Here is the link to the source code files: http://stud4.tuwien.ac.at/~e9726342/
--- Raueber Hotzenplotz <[EMAIL PROTECTED]> wrote: > Hi all > > I still want to use Tomcat with SSL (still not working). I've got a servlet > that acts as a CA. > > 1. Question(s): > Should I have separate keystores (JKS) for the web application and the Tomcat > server? Where do you usually place the Tomcat keystore? At the moment I'm > including the web application keystore in the war file and have the Tomcat > keystore stored somewhere else. > > 2. Question(s): > If I want to use SSL I don't need to change an existing servlet - Tomcat > handles secure requests. Is that correct? My problem is, web browsers accept > my > selfsigned certificates (https://localhost:8443) (after I tell them to do > so), > but as soon as I make a secure xmlrpc call to my servlet, I get > SSLHandshakeExeptions. Secure xmlrpc calls between two clients > (SecureWebServer/SecureXmlRpcClient) work. I've got my own 'open' > trustmanager > and hostnameverifier (see attached code). The only thing I changed was the > server.xml file (now includes keystore/password for Tomcat server). Are there > any other things? I also tried to add my selfsigned certificate to > $JAVA_HOME/jre/lib/security/cacerts, but that didn't help either. > > 3. Question(s): > I've already asked in other places, but I still can't make it work. I would > be > a very happy person, if someone could post a complete client + server code > using SSL preferably xmlrpc using javax.net.ssl instead of com.net.ssl > (that's > a bit off topic). Do I need to implement my own trustmanager/hostnameverifier > on both sides client and server or just on the client side? > > Thanks!! > > Rudi > > > > > > > > > ___________________________________________________________ > Yahoo! Messenger - NEW crystal clear PC to PC calling worldwide with > voicemail http://uk.messenger.yahoo.com > > --------------------------------------------------------------------- > To unsubscribe, e-mail: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED] ___________________________________________________________ To help you stay safe and secure online, we've developed the all new Yahoo! Security Centre. http://uk.security.yahoo.com --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
