol="TLS" keystoreFile="c:\ssl\keystore" keystorePass="myPassword" /> ==========================================================================
How to ask a question...
Simple Servlet Examples
I’ve looked at a lot of different solutions, and in my humble opinion Aspose is the way to go. Here’s the link:
subject: Self-signed certificate in tomcat
Keytool import problem
Applet can't write to the file, Permission denied
Enabling SSL on JBoss
connect to a SOAP webservice using SSL
developing and testing ssl
All times are in JavaRanch time: GMT-6 in summer, GMT-7 in winter
| Powered by
Copyright © 1998-2015