...
| No Format |
|---|
[root@stubing bin]# keytool -genkey -alias tomcat -keyalg RSA -keystore /etc/.keystore -storepass "my password"
Note: if desired, add option "-validity valDays" to specify the number of days the certificate will be valid. The default is 3 months.
What is your first and last name?
[Unknown]: sakai2.ucdavis.edu
What is the name of your organizational unit?
[IET]: IET
What is the name of your organization?
[University of California Davis]:
What is the name of your City or Locality?
[Davis]:
What is the name of your State or Province?
[California]:
What is the two-letter country code for this unit?
[US]:
Is CN=sakai2.ucdavis.edu, OU=IET, O=University of California Davis, L=Davis, ST=California, C=US correct?
[no]: yes
Enter key password for <tomcat>
(RETURN if same as keystore password):
[root@stubing bin]# chmod 640 /etc/.keystore
[root@stubing bin]# chgrp sakai /etc/.keystore
[root@stubing bin]# ls -l /etc/.keystore
-rw-r----- 1 root sakai 1414 Jan 19 11:41 /etc/.keystore
[root@stubing bin]# keytool -list -keystore /etc/.keystore
Enter keystore password: my password
Keystore type: jks
Keystore provider: SUN
Your keystore contains 4 entries
...
sakai-dev, Mar 7, 2006, keyEntry,
Certificate fingerprint (MD5): F0:7E:4F:D4:82:FD:E4:4A:64:2A:84:7C:31:61:A9:EC
...
[root@stubing bin]#
|
...
| No Format |
|---|
<Connector port="8543" maxHttpHeaderSize="8192"
maxThreads="150" minSpareThreads="25" maxSpareThreads="75"
enableLookups="false" disableUploadTimeout="true"
acceptCount="100" scheme="https" secure="true"
clientAuth="false" sslProtocol="TLS" keystoreType="JKS"
keystoreFile="/etc/.keystore" keyAlias="sakai-dev" keystorePass="my password" />
|
then restart Tomcat.
Note: If following the example above for generating a Self-signed Cert., the "keyAlias" here would be "tomcat".