Showing posts with label ssl. Show all posts
Showing posts with label ssl. Show all posts

Aug 18, 2017

How to configure tomcat server with SSL configuration?

1. Create private key and CSR using OpenSSL

openssl genrsa -out www.mydomain.com.key 2048
openssl req -new -sha256 -key www.mydomain.com.key  -out www.mydomain.com.csr

2. Submit CSR file to your Certificate Authority to generate & share valid CA certificates.

Valid CA certificates would have following files
a.  www.mydomain.com.crt
b.  xxxxCARoot.crt
c.  xxxxTrustxxx.crt
d.  xxxxxxxCA2.crt

3. Bundle CA, CA2 and Trust certificate into single file bundle.crt

4. Generate pkcs12 file using below command and provide keystorePass as 'changeit'
>openssl pkcs12 -export -in www.mydomain.com.crt -inkey www.mydomain.com.key -out www.mydomain.com.p12 -name tomcat -CAfile bundle.crt -caname root -chain


5. Configure tomcat server.xml with below <Connector>
<Connector SSLEnabled="true" keystoreFile="conf/ssl/www.mydomain.com.p12" keystorePass="changeit" keystoreType="PKCS12" port="443" protocol="HTTP/1.1" scheme="https" secure="true" sslProtocol="TLSv1.2"/>
at No comments:
Labels: , , , , , , ,

Mar 16, 2017

MongoDB SSL connection command

$ mongo --host <hostname> --port <port> --username username --password --ssl --sslPEMKeyFile <filename> --sslPEMKeyPassword <value> --sslCAFile <filename>
at No comments:
Labels: , ,
Subscribe to: Comments (Atom)