Simple Steps to make your TOMCAT Run on HTTPS using KEYTOOL utility
1). keytool -genkey -alias www.mytest.com -keyalg RSA -keysize 2048 -keystore www_mytest_com.jks
2). keytool -certreq -alias www.mytest.com -file www_mytest_com.csr -keystore www_mytest_com.jks
3). keytool -import -trustcacerts -alias www.mytest.com -file D:\www_mytest_com.p7b -keystore www_mytest_com.jks
This will install Certificate and the Root Certificate associated with the same., sometimes this will not work and in that case try the below steps.
3.1). keytool -import -alias www.mytest.com -file D:\www_mytest_com.cer -keystore www_mytest_com.jks
3.2). keytool -import -trustcacerts -file D:\www_mytest_com_root.cer -keystore www_mytest_com.jks
4). Modify server.xml and Restart TOMCAT SERVER
<Connector port="443" maxHttpHeaderSize="8192"
maxThreads="150" minSpareThreads="25" maxSpareThreads="75"
enableLookups="false" disableUploadTimeout="true"
acceptCount="100" scheme="https" secure="true"
clientAuth="false" keyAlias="www.mytest.com"
keystoreFile="C:\Program Files\Java\jre6\bin\www_mytest_com.jks"
keypass="changeit"/>
**Note: By default Tomcat will look for your Keystore with the file name .keystore in the home directory with the default password changeit. The home directory is generally /home/user_name/ on Unix and Linux systems, and C:\Documents and Settings\user_name\ on Microsoft Windows systems
**TIBCO Admin Console needs certificate in PEM format and here is the method to export your CERT into PEM
exportcert - This option is available with JRE-1.6 if u r using JRE-1.5 then simply try export option and it will export the cert into the PEM format.
keytool -exportcert -alias www.mytest.com -keypass changeit -keystore www_mytest_com.jks -rfc -file keytool_www_mytest_com.pem -storepass changeit
Useful links @ Tibco SSL Certificates
http://www.tibcommunity.com/docs/DOC-2178
http://www.tibcommunity.com/docs/DOC-2195
1). keytool -genkey -alias www.mytest.com -keyalg RSA -keysize 2048 -keystore www_mytest_com.jks
2). keytool -certreq -alias www.mytest.com -file www_mytest_com.csr -keystore www_mytest_com.jks
3). keytool -import -trustcacerts -alias www.mytest.com -file D:\www_mytest_com.p7b -keystore www_mytest_com.jks
This will install Certificate and the Root Certificate associated with the same., sometimes this will not work and in that case try the below steps.
3.1). keytool -import -alias www.mytest.com -file D:\www_mytest_com.cer -keystore www_mytest_com.jks
3.2). keytool -import -trustcacerts -file D:\www_mytest_com_root.cer -keystore www_mytest_com.jks
4). Modify server.xml and Restart TOMCAT SERVER
<Connector port="443" maxHttpHeaderSize="8192"
maxThreads="150" minSpareThreads="25" maxSpareThreads="75"
enableLookups="false" disableUploadTimeout="true"
acceptCount="100" scheme="https" secure="true"
clientAuth="false" keyAlias="www.mytest.com"
keystoreFile="C:\Program Files\Java\jre6\bin\www_mytest_com.jks"
keypass="changeit"/>
**Note: By default Tomcat will look for your Keystore with the file name .keystore in the home directory with the default password changeit. The home directory is generally /home/user_name/ on Unix and Linux systems, and C:\Documents and Settings\user_name\ on Microsoft Windows systems
**TIBCO Admin Console needs certificate in PEM format and here is the method to export your CERT into PEM
exportcert - This option is available with JRE-1.6 if u r using JRE-1.5 then simply try export option and it will export the cert into the PEM format.
keytool -exportcert -alias www.mytest.com -keypass changeit -keystore www_mytest_com.jks -rfc -file keytool_www_mytest_com.pem -storepass changeit
Useful links @ Tibco SSL Certificates
http://www.tibcommunity.com/docs/DOC-2178
http://www.tibcommunity.com/docs/DOC-2195
No comments:
Post a Comment