 | Mailing List | | Home | | Forum Home | | JBoss - Java Application Server | | Struts - A MVC web framework | | Tomcat - JSP/Servlet container | | iText - An open source PDF Java Library | | JDOM - JDOM XML Parser | | J2EE - A mailing list for Java(tm) 2 Platform, Enterprise Edition | | J2EE Pattern - An interest list for Sun Java Center J2EE Pattern Catalog | | Servlet - A mailing list for discussion about Sun Microsystem's Java Servlet API Technology | | JSP - A mailing list about Java Server Pages specification and reference | |
Struts & Hibernate
|
|
|
| | | Antwort: Re: Antwort: RE: SSL, keystore with ca hierarchy | Antwort: Re: Antwort: RE: SSL, keystore with ca hierarchy 2004-01-29 - By Oliver Wulff
Back
I've done this and it does work. Now I wanted to turn client authentication
on: clientAuth="true"
But it doesn't work. I've registred the ca certificates after I've imported
the openssl certificate:
keytool -import -keystore %KEYSTORE_FILE% -storepass 123456 -alias root
-trustcacerts -file CA_Root_APU.pem
keytool -import -keystore %KEYSTORE_FILE% -storepass 123456 -alias
server_ca -trustcacerts -file CA_Server_APU.pem
BTW, I'm running Tomcat 4.1.29 and JDK 1.4.1_02.
Oliver
"Bill Barker"
<wbarker@(protected) An: tomcat-user@(protected)
.apache.org
.com> Kopie:
Gesendet von: Thema: Re: Antwort: RE: SSL,
keystore with ca hierarchy
news
<news@(protected)
rg>
26.01.2004 00:53
Bitte antworten
an "Tomcat Users
List"
<broken-record>
There is a utility at http://www.comu.de/docs/tomcat_ssl.htm to import your
OpenSSL certs into a JKS keystore. Alternatively, the ssl_howto for TC 5.x
contains an example of how to configure a PKCS12 keystore from an OpenSSL
keystore.
</broken-record>
"Mark Thomas" <markt@(protected)> wrote in message
news:E1Akp5n-0003VQ-00@(protected)
> > I can't do step 1 and 2 because the certificate and private
> > key has been
> > created already with openssl.
> > The file TestServer_APU.pem contains the private key and
> > certificate in the
> > PEM format.
> > Should that work either?
>
> Sorry, no idea. You may need to convert formats. A quick Google found
> https://lists.freeswan.org/archives/users/2003-August/msg00040.html that
may
> help if a format conversion is required.
>
> > Does the cacerts has to be located in
> > %JAVA_HOME%\jre\lib\security\cacerts
> > or can I place it anywhere else?
>
> See http://java.sun.com/products/jsse/install.html for how to configure
trust
> store locations.
>
> Mark
-- ---- ---- ---- ---- ---- ---- ---- ---- ---- ---- ---- ---- ------
To unsubscribe, e-mail: tomcat-user-unsubscribe@(protected)
For additional commands, e-mail: tomcat-user-help@(protected)
******************* BITTE BEACHTEN *******************
Diese Nachricht (wie auch allf�llige Anh�nge dazu) beinhaltet
m�glicherweise vertrauliche oder gesetzlich gesch�tzte Daten oder
Informationen. Zum Empfang derselben ist (sind) ausschliesslich die
genannte(n) Person(en) bestimmt. Falls Sie diese Nachricht
irrt�mlicherweise erreicht hat, sind Sie h�flich gebeten, diese unter
Ausschluss jeder Reproduktion zu zerst�ren und die absendende Person
umgehend zu benachrichtigen. Vielen Dank f�r Ihre Hilfe.
-- ---- ---- ---- ---- ---- ---- ---- ---- ---- ---- ---- ---- ------
To unsubscribe, e-mail: tomcat-user-unsubscribe@(protected)
For additional commands, e-mail: tomcat-user-help@(protected)
|
|
|
