Melanie, i think keytool does not create any certificate. Its just a key/certificate management utility. http://java.sun.com/j2se/1.4.2/docs/tooldocs/solaris/keytool.html
What did you use to get server.crt? openssl ,selfssl or some free sites available?? Regards Prasanna Ram On Wed, May 6, 2009 at 12:22 PM, Melanie Pfefer <melanie_pfe...@yahoo.co.uk>wrote: > > Hi, > > I have tomcat server running as a backend server and apache running as > front-end, both on the same machine > > In httpd.conf, I have: > > SSLProxyEngine On > RewriteEngine On > SSLProxyCACertificatePath /usr/local/apache/conf/ssl > RewriteRule ^/(abc.*) https://host:port/$1 [P,L] > > > I am getting an error that the certificate is out of date. > > What I did before was: > > keytool -export -alias tomcat -rfc > tomcat.pem > c_rehash /usr/local/apache/conf/ssl > > now /usr/local/apache/conf/ssl has > > server.crt > server.key > tomcat.pem > cc5d41ae.0 -> tomcat.pem > > > I need to know how to renew the certificate. > > Is it sufficient to redo: > > keytool -export -alias tomcat -rfc > tomcat.pem > c_rehash /usr/local/apache/conf/ssl > > how to rollback in case of failures? > > Thank you > > > > > > --------------------------------------------------------------------- > The official User-To-User support forum of the Apache HTTP Server Project. > See <URL:http://httpd.apache.org/userslist.html> for more info. > To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org > " from the digest: users-digest-unsubscr...@httpd.apache.org > For additional commands, e-mail: users-h...@httpd.apache.org > > -- Prasanna Ram