create a CA and signed certificate

Hi, I'm doing my final project degree and I need help with this, please.

I'm using Apache Tomcat with SSL to create cipher comunications. I want to create a CA to sign my certificate. This is what I did:

1. I've created my certificate with keytool.

2. With this certificate I've created my CSR

3. I've created a new CA with Openssl:

./CA.pl -newca

* a name for the CA
* secret passphrase for the CA's private key.
* more information...

4. I've rename the CSR with the name "newreq.pem" and then I've signed it.

./CA.pl -sign

5. Now, I have the new certificate signed, "newcert.pem", and the CA's certificate.

6. What do I have to do for use them with Tomcat??
I think I have to install the CA certificate and the signed certificate, but how??

Thanks.

 

Hi,

A few questions:

What distro?
Did you try to setup CA without tomcat?
If you did, does everything work?
Any errors in the log?

Have you setup everything properly?
- httpd.conf or ssl.conf includes all the necessary configurations?
- ssl module is loaded?

See if this helps:
http://www.digicert.com/ssl-certificate-installation-tomcat.htm

Mrk

 

Hi,

See also this:

http://wiki.apache.org/tomcat/FAQ/Security

http://marc.info/?l=tomcat-user&m=106293430225790&w=2

Mrk