Hi Klaus,
Hi Franck,
thank you for your hint. But I am not sure, which parameter is which
file.
To make things clear, here my procedure:
------------------------------------------------------------------------
> openssl req -x509 -newkey rsa:512 -keyout ./demoCA/private/cakey.pem
-out ./demoCA/cacert.pem -days 1095
> openssl genrsa -out ./key.pem 512 -days 1095
> openssl req -new -key ./key.pem -out ./req.pem -days 1095
> openssl ca -in ./req.pem -out ./cert.pem -days 1095
> chown -R root:root ./cert
> chmod -R 700 ./cert
then I cleaned cet.pem by hand (take out text before "-------BEGIN
CERTIFICATE-----------"
The final step:
../java/bin/keytool -import -keystore ../tomcat/conf/.keystore -file
./cert.pem -alias wt24ca
----------------------------------------------------------------------
Setting up SSL is described in diffent documents so differenly, that
it is hard to be sure of what to do. The above, I extraced from
several descriptions.
Could cou please tell me, which file from the above is used in
server.xml?
You made a mix with to different tools (openssl and Java Keytool). I
don't now if this is working. Anyway, here is an example of the element
Connector with your values:
<Connector port="443"
maxThreads="150"
minSpareThreads="25"
maxSpareThreads="75"
enableLookup="false"
acceptCount="100"
debug="0"
scheme="https"
secure="true"
clientAuth="false"
sslProtocol="TLS"/>
Don't forget to edit your /webapps/web.xml:
<security-constraint>
...
<user-data-constraint>
<transport-guarantee>CONFIDENTIAL</transport-guarantee>
</user-data-constraint>
</security-constraint>
-- Franck
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
