(1)The first step is using "keytool" program in C:\Java\jdk1.6.0_03\bin to create a new KeyStore for tomcat server,
C:\Java\jdk1.6.0_03\bin >keytool -genkey -alias tomcat -keyalg RSA
the following questions are the questionnaire through the procedure of creating a new keystore
---------------------------------------------------------
Enter keystore password:
Re-enter new password:
What is your first and last name?
[Unknown]: haochang
What is the name of your organizational unit?
[Unknown]: tmu
What is the name of your organization?
[Unknown]: tmu
What is the name of your City or Locality?
[Unknown]: taipei
What is the name of your State or Province?
[Unknown]: taiwan
What is the two-letter country code for this unit?
[Unknown]: TW
Is CN=haochang, OU=tmu, O=tmu, L=taipei, ST=taiwan, C=TW correct?
[no]: YES
Enter key password for <tomcat>
(RETURN if same as keystore password):
Re-enter new password:
------------------------------------------------------------
(2)In the command line you can append "-list" parameter to "keytool" to check your keystore
C:\Java\jdk1.6.0_03\bin>keytool -list
Enter keystore password:
Keystore type: JKS
Keystore provider: SUN
Your keystore contains 1 entry
tomcat, Dec 30, 2007, PrivateKeyEntry,
Certificate fingerprint (MD5): 4C:81:50:41:30:D5:74:43:86:EE:74:50:D8:DA:FE:A9
(3)To come here you have create a KeyStore, and we should edit %comcat_home%\conf\server.xml
<Connector port="8443"
maxThreads="150" minSpareThreads="25" maxSpareThreads="75"
enableLookups="false" disableUploadTimeout="true"
acceptCount="100" debug="0" scheme="https" secure="true" keystorePass="xxxxxx" keystoreFile="C:\Documents and Settings\SHIUKEN\.keystore"
clientAuth="false" sslProtocol="TLS" />
//In the "keystorePass" part you have to keyin the password as same as the keystore's password.
//In the "keystoreFile" you can assign the keystore's place in your folder.
發表文章
沒有留言:
張貼留言