Solved

Jakarta-Tomcat-3.2.3 and SSL

Posted on 2002-05-14
3
271 Views
Last Modified: 2010-03-04
Hi All,  
I have been to the Apache site to read the following page:
http://jakarta.apache.org/tomcat/tomcat-3.2-doc/tomcat-ssl-howto.html

However, this may as well be Greek to me.
I am a newbie when it comes to SSL, HTTPS, and security in general.

I would like to keep things simple for learning. I have Jakarta-Tomcat-3.2.3 installed on my Windows2000 machine. It works just fine when it comes to regular HTTP/HTML/JSP applications.

So, what can I do to make this a secure site with HTTPS pages?

Where can I get the additional security JAR files to put in the CLASSPATH? I can not find them on the Sun site.

What files need to change in my C:\jakarta-tomcat-3.2.3\conf and \bin and \webapps\project directories?

TIA
DoughBoy

0
Comment
Question by:DoughBoy
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
3 Comments
 
LVL 15

Accepted Solution

by:
samri earned 100 total points
ID: 7010115
DoughBoy,

First, I have never tried to use Tomcat (to let you know how good I am :(.  However, I would try , my best to make your life a bit easier (or harder?)

The page that you mentioned have an excellent information.

At this point, I would have to assume that you would not be rebuilding Tomcat, nor does you will use Apache SSL.

Let's go to "Direct SSL" section.

First you would need to get the JDK.  I would believe that we will go for IBM JDK 1.3 since the author successfull use it.  Download it, and get it installed.

http://www7b.boulder.ibm.com/wsdd/wspvtindex.html

Next, you need to generate a certificate for your server.  TO do that, you need an OpenSSL package. Get one from http://www.openssl.org/  I'm not sure how good the win32 port of OpenSSL, but it's worth a try.  Grab it from http://www.kix.or.jp/~fujino/openssl/ (Direct Link: http://www.kix.or.jp/~fujino/openssl/OpenSSL-20010810.tar.gz).  Download it, use winzip to extract it to c:\ssl

Alternately, you can try these link for the OpenSSL.
http://curl.haxx.se/download.html
http://www.zoneedit.com/doc/partner/perl-utils/openssl-win32-binaries/

I have tried, but no luck in creating the new certificate request (on Win2K Pro).



good luck
0
 
LVL 15

Expert Comment

by:periwinkle
ID: 9682147
No comment has been added lately, so it's time to clean up this TA.

I will leave a recommendation in the Cleanup topic area with the following recommendation for this question:

answered by samri

Please leave any comments here within the next seven days.

PLEASE DO NOT ACCEPT THIS COMMENT AS AN ANSWER!

periwinkle
EE Cleanup Volunteer
0

Featured Post

Free Tool: ZipGrep

ZipGrep is a utility that can list and search zip (.war, .ear, .jar, etc) archives for text patterns, without the need to extract the archive's contents.

One of a set of tools we're offering as a way to say thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Hi, in this article I'm going to teach you how to run your own site, and how to let people in (without IP). I'll talk about and explain each step... :) By the way, everything in this Tutorial is completely free and legal. This article is for …
If your site has a few sections that need to be secure when data is transmitted between the server and local computer, such as a /order/ section for ordering or /customer/ which contains customer data, etc it would of course be recommended to secure…
Attackers love to prey on accounts that have privileges. Reducing privileged accounts and protecting privileged accounts therefore is paramount. Users, groups, and service accounts need to be protected to help protect the entire Active Directory …

738 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question