[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: [ajug-members]: Tomcat and SSL

To: <ajug-members@ajug.org>
Subject: RE: [ajug-members]: Tomcat and SSL
From: "Tom Boyce" <tom.boyce@wellfound.com>
Date: Wed, 7 Apr 2004 13:17:45 -0400
Importance: Normal
In-Reply-To: <20040407050543.4555.qmail@web60606.mail.yahoo.com>

partial success!!

I have Tomcat now running ssl - thanks for the help!  I created a .keystore
file with a self-signed certificate and then uncommented the xml HTTP1
connection code.

  Now I need to figure out how to set up client-cert!  Any guidance?  My
main concern is in each client being able to download and install a
certificate.  

Additionally, I've created two new directories as follows:
C:\etc\ssl\private
C:\etc\ssl\private\client

These are to store the client and server certificate.  My question is how
does this relate (or not) to the .keystore already created and is my path
correct?  When I get to the testing point, I can download a free certificate
from either Thwart or Verisign for testing, but I think I'm a long way from
that.  My understanding is that the certificate authentication, once
installed, will be transparent to the client.  If so, can I still use a
login form to access and filter combobox population based on the username?

Thanks again for any and all guidance!

Tom Boyce

-----Original Message-----
From: Monosij Dutta-Roy [mailto:mdr_j2ee@yahoo.com] 
Sent: Wednesday, April 07, 2004 1:06 AM
To: ajug-members@ajug.org
Subject: Re: [ajug-members]: Tomcat and SSL

you will need to set up a certificate. i will send an
example of that later. look up cacerts on google on
how to create a dummy certificate using the java
certificate tool that comes with j2sdk.

monosij
--- Tom Boyce <tom.boyce@wellfound.com> wrote:
> I am attempting to set up my standalone Tomcat to
> test SSL connection in
> anticipation of setting up client X509 certificate authentication.  I 
> am using Tomcat version 4.1 and JDK 1.4  I am using the
> following code in the
> server.xml file (which is already there, just
> uncomment it).  When I attempt
> to run Tomcat after doing this, the console window
> starts then just shuts
> down.  
> 
> <!-- Define a SSL Coyote HTTP/1.1 Connector on port
> 8443 -->
>    
>           <Connector
>
className="org.apache.coyote.tomcat4.CoyoteConnector"
>                port="8443" minProcessors="5" maxProcessors="75"
>                enableLookups="true"
> 	       acceptCount="100" debug="0" scheme="https"
> secure="true"
>                useURIValidationHack="false"
> disableUploadTimeout="true" >
>       <Factory
>
className="org.apache.coyote.tomcat4.CoyoteServerSocketFactory"
>                clientAuth="false" protocol="TLS" />
>     </Connector>
> 
> I checked the jsse.jar file.  According to O'Reilly "Tomcat.." this 
> jar file should be in the java_home/jre/lib/ext directory,
> but I found it one level
> up .../jre/lib  I actually copied this file into
> both directories with no
> obvious result - good or bad!
> 
> Does anyone have any experience in setting this up?
> Is it possible to do
> running Tomcat as Standalone?  Please advise!
> 
> Tom Boyce
> 

__________________________________
Do you Yahoo!?
Yahoo! Small Business $15K Web Design Giveaway 
http://promotions.yahoo.com/design_giveaway/

References:
- Re: [ajug-members]: Tomcat and SSL
  - From: Monosij Dutta-Roy <mdr_j2ee@yahoo.com>

Prev by Date: Tomcat: isWorkDirPersistent
Next by Date: Re: [ajug-members]: inner/outer join question
Prev by thread: Re: [ajug-members]: Tomcat and SSL
Next by thread: solved the SSL problem
Index(es):
- Date
- Thread