LinuxQuestions.org
View the Most Wanted LQ Wiki articles.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Newbie
User Name
Password
Linux - Newbie This Linux forum is for members that are new to Linux.
Just starting out and have a question? If it is not in the man pages or the how-to's this is the place!

Notices


Reply
  Search this Thread
Old 04-04-2013, 06:06 AM   #1
project.linux.proj
Member
 
Registered: Dec 2012
Posts: 75

Rep: Reputation: Disabled
SSL certificate.


How to setup SSL certificates for tomcat? I have cert files. How to check which site is running on the tomcat ?

Thanks,
 
Old 04-04-2013, 09:19 AM   #2
TB0ne
LQ Guru
 
Registered: Jul 2003
Location: Birmingham, Alabama
Distribution: SuSE, RedHat, Slack,CentOS
Posts: 16,004

Rep: Reputation: 2990Reputation: 2990Reputation: 2990Reputation: 2990Reputation: 2990Reputation: 2990Reputation: 2990Reputation: 2990Reputation: 2990Reputation: 2990Reputation: 2990
Quote:
Originally Posted by project.linux.proj View Post
How to setup SSL certificates for tomcat? I have cert files.
Amazingly, putting "how to setup ssl certificates for tomcat" into Google pulls up this, as the very first hit:
http://tomcat.apache.org/tomcat-6.0-doc/ssl-howto.html
Quote:
How to check which site is running on the tomcat?
If you're the server administrator, didn't you set up the sites??? You can either look at the entries in server.xml, or point your browser to http://localhost:8080/manager/html/list
 
1 members found this post helpful.
Old 04-19-2013, 01:55 PM   #3
project.linux.proj
Member
 
Registered: Dec 2012
Posts: 75

Original Poster
Rep: Reputation: Disabled
The scenario is that I got directory which have 3 cert files + 1 DS_Store file(don't know abt ) . Now i have to import these certs on the tomcat server. Can you please help me on this. Do i need to create the keystore and csr file. Please suggest me so i can import these certificates in my running tomcat server.

Thanks,
 
Old 04-19-2013, 07:58 PM   #4
TB0ne
LQ Guru
 
Registered: Jul 2003
Location: Birmingham, Alabama
Distribution: SuSE, RedHat, Slack,CentOS
Posts: 16,004

Rep: Reputation: 2990Reputation: 2990Reputation: 2990Reputation: 2990Reputation: 2990Reputation: 2990Reputation: 2990Reputation: 2990Reputation: 2990Reputation: 2990Reputation: 2990
Quote:
Originally Posted by project.linux.proj View Post
The scenario is that I got directory which have 3 cert files + 1 DS_Store file(don't know abt ) . Now i have to import these certs on the tomcat server. Can you please help me on this. Do i need to create the keystore and csr file. Please suggest me so i can import these certificates in my running tomcat server.

Thanks,
I gave you a link to instructions on how to do it. So, READ the instructions, then FOLLOW the instructions.
 
Old 04-20-2013, 11:38 AM   #5
project.linux.proj
Member
 
Registered: Dec 2012
Posts: 75

Original Poster
Rep: Reputation: Disabled
Thanks for replying. After reading the document. I have done the following.

----Created Keystore--------
[root@localhost apache-tomcat-6.0.36]# $JAVA_HOME/bin/keytool -genkey -alias TESTING_KEYSTORE -keyalg RSA -keystore /opt/apache-tomcat-6.0.36/keystore_testing
Enter keystore password:
Re-enter new password:
What is your first and last name?
[Unknown]: Mohit Vadhera
What is the name of your organizational unit?
[Unknown]: Test_company
What is the name of your organization?
[Unknown]: Test_company_unit
What is the name of your City or Locality?
[Unknown]: ^C[root@localhost apache-tomcat-6.0.36]# $JAVA_HOME/bin/keytool -genkey -alias TESTING_KEYSTORE -keyalg RSA -keystore /opt/apache-tomcat-6.0.36/keystore_testing
Enter keystore password:
Re-enter new password:
What is your first and last name?
[Unknown]: Mohit Vadhera
What is the name of your organizational unit?
[Unknown]: Test_company
What is the name of your organization?
[Unknown]: Test_company_unit
What is the name of your City or Locality?
[Unknown]: Delhi
What is the name of your State or Province?
[Unknown]: Delhi
What is the two-letter country code for this unit?
[Unknown]: in
Is CN=Mohit Vadhera, OU="Test_company ", O=Test_company_unit, L=Delhi, ST=Delhi, C=in correct?
[no]: yes

Enter key password for <TESTING_KEYSTORE>
(RETURN if same as keystore password):


[root@localhost tmp]# keytool -import -alias root -keystore /opt/apache-tomcat-6.0.36/keystore_testing -trustcacerts -file /path_to_cert_file
[root@localhost tmp]# keytool -import -alias opera -keystore /opt/apache-tomcat-6.0.36/keystore_testing -file /path_to_cert_file

ADded connector information in server.xml and restarted tomcat

<Connector port="8443" maxThreads="150" scheme="https" secure="true" SSLEnabled="true" keystoreFile="/opt/apache-tomcat-6.0.36/keystore_testing" keystorePass="TESTING_KEYSTORE" clientAuth="false" keyAlias="TESTING_KEYSTORE" sslProtocol="TLS"/>






But when I access the url:https://$ip:8443 . I get the certification information on browser that i used to create CSR not for the domain and the expiry date shows 3 months from today. but the actual expiry date of the certs are in 2016 after 3 yrs. Can you please help me now.


Thanks,

Last edited by project.linux.proj; 04-20-2013 at 11:39 AM.
 
Old 04-20-2013, 02:06 PM   #6
TB0ne
LQ Guru
 
Registered: Jul 2003
Location: Birmingham, Alabama
Distribution: SuSE, RedHat, Slack,CentOS
Posts: 16,004

Rep: Reputation: 2990Reputation: 2990Reputation: 2990Reputation: 2990Reputation: 2990Reputation: 2990Reputation: 2990Reputation: 2990Reputation: 2990Reputation: 2990Reputation: 2990
Quote:
Originally Posted by project.linux.proj View Post
Thanks for replying. After reading the document. I have done the following.

But when I access the url:https://$ip:8443 . I get the certification information on browser that i used to create CSR not for the domain and the expiry date shows 3 months from today. but the actual expiry date of the certs are in 2016 after 3 yrs. Can you please help me now.
If you read the link provided, did you understand it???

You created brand new certificates, rather than just importing the ones you had. Unless you pay attention to the steps of the instructions and what they do, things won't work right. Go back, re-read (and pay attention to), the instructions. All you have to do is import your certificates.
 
Old 04-22-2013, 12:45 AM   #7
project.linux.proj
Member
 
Registered: Dec 2012
Posts: 75

Original Poster
Rep: Reputation: Disabled
As per my understanding Keystore is a file that keeps your certificate encrypted so keystore is mandatory. I created keystore then imported certificates. Please correct me if i am wrong.
 
Old 04-23-2013, 04:20 AM   #8
project.linux.proj
Member
 
Registered: Dec 2012
Posts: 75

Original Poster
Rep: Reputation: Disabled
Can anybody help on this plz ?
 
Old 04-23-2013, 08:59 AM   #9
TB0ne
LQ Guru
 
Registered: Jul 2003
Location: Birmingham, Alabama
Distribution: SuSE, RedHat, Slack,CentOS
Posts: 16,004

Rep: Reputation: 2990Reputation: 2990Reputation: 2990Reputation: 2990Reputation: 2990Reputation: 2990Reputation: 2990Reputation: 2990Reputation: 2990Reputation: 2990Reputation: 2990
Quote:
Originally Posted by project.linux.proj View Post
Can anybody help on this plz ?
Stop bumping your own threads, and spell out your words. You've done this is SEVERAL of your other threads....we volunteer our time here, so bumping your own thread trying to get more attention is fairly rude.

Since you're in such a hurry, I will AGAIN suggest you read/understand the instructions you have been given. You're not following them. Also, you still haven't said which version/distro of Linux you're using. And where did you get the certificates/csr's to start with? Are they self-generated or purchased? There are different instructions for installing a purchased one versus a self-generated.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
How to import/use CAcert SSL root certificate to use SSL with Xchat IRC client? GrapefruiTgirl Linux - Software 9 04-05-2011 09:54 AM
Apache with SSL does not load the 2nd SSL certificate janstapel Linux - Newbie 1 06-17-2010 09:32 PM
ssl certificate nagavinodh Linux - Newbie 1 11-05-2009 07:43 AM
SSL Certificate The_JinJ Linux - General 1 03-21-2005 11:46 PM
SSL certificate without..... Drogo Linux - Software 1 06-13-2003 02:13 AM


All times are GMT -5. The time now is 05:36 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration