2009/9/8 David Uctaa <duc...@gmail.com> > I have inherited a Tomcat 5.5 installation running on Windows XP. There > are > processes on this box which do server-to-server connections with a third > party via HTTPS over SSL. We have installed the third party's SSL > certificate on our server, and they have done likewise with ours. We use > their certificate for recognizing messages that they have signed and > encrypted, etc.
OK. So the first step is to work out what piece of code uses "their" certificate. It's unlikely to be Tomcat, which probably uses "your" certificate to identify itself to "them" - but it's possible. It's more likely to be one or more B2B web applications (webapps) running inside Tomcat, which probably check returns from "them" to make sure the correct cert has been seen from "their" server. They have now updated their certificate and sent it to us. > But I do not know how or where to update this on our system. Do I need to > do something with the keystore? Are there resources online which will give > me the how-tos on this? I've googled around and only managed to confuse > myself further. > I think it'll stay confusing until you answer the above question. You'll have to find / create / mind-read the documentation about which part of the system needs to know about which certificates. I suspect finding that out, or simply finding the architecture diagram that shows what apps are hosted in what containers and how they communicate, would be very useful to you! Once you've got more information, you can then ask far more targeted questions. They might be of the Tomcat users if that's relevant, or they might be of some other group that knows about the technology in your B2B webapps. Hope that helps. I'm not trying to fob you off; I just think we all need some more information about what's on the box! - Peter