Friday, July 27, 2012

Creating a SSL Certificate

>> First of all You need JDK installed on your system to proceed further.
>> Now using the keyTool utility available with JDK we can create SSL certificates like shown in the screenshot.
use the command "keytool -genkey -alias tomcat -keyalag RSA"
* here RSA is the algorithm used for encryption of data.

>> You will see all the steps as shown in the above screenshot if you are going right.
>> After creation of .keystore file(SSL certificate) it is stored in the user' home folder automatically.
>> Now you need to configure the .keystore file in the server.xml file which is located inside %TOMCAT_HOME%\conf

               add the following element to the server.xml file.
<Connector port="8443" protocol="HTTP/1.1" SSLEnabled="true" maxThreads="150" scheme="https" keystoreFile="C:/Users/hsd/.keystore" secure="true" keystorePass="hsdhaka" clientAuth="false" sslProtocol="TLS" />
>> Now start the tomcat server
>> Enter the URL https://localhost:8443/ in addressbar of any browser and you will see the following page

This page indicates that your certificate is not created by a trusted vendor and thus can't be trusted,but the SSL security is on for your applications by doing so.

If you will click on
you will see the requested page as you expect it to be
but you can easily notice address bar of your browser

this shows that the resource you have requested is not trust worthy.
If you don't want to see this kind of alerts before your website is displayed get,your certificate designed and signed by a trusted SSL vendor in the market like thawte.

No comments:

Post a Comment