Javier's Blog

Mostly computers and other tech stuff,...

Thursday, February 25, 2010

Setting up tomcat for openjms tunnel

1. Create Tomcat keystore and key

keytool -genkey -dname "cn=example.com" -alias tomcat -keyalg RSA \
   -keystore $TOMCAT_HOME/keystore -keypass changeit -storepass \
   changeit


2. Export the public certificate

keytool -export -alias tomcat -keystore $TOMCAT_HOME/keystore -storepass \
   changeit -rfc -file tomcat.pub


3. Create client keystore and Trust (import) the Tomcat public key

keytool -import -alias tomcat -keystore openjms.keystore -storepass \
   changeit -file tomcat.pub  -noprompt

*. Repeat last step for client.keystore.

4. Don't forget to configure tomcat:

  <Connector port="443" protocol="HTTP/1.1" SSLEnabled="true"
               maxThreads="150" scheme="https" secure="true"
               clientAuth="false" sslProtocol="TLS"
                keystoreFile="/usr/local/apache-tomcat-6.0.20/keystore"
                truststoreFile="/usr/local/apache-tomcat-6.0.20/keystore"
                keystorePass="changeit" 
                truststorePass="changeit" />


5. And make sure you drop openjms-tunnel.war in the webapps directory

posted by Javier Godinez @ 3:27 PM 

0 Comments:

Post a Comment

Links to this post:

Create a Link

<< Home