Bookmark Topic Watch Topic
programming forums Java Mobile Certification Databases Caching Books Engineering Micro Controllers OS Languages Paradigms IDEs Build Tools Frameworks Application Servers Open Source This Site Careers Other Pie Elite all forums
this forum made possible by our volunteer staff, including ...
Marshals:
  • Campbell Ritchie
  • Ron McLeod
  • Paul Clapham
  • Tim Cooke
  • Devaka Cooray
Sheriffs:
  • Liutauras Vilda
  • paul wheaton
  • Rob Spoor
Saloon Keepers:
  • Tim Moores
  • Stephan van Hulst
  • Tim Holloway
  • Piet Souris
  • Mikalai Zaikin
Bartenders:
  • Carey Brown
  • Roland Mueller
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Report post to moderator
Cheat Sheet for creating a self signed certificate.

1. create a directory to store your certificate.
IE: "C:\ssl"

2. Open a command window (dos prompt) and CD to that directory.
c:
cd \ssl

3. type:
keytool -genkey -alias tomcat -keyalg RSA -keystore ./keystore

NOTE: The keytool will then ask you a series of questions.
For.
Password:
Use something you will remember.

First & Last Name:
Use the domain or IP that you will be using to
access the site with.
If you're only hitting tomcat from the local machine
use "localhost".
If you don't, the user will be warned that the certificate
is for a different domain.

Organizational Unit:
Any String (just remember it).

Name of your organization:
Your company name.

Name of your city:
The name of your city.

Name of your state or province.
Use the full spelling of your state with the first
letter captialized ("Massachusetts").

The two letter contry code for this unit.
Make sure it's upper case ("US")

You will be shown all of your entries and asked to confirm.
Hit enter.

You will be asked for your password again with the option to
just hit enter.
Hit enter

The keystore will be generated in the current working directory.

4. Open server.xml, located in TOMCAT\conf.
Find and uncomment the SSL <Connector port entry.

NOTE: XML uses the "<!--" start and "-->" end symbols
to begin and end comments.

NOTE: There is a comment just above it that looks like this:
<!-- Define a SSL HTTP/1.1 Connector on port 8443 -->

5. Add two more attributes to this tag:
keystoreFile="PATH TO YOUR KEY STORE"
and:
keystorePass="YOUR PASSWORD"

6. If you have disabled the SSL Filter in HRPWE, re-enable it.
This is done in TOMCAT\webapps\hrp\WEB-INF\web.xml.
Find the SSL filter entry and change the "active" attribute
from false to true.

7. Restart Tomcat.

Screenshot of a keytool session:
==========================================================================



Example of a configured server.xml file:

 
Always look on the bright side of life. At least this ad is really tiny:
We need your help - Coderanch server fundraiser
https://coderanch.com/wiki/782867/Coderanch-server-fundraiser
    Bookmark Topic Watch Topic
  • New Topic