Christopher Schultz wrote:
That is always true. But you don't need a certificate to create a CSR.
<shrug>
If Keytool and the Java Keystore format even recognize any difference
between the concepts of "keypair" and "self-signed certificate," it
would be news to me.
<shrug>
Speaking of one who regularly installs (and secures) Tomcat on AS/400s
(in fact, that's the only platform I can recall EVER personally
installing it on, because I have colleagues who know how to do it on
other platforms): The messes people can make for themselves by
misunderstanding the subtleties of Keytool are nothing, compared to the
mess people can make for themselves trying to use IBM's Digital
Certificate Manager to secure Tomcat on their 400s (hint: DCM and Tomcat
are completely incompatible with each other).
--
JHHL
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org