On 9/8/09, Peter Crowther <peter.crowt...@melandra.com> wrote: > 2009/9/8 David Uctaa <duc...@gmail.com> > >> I have inherited a Tomcat 5.5 installation running on Windows XP. There >> are >> processes on this box which do server-to-server connections with a third >> party via HTTPS over SSL. We have installed the third party's SSL >> certificate on our server, and they have done likewise with ours. We use >> their certificate for recognizing messages that they have signed and >> encrypted, etc. > > > OK. So the first step is to work out what piece of code uses "their" > certificate. > > It's unlikely to be Tomcat, which probably uses "your" certificate to > identify itself to "them" - but it's possible. > > It's more likely to be one or more B2B web applications (webapps) running > inside Tomcat, which probably check returns from "them" to make sure the > correct cert has been seen from "their" server. > > They have now updated their certificate and sent it to us. >> But I do not know how or where to update this on our system. Do I need to >> do something with the keystore? Are there resources online which will >> give >> me the how-tos on this? I've googled around and only managed to confuse >> myself further. >> > > I think it'll stay confusing until you answer the above question. You'll > have to find / create / mind-read the documentation about which part of the > system needs to know about which certificates. I suspect finding that out, > or simply finding the architecture diagram that shows what apps are hosted > in what containers and how they communicate, would be very useful to you! > > Once you've got more information, you can then ask far more targeted > questions. They might be of the Tomcat users if that's relevant, or they > might be of some other group that knows about the technology in your B2B > webapps. > > Hope that helps. I'm not trying to fob you off; I just think we all need > some more information about what's on the box! > > - Peter >
-- Sent from my mobile device --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
