Ulf Dittmer wrote:If this is an actual banking application, then security is of high importance. That means you need certificates signed by actual root authorities -like Verisign-, not something you cooked up on your own. That certificate should be used for signing everything.
Ulf Dittmer wrote:I'm not sure what the point of having separate root certificates would be; maybe you can tell us what prompted this approach. (Actually, I've never had the need to even create one root certificate, so maybe that's why I don't understand why one might want to use several of them.)
Ulf Dittmer wrote:The /opt/apache-tomcat-5.5.26/bin directory should have scripts you can use, particularly startup.sh and shutdown.sh. Be sure to read the comments inside of them to see if you need to change anything.