How to set up SSL for Tomcat?

V

vvrider2016-01-29 02:05:14

Apache HTTP Server

vvrider, 2016-01-29 02:05:14

There are 3 files:
carttry.com.crt
ssl.key
root_bundle.crt
What needs to be done with these files so that Tomcat can see them and use them?
I saw a couple of versions: 1) include in the virtual host config
2) configure the connector (but there I saw only the prescription of the 1st keystore file)
I encounter SLL for the first time, I don’t know where to start.
Thanks

Reply

Answer the question

In order to leave comments, you need to log in

2 answer(s)

D

Danila, 2016-01-29
@vvrider

Item 2 seems to be more canonical, just import the key and certificates into the repository.
But for this, the certificate and keys (I suspect that they are in PEM format (human-readable, start with the line: -----BEGIN CERTIFICATE-----)) are converted to DER.

V

vvrider, 2016-01-29
@vvrider

PEM Format
The PEM format is the most common format that Certificate Authorities issue certificates in. PEM certificates usually have extentions such as .pem, .crt, .cer, and .key. They are Base64 encoded ASCII files and contain "-----BEGIN CERTIFICATE-----" and "-----END CERTIFICATE-----" statements. Server certificates, intermediate certificates, and private keys can all be put into the PEM format.
Apache and other similar servers use PEM format certificates. Several PEM certificates, and even the private key, can be included in one file, one below the other, but most platforms, such as Apache, expect the certificates and private key to be in separate files.
The question is, why recode it in DER?