Bookmark Topic Watch Topic
programming forums Java Mobile Certification Databases Caching Books Engineering Micro Controllers OS Languages Paradigms IDEs Build Tools Frameworks Application Servers Open Source This Site Careers Other all forums
this forum made possible by our volunteer staff, including ...
  • Campbell Ritchie
  • Bear Bibeault
  • Paul Clapham
  • Jeanne Boyarsky
  • Knute Snortum
  • Liutauras Vilda
  • Tim Cooke
  • Junilu Lacar
Saloon Keepers:
  • Ron McLeod
  • Stephan van Hulst
  • Tim Moores
  • Tim Holloway
  • Carey Brown
  • Joe Ess
  • salvin francis
  • fred rosenberger
  • Mark post as helpful
  • send pies
  • Report post to moderator
Cheat Sheet for creating a self signed certificate.

1. create a directory to store your certificate.
IE: "C:\ssl"

2. Open a command window (dos prompt) and CD to that directory.
cd \ssl

3. type:
keytool -genkey -alias tomcat -keyalg RSA -keystore ./keystore

NOTE: The keytool will then ask you a series of questions.
Use something you will remember.

First & Last Name:
Use the domain or IP that you will be using to
access the site with.
If you're only hitting tomcat from the local machine
use "localhost".
If you don't, the user will be warned that the certificate
is for a different domain.

Organizational Unit:
Any String (just remember it).

Name of your organization:
Your company name.

Name of your city:
The name of your city.

Name of your state or province.
Use the full spelling of your state with the first
letter captialized ("Massachusetts").

The two letter contry code for this unit.
Make sure it's upper case ("US")

You will be shown all of your entries and asked to confirm.
Hit enter.

You will be asked for your password again with the option to
just hit enter.
Hit enter

The keystore will be generated in the current working directory.

4. Open server.xml, located in TOMCAT\conf.
Find and uncomment the SSL <Connector port entry.

NOTE: XML uses the "<!--" start and "-->" end symbols
to begin and end comments.

NOTE: There is a comment just above it that looks like this:
<!-- Define a SSL HTTP/1.1 Connector on port 8443 -->

5. Add two more attributes to this tag:
keystorePass="YOUR PASSWORD"

6. If you have disabled the SSL Filter in HRPWE, re-enable it.
This is done in TOMCAT\webapps\hrp\WEB-INF\web.xml.
Find the SSL filter entry and change the "active" attribute
from false to true.

7. Restart Tomcat.

Screenshot of a keytool session:

Example of a configured server.xml file:

Uh oh, we're definitely being carded. Here, show him this tiny ad:
Sauce Labs - World's Largest Continuous Testing Cloud for Websites and Mobile Apps
    Bookmark Topic Watch Topic
  • New Topic
Boost this thread!