Create Certificate and Tomcat set up
First in order to do all the test we need to create or get a certificate. In Java platfform is quite easy.with the keytool which comes with every jdk. However in case of one way is more usual use a CA certificate- They usually delivery in pkcs12 format. keytool allow import this format of certificates. If not OpenSSL is a good tool to do lot of transformationsjordi@DESKTOP-V6S41NL MINGW64 /c/Program Files/Java/jdk1.8.0_111/bin
$ ./keytool -genkey -alias testcert -keyalg RSA -keypass testcert -storepass testcert -keystore c:/temp/keystore.jks
What is your first and last name?
[Unknown]: test
What is the name of your organizational unit?
[Unknown]: test
What is the name of your organization?
[Unknown]: test
What is the name of your City or Locality?
[Unknown]: test
What is the name of your State or Province?
[Unknown]: test
What is the two-letter country code for this unit?
[Unknown]: test
Is CN=test, OU=test, O=test, L=test, ST=test, C=test correct?
[no]: y
After to enable one way in Tomcat server.xml, the below is in Tomcat 9
<Connector port="8443" protocol="HTTP/1.1" SSLEnabled="true" maxThreads="150"
scheme="https" secure="true" clientAuth="false" keyAlias="testcert"
sslProtocol="TLS" keystoreFile ="c:/temp/keystore.jks"
keystorePass="testcert" truststoreFile="c:/temp/keystore.jks"
truststorePass="testcert"/>
Just set clientAuth="true" to enable double authorization or two way.
Cap comentari:
Publica un comentari a l'entrada