[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
RE: [iaik-ssl] Using IAIK in Jakarta-Tomcat?
I want to be able to create a secure connection between
our clients and the webserver. I was told we were to use SSL.
The user would, for example, connect via:
Maybe I'm missing something important here. As I said
earlier, I'm still in the learning stage.
>From: NOAM SEGAL [mailto:email@example.com]
>Sent: Tuesday, April 10, 2001 11:25
>To: 'Steven D. Keens'
>Subject: RE: [iaik-ssl] Using IAIK in Jakarta-Tomcat?
>I have tried to use iaik with Tomcat.
>But what exactly are you trying to do? Tomcat is a servlet engine.
>From: Steven D. Keens [mailto:firstname.lastname@example.org]
>Sent: Friday, April 06, 2001 10:01 PM
>Subject: [iaik-ssl] Using IAIK in Jakarta-Tomcat?
>I'm new to SSL and have the task of getting
>IAIK to work with Jakarta-Tomcat webserver.
>Has anyone every tried such a thing and if so
>how did you do it? Any help would be appreciated.
>Thanks in advance.
>Here's what I know right now. Tomcat's
>server.xml configuration file has a section that
>allows me to use JSSE for SSL. I thought
>that maybe I could replace the <Connector>
>element with one that points to the correct
>IAIK classes. However, I couldn't find an
>an SSLSocketFactory in the IAIK API docs.
> <Connector className="org.apache.tomcat.service.PoolTcpConnector">
> <Parameter name="handler"
> <Parameter name="port"
> <Parameter name="socketFactory"
> value="org.apache.tomcat.net.SSLSocketFactory" />
> Uncomment above for SSL support.
> You _need_ to set up a server certificate if you want this
> to work, and you need JSSE.
> 1. Add JSSE jars to CLASSPATH
> 2. Edit java.home/jre/lib/security/java.security
> 3. Do: keytool -genkey -alias tomcat -keyalg RSA
> RSA is essential to work with Netscape and IIS.
> Use "changeit" as password. ( or add keypass attribute )
> You don't need to sign the certificate.
> You can set parameter keystore and keypass if you want
> to change the default ( user.home/.keystore with changeit )
>Steven Keens mailto:email@example.com
>PlanetFred Inc. http://www.planetfred.com
>44 Byward Market, Suite 240, Ottawa, ON, K1N 7A2, Canada
>To unsubscribe send an email to firstname.lastname@example.org with the folowing content:
Mailinglist-archive at http://jcewww.iaik.at/mailarchive/iaik-ssl/sslthreads.html
To unsubscribe send an email to email@example.com with the folowing content: UNSUBSCRIBE iaik-ssl