Create a Tomcat self-signed certificate

From WickyWiki
Revision as of 18:53, 20 October 2011 by Wilbert (talk | contribs) (Created page with "201110, Ubuntu 11.04 http://tomcat.apache.org/tomcat-6.0-doc/ssl-howto.html Create a Tomcat self-signed certificate. The key should be stored in a location that is only accessi...")
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)

201110, Ubuntu 11.04

http://tomcat.apache.org/tomcat-6.0-doc/ssl-howto.html

Create a Tomcat self-signed certificate. The key should be stored in a location that is only accessible with root rights. In this case /etc/ssl/private/ is used. 

sudo keytool -genkey -alias tomcat -keyalg RSA -keystore /etc/ssl/private/myserver_org.keystore
  1. enter sudo pwd
  2. enter new keystore password (changeit)
  3. reenter
  4. first and last name (myserver.org)
  5. departement
  6. organisation
  7. city
  8. province
  9. countrycode
  10. key password for tomcat, use "changeit"


Configure Tomcat to use your certificate: 

sudo gedit .../tomcat/conf/server.xml
  ...
  <Connector 
    port="8443" maxThreads="200"
    scheme="https" secure="true" SSLEnabled="true"
    keystoreFile="/etc/ssl/private/myserver.org.keystore" keystorePass="changeit"
    clientAuth="false" sslProtocol="TLS" />
  ...
Retrieved from "https://wjv.duckdns.org/mediawiki/index.php?title=Create_a_Tomcat_self-signed_certificate&oldid=285"