>>Chris, On 26.10.2013 23:39, Chris Arnold wrote: > Tomcat 7.0.42 on SLES11. I am following > http://tomcat.apache.org/tomcat-7.0-doc/ssl-howto.html#Configuration to > secure tomcat. I have uncommented the SSL HTTP section. The configuration > section of that doc, importing the certificate: i have a go daddy bundle in > crt format. I can download the cert bundle from go daddy for tomcat but it > also is a crt file. Do i have to run this exact command: > > openssl pkcs12 -export -in mycert.crt -inkey mykey.key \ > -out mycert.p12 -name tomcat -CAfile myCA.crt \ > -caname root -chain
>>It looks ok to me. Does it work for you? It doesn't look like it will work as i do not have a ca file. >>It will create PKCS#12 keystore file (mycert.p12), so you may: >>1. add parameter keystoreType="pkcs12" to your HTTPS connector, and use >>that file, or >>2. convert PKCS#12 keystore to Java Keystore format, and use default >>keystore type (JKS). >>This is both possible, only if you plan to use either BIO or NIO HTTP >>connector. If you plan to use APR, connector configuration is completely >>different. Not sure what either of these are. I just need secure tomcat --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
