In a totally related story, I had to create my own self-signed certificate for development purposes. This I found off the apache website for tomcat. There I found out the hard way all about the keypass=
option (if you screwed up with the password you have to specify your password using keypass="yourpassword" in the connector under server.xml).
$JAVA_HOME/bin/keytool -genkey -alias tomcat -keyalg RSA
That was the easy part. Realizing that my .keystore file was located under My Documents (in Windows) was another.
It was here that I soon faced a problem. That is, how to do a form post. The browsers I was using could interface with localhost:8443 sure enough, however when I tried to access it with a Java program to do a form post, I ran into a SSLSecurityException. It seems there is no pop up windows in the world of stand alone Java as opposed to the option the browsers give you.
To properly deal with this problem, I was pleased to find out that I simply had to export my self-signed keystore:
keytool -export -alias tomcat -file tomcat.cer
Then I imported it into my JVM (first I had to check to make sure I was using the correct one as I have four different installations of Java on my machine):
keytool -keystore \java\jdk1.5.0_14\jre\lib\security\cacerts -import -alias tomcat -file tomcat.cer -trustcacerts
When prompted, use the password "changeit".
I honestly didn't think that I would have found a solution today, but I did. Just had to come here and post it.
Have you had your Java Today?