Hi, Keytool is part of the JDK, so RTFM at http://java.sun.com/j2se/1.4.2/docs/tooldocs/solaris/keytool.html. It's not part of IIS.
Yoav Shapira http://www.yoavshapira.com >-----Original Message----- >From: charles doweary [mailto:[EMAIL PROTECTED] >Sent: Friday, November 12, 2004 1:38 PM >To: [EMAIL PROTECTED] >Cc: [EMAIL PROTECTED] >Subject: FW: IIS 6.0, SSL and Tomcat 5.0.28 set up problems. > > > >>From: "charles doweary" <[EMAIL PROTECTED]> >>To: [EMAIL PROTECTED] >>CC: [EMAIL PROTECTED] >>Subject: IIS 6.0, SSL and Tomcat 5.0.28 set up problems. >>Date: Fri, 12 Nov 2004 13:29:52 -0500 >> >>Dear Sir, >> >>I am running IIS 6.0 with Tomcat 5.0.28 on Windows Server 2003, and I am >>having a problem getting SSL to work. The following instructions are a >>portion of the article titled "TOMCAT and SSL", and I have a questions >>about "Do: keytool -genkey -alias tomcat -keyalg RSA". >> >>Where is this command typed into the system? >>Where do I key this information into the system? >>Are the commands entered in DOS? >> >>I have JSSE installed and the 3 jar files are in place in my CLASSPATH and >>in JAVA_HOME. >> >>IIS has a wizard that I use to create certificates and it does not permit >>me to enter the keytool parameters. >> >>I guess my next questions are: >>How do I created a certificate in my environment without using the wizard? >>Have the steps changed to get SSL to work in version 6.0 of IIS and >version >>5.0.28 of Tomcat? >>And if so, what steps do I now need to take to set this up properly? >> >>Your help in my setup issue is greatly apprieciated. >> >> >>DIRECT SSL >> >>Generate a SSL certificate (RSA) for tomcat >> >>I succeed (at least) with my IBM JDK 1.3 after: >> >>jsse jars MUST BE IN BOTH CLASSPATH and $JAVA_HOME/jre/lib/ext (JAVA > >1.2) >>from server.xml doc.You _need_ to set up a server certificate if you want >>this to work, and you need JSSE. >>Add JSSE jars to CLASSPATH >>Edit $JAVA_HOME/jre/lib/security/java.security >>Add: security.provider.2=com.sun.net.ssl.internal.ssl.Provider >>Do: keytool -genkey -alias tomcat -keyalg RSA >>RSA is essential to work with Netscape and IIS. Use "changeit" as password >>(or add keypass attribute). You don't need to sign the certificate. You >can >>set parameter keystore and keypass if you want to change the default >>($HOME/.keystore with changeit) >>I suggest you install jcert.jar, jnet.jar and jsse.jar in >>$JAVA_HOME/jre/lib/ext and then add them to your CLASSPATH export >> >> >>CLASSPATH=$JAVA_HOME/jre/lib/ext/jcert.jar:$CLASSPATH >>export CLASSPATH=$JAVA_HOME/jre/lib/ext/jnet.jar:$CLASSPATH >>export CLASSPATH=$JAVA_HOME/jre/lib/ext/jsse.jar:$CLASSPATH >> >>You could also copy the 3 jars into $TOMCAT_HOME/lib/ so they are under >the >>existing CLASSPATH at tomcat startup (tomcat.sh). >> > > > >--------------------------------------------------------------------- >To unsubscribe, e-mail: [EMAIL PROTECTED] >For additional commands, e-mail: [EMAIL PROTECTED] This e-mail, including any attachments, is a confidential business communication, and may contain information that is confidential, proprietary and/or privileged. This e-mail is intended only for the individual(s) to whom it is addressed, and may not be saved, copied, printed, disclosed or used by anyone else. If you are not the(an) intended recipient, please immediately delete this e-mail from your computer system and notify the sender. Thank you. --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
