Установка SSL ustanovkassl.com. сертификаты для сайта, ssl провайдер, SAN SSL сертификаты, openssl, SSL защита, Украинский центр сертификации сайтов и верификации компаний Веб Траст Украина WebTrust - Ukraine
Украинский центр сертификации сайтов и верификации компаний Веб Траст Украина Ukrainian site certification and company verification Center, SSL, UA SSL сертификаты CodeSigning Верификация компаний Российско Украинское
cовместное предприятие		 Контакты
http://adgrafics.tel


Jakarta-Tomcat

Installing your Web Server Certificate

 

Your certificate will be sent to you by email. The email message includes the web server certificate that you purchased in the body of the email message.

Copy the certificate from the body of the email and paste it into a text editor (such as notepad) to create text files.

Note if you are installing the certificate on anything other than a Sun system you will have to convert the certificate to binary format. You can use OpenSSL (obtained from www.openssl.org) to convert the certificate to binary format.

Install the QuickSSL certificate:

1. Copy/paste your GeoTrust root certificate into a text editor and save the file as geotrustca.pem. The root certificate is not normally sent out with GeoTrust certificates. Contact us at ssltech@geotrust.com to obtain the root certificate.

2. Copy/paste your web server certificate into a text editor and save the file as domainname.pem (substitute domainname for the domain name that you purchased the certificate for.)

2a. If necessary, convert the server certificate and root certificate to binary format (must have openssl installed) using the following command:

openssl x509 -in domainname.pem -inform PEM -outform DER -out domainname.crt

openssl x509 -in geotrustca.pem -inform PEM -outform DER -out geotrustca.crt

3. Import the "Root Certificate" using the following command:

$JAVA_HOME/bin/keytool -import -alias geotrustca -keystore /path/to/domainname.kdb -file geotrustca.crt

4. Import the "Server Certificate" using the following command:

$JAVA_HOME/bin/keytool -import -alias tomcat -keystore /path/to/domainname.kdb -file domainname.crt

Note: You must use the alias name of "tomcat"

Update server.xml configuration file:

1. Open "$JAKARTA_HOME/conf/server.xml" in a text editor.

2. Find the following section:

<Connector className="org.apache.catalina.connector.http.HttpConnector"
port="8443" minProcessors="5" maxProcessors="75"
enableLookups="true"
acceptCount="10" debug="0" scheme="https" secure="true">
<Factory className="org.apache.catalina.net.SSLServerSocketFactory"
clientAuth="false" protocol="TLS"
keystoreFile="tomcat.kdb"
keystorePass="password"/>

3. If you want Tomcat to use the default SSL port, change all instances of the port number 8443 to 443.

4. Add the keystoreFile and keystorePass directives to correspond with the keystore file and password that you are using.

5. Start or restart Tomcat using the appropriate startup script (startup.sh for unix/linux or startup.bat for windows)

Copyright © 1997-2010 adgrafics ®