Hi Bill:
Indeed. Mark's comments put me on the track again, searching for
something simpler and more direct than calling openssl or subclassing
a provider, and I found this article, which demonstrates how to create
a client certificate and sign it using a self-signed root certificate,
like the on
"Ronald Spiers" <[EMAIL PROTECTED]> wrote in message
news:[EMAIL PROTECTED]
> Hi Pulkit, assuming that I can create the trustManager, I am not sure
> about how to register it with Tomcat, and if I need to implement more
> interfaces, etc.
>
> In short, I suspect other people already solved this p
Hi Pulkit, assuming that I can create the trustManager, I am not sure
about how to register it with Tomcat, and if I need to implement more
interfaces, etc.
In short, I suspect other people already solved this problem, and
since it will be my first time, I am trying to obtain their feedback
and s
nghal" <[EMAIL PROTECTED]>
To: "Tomcat Users List"
Sent: Monday, June 11, 2007 12:45 PM
Subject: Re: Reloading keystore - how to register a new TrusStore Manager
for Tomcat?
Hello,
I am not sure what you are asking for here. You say that you fond some
instruct
Hello,
I am not sure what you are asking for here. You say that you fond some
instructions on "Creating Your Own X509TrustManager" ... thats good.
1) Given that you have these instructions, whats the issue at hand?
Conceptually (and without even looking at any content other than the title)
I woul
command-line as well, and not have to answer these through
standardin/standardout.
Good luck.
-Original Message-
From: Ronald Spiers [mailto:[EMAIL PROTECTED]
Sent: Monday, June 11, 2007 11:15 AM
To: Tomcat Users List
Subject: Re: Reloading keystore - how to register a new TrusStore Manager
Hi Mark, thans a lot for your comments.
The problem is that I found a way to generate via API a PKCS12
keystore for my client, but it won't be based on my server's
certificate.
I could not find a way to auto-enroll users using openssl and Java, I
mean control openssl commands from Java to create
Humm. I don't think this is how the certificate system is supposed to be
used. The intention is that the truststore handles certificates authorities
you trust.
For an example, let's switch to the browser.
Browsers generally trust Verisgn and Thwart out of the box. You can see
these certifica
