gt;
>> I have the files crt (primary certificate?), p7b (intermediate?), pfx
>> (private key?), and a .key file. I did not generate a certificate request
>> prior to this.
>>
>> Google is telling me that either I need to generate a certificate request
>> first, or it
Exactly .. this is part of the solution. I am having tomcat behave
smartly in response to the certificate validation, and I have a nice
path to develop some cool tools, similar to HTTPD, around certbot (I
love that this is a free service, but I do have some concerns over
centralized CSA, so I do o
On 4/17/19, Christopher Schultz wrote:
> -BEGIN PGP SIGNED MESSAGE-
> Hash: SHA256
>
> John,
>
> On 4/17/19 10:42, John Dale wrote:
>> My understanding is that the folks at SUN really put their backs
>> into it from the beginning:
>> https://stackoverflow.com/questions/479701/does-java-hav
I manage dozens of contexts/domains using loosely coupled code.
Chris - of course it's amazing. I would also call it super and profound. :)
I am in the middle of some TI at our office today .. can't really stop
to do this.
I have the code used to identify and validate the certbot requests and
a
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
John,
On 4/17/19 10:42, John Dale wrote:
> My understanding is that the folks at SUN really put their backs
> into it from the beginning:
> https://stackoverflow.com/questions/479701/does-java-have-buffer-overf
lows
>
> Since hot spot compilers ha
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
To whom it may concern,
On 4/17/19 10:22, TurboChargedDad . wrote:
> I would have the opposite feeling. I would not want a java process
> parked out in the internet. Not saying you're wrong just my
> personal feeling.
It would be interesting to
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
To whom it may concern,
On 4/17/19 09:44, TurboChargedDad . wrote:
> We terminated SSL above the tomcat layer using NGINX or Apache to
> avoid the complexities that come with managing a JKS. I want to
> hear all I can on this subject.
It's not nec
ertificate request
> prior to this.
>
> Google is telling me that either I need to generate a certificate request
> first, or it's telling everything I need to know about wildcard
> certificates except how to use the above files.
>
> This is for Tomcat 8.5 with Java 8 on Cent
My understanding is that the folks at SUN really put their backs into
it from the beginning:
https://stackoverflow.com/questions/479701/does-java-have-buffer-overflows
Since hot spot compilers have matured, Java is virtually as fast as
C/++ (the Java is slow argument falls in my deaf ears, even if
I would have the opposite feeling. I would not want a java process
parked out in the internet. Not saying you're wrong just my personal
feeling. Maybe things have shifted in a different direction over the
year. I do agree that something like that would be helpful to other tomcat
admins. Woul
I have a really nice process that works great with certbot. Single
command to renew all of my certs and I'm finished.
I get some piece of mind having a Java process guarding the front
door. Seems to be more impervious to overflows. What am I missing?
I think what I have might be easily develop
Multi-tenant or single tenant system?
On Wed, Apr 17, 2019 at 8:54 AM Sean Dawson
wrote:
> Thanks for the replies - I'm willing to use NGINX to handle this for us -
> can you point me to a good page on that?
>
>
> On Wed, Apr 17, 2019 at 9:46 AM John Larsen
> wrote:
>
> > We do the same - via m
Thanks for the replies - I'm willing to use NGINX to handle this for us -
can you point me to a good page on that?
On Wed, Apr 17, 2019 at 9:46 AM John Larsen
wrote:
> We do the same - via mod_jk we utilize apache httpd to handle the SSL.
> Keeps things simple and works well.
> John Larsen
>
>
We do the same - via mod_jk we utilize apache httpd to handle the SSL.
Keeps things simple and works well.
John Larsen
On Wed, Apr 17, 2019 at 7:44 AM TurboChargedDad .
wrote:
> We terminated SSL above the tomcat layer using NGINX or Apache to avoid
> the complexities that come with managing a
We terminated SSL above the tomcat layer using NGINX or Apache to avoid
the complexities that come with managing a JKS. I want to hear all I can
on this subject.
a certificate request
first, or it's telling everything I need to know about wildcard
certificates except how to use the above files.
This is for Tomcat 8.5 with Java 8 on CentOS 7, and Windows Server 2016.
Thank you.
16 matches
Mail list logo