On 1/22/21 3:06 PM, Christopher Schultz wrote:
You are telling keytool to read-in localhost-rsa-key.pem as a PKCS12
file, which is most likely wrong. You don't want to import a keystore,
you want to import a key. Unfortunately, keytool doesn't allow that.
But openssl does:
$ openssl pkcs1
Rob,
On 1/22/21 15:21, Rob Sargent wrote:
For completeness, I must admit that I was unable to use PKCS12 files. I
had to use JKS format.
I copied and transformed my cacerts files as per keytool recommendation:
keytool -importkeystore -srckeystore
/usr/lib/jvm/java-15-oracle/lib/sec
For completeness, I must admit that I was unable to use PKCS12 files. I
had to use JKS format.
I copied and transformed my cacerts files as per keytool recommendation:
keytool -importkeystore -srckeystore
/usr/lib/jvm/java-15-oracle/lib/security/cacerts -destkeystore
/tmp/key/cacert
On 1/20/21 8:15 AM, Rémy Maucherat wrote:
On Tue, Jan 19, 2021 at 5:02 AM Rob Sargent wrote:
Dealing with a complex configuration using the embedded API can be a bit
problematic. If you're using a recent Tomcat 9 (9.0.38+), you could use the
code generator that was designed for ahead of time c
On Tue, Jan 19, 2021 at 5:02 AM Rob Sargent wrote:
>
> Stuck in my basement with no real domain I'm having trouble setting up
> SSL/TLS on an embedded tomcat instance. And I'm very lost, having tried
> more dead ends than I can remember.
>
> I used this to generate cert and key
> openssl req -out
My recommendation would be:
- start with the test certs from the Tomcat unit tests as they are known
to work
- get your code working so you know the code is good
- they try with your own keys certificates
Mark
That's exactly what I'll do next. Thank you very much.
rjs
On 19/01/2021 04:02, Rob Sargent wrote:
>
> Stuck in my basement with no real domain I'm having trouble setting up
> SSL/TLS on an embedded tomcat instance. And I'm very lost, having tried
> more dead ends than I can remember.
>
> I used this to generate cert and key
> openssl req -out localhost.
Stuck in my basement with no real domain I'm having trouble setting up
SSL/TLS on an embedded tomcat instance. And I'm very lost, having tried
more dead ends than I can remember.
I used this to generate cert and key
openssl req -out localhost.crt -key localhost.key \
-newkey rsa:2048 -nodes -sha
