"Steve Cohen" <[EMAIL PROTECTED]> wrote in message news:[EMAIL PROTECTED] >A simple question hopefully: > > An application running on Tomcat 6.0 on RHEL 5.0 needs is a client of > https: protected Web Service that requires a TLS certificate which the > Service Vendor will supply. > > Where and how should the TLS certificate be installed? Is this an OS > thing, a Tomcat thing, or what?
You need to install the root signing certificate (the top-level self-signed cert) into your TrustStore file if it isn't one of the common ones like Verisign or Thwate. The file format and configuration settings depend on which <Connector ... /> you are using. For the default-Java and NIO connectors it is documented at http://tomcat.apache.org/tomcat-6.0-doc/ssl-howto.html or http://tomcat.apache.org/tomcat-6.0-doc/config/http.html. For the APR connector, the documentation is at http://tomcat.apache.org/tomcat-6.0-doc/apr.html (it is useful to cross-reference with mod_ssl in httpd). Of course, if you are fronting with Apache-httpd using mod_jk or mod_proxy_ajp, then consult those docs. If you are using a Tomcat-supplied Realm for authentication, then the "user name" is the complete DN of the certificate (making certain to have the right number of spaces between fields, since it isn't parsed, only compared as a String). --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]