Javier's Blog

Mostly computers and other tech stuff,...

Thursday, February 25, 2010

Setting up tomcat for openjms tunnel

1. Create Tomcat keystore and key

keytool -genkey -dname "cn=example.com" -alias tomcat -keyalg RSA \
-keystore $TOMCAT_HOME/keystore -keypass changeit -storepass \

2. Export the public certificate

keytool -export -alias tomcat -keystore $TOMCAT_HOME/keystore -storepass \
changeit -rfc -file tomcat.pub

3. Create client keystore and Trust (import) the Tomcat public key

keytool -import -alias tomcat -keystore openjms.keystore -storepass \
changeit -file tomcat.pub -noprompt

*. Repeat last step for client.keystore.

4. Don't forget to configure tomcat:

<Connector port="443" protocol="HTTP/1.1" SSLEnabled="true"
maxThreads="150" scheme="https" secure="true"
clientAuth="false" sslProtocol="TLS"
truststorePass="changeit" />

5. And make sure you drop openjms-tunnel.war in the webapps directory