Javier's Blog

Mostly computers and other tech stuff,...

Thursday, February 25, 2010

Setting up tomcat for openjms tunnel

1. Create Tomcat keystore and key

keytool -genkey -dname "cn=example.com" -alias tomcat -keyalg RSA \
-keystore $TOMCAT_HOME/keystore -keypass changeit -storepass \
changeit


2. Export the public certificate

keytool -export -alias tomcat -keystore $TOMCAT_HOME/keystore -storepass \
changeit -rfc -file tomcat.pub


3. Create client keystore and Trust (import) the Tomcat public key

keytool -import -alias tomcat -keystore openjms.keystore -storepass \
changeit -file tomcat.pub -noprompt

*. Repeat last step for client.keystore.

4. Don't forget to configure tomcat:

<Connector port="443" protocol="HTTP/1.1" SSLEnabled="true"
maxThreads="150" scheme="https" secure="true"
clientAuth="false" sslProtocol="TLS"
keystoreFile="/usr/local/apache-tomcat-6.0.20/keystore"
truststoreFile="/usr/local/apache-tomcat-6.0.20/keystore"
keystorePass="changeit"
truststorePass="changeit" />


5. And make sure you drop openjms-tunnel.war in the webapps directory

0 Comments:

Post a Comment

Links to this post:

Create a Link

<< Home