Help coderanch get a
new server
by contributing to the fundraiser
  • Post Reply Bookmark Topic Watch Topic
  • New Topic
programming forums Java Mobile Certification Databases Caching Books Engineering Micro Controllers OS Languages Paradigms IDEs Build Tools Frameworks Application Servers Open Source This Site Careers Other Pie Elite all forums
this forum made possible by our volunteer staff, including ...
Marshals:
  • Campbell Ritchie
  • Jeanne Boyarsky
  • Ron McLeod
  • Paul Clapham
  • Liutauras Vilda
Sheriffs:
  • paul wheaton
  • Rob Spoor
  • Devaka Cooray
Saloon Keepers:
  • Stephan van Hulst
  • Tim Holloway
  • Carey Brown
  • Frits Walraven
  • Tim Moores
Bartenders:
  • Mikalai Zaikin

Deploying war file with apache ssl certificate

 
Greenhorn
Posts: 15
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Hi, I recently created a keystore with the keytool and stored it in my <user>/ directory as default.

When it gets to the point to deplying the site using a WAR file, and transferring it onto another machine. Is it possible to include that keystore file? And if so, what is the process of getting it to work on another machine
 
Saloon Keeper
Posts: 27933
198
Android Eclipse IDE Tomcat Server Redhat Java Linux
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
You can't assign a certificate to a WAR. Certs are applied to the server as a whole, not an individual webapp or even virtual host (which can be a real pain).

Thus, you have to create a discrete certificate file for the server machine that it will be deployed on (since certs both aid in encryption and certify that you're really talking to the indicated host machine).

I'm afraid that SSL configuration is not considered as part of the J2EE spec, so there's no J2EE support for that. You have to do it manually. Or, failing that, do what I do and make an OS installer package for the cert and its containing keystore (MSI, RPM, deb, pkg or whatever, depending on the OS).
 
Greenhorn
Posts: 12
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Well before you config tomcat, you need to bundle the cert & key into the keystore:

of course tomcat password is changeit by default.

then in conf/server.xml

then you can force your app to run only in ssl by adding this to web.xml within your app:
 
All of the world's problems can be solved in a garden - Geoff Lawton. Tiny ad:
We need your help - Coderanch server fundraiser
https://coderanch.com/t/782867/Coderanch-server-fundraiser
reply
    Bookmark Topic Watch Topic
  • New Topic