Solved

Using a wildcard SSL Certificate in Tomcat

Posted on 2014-11-20
2
394 Views
Last Modified: 2014-12-02
Hello

I am trying to allow users to externally access some SAP programs that use Tomcat. I would like to use a wildcard SSL certificate we already own. I have searched for a few days on how to do this but only find guides for creating your own certificate.

Thanks for your help in advance.
0
Comment
Question by:Crossroads305
2 Comments
 
LVL 61

Accepted Solution

by:
btan earned 500 total points
ID: 40456722
you shoild start with cert req if the intent is to leverage 3rd party trusted CA or internal Enterprise CA. I do advise not to use self signed @ http://scn.sap.com/docs/DOC-46819
you may want to explore SAN instead of wildcard (which may not be supported by SAP service if applicable) instead
we will need to generate both SSL certificates in such a way they will be valid no matter which hostname is used for sending the HTTP requests (each SAP system can be reached in fact via two different hostnames). This can be achieved by means of a X.509 extension called Subject Alternatives Names or shortly SAN
Specific to Tomcat SSL , pls see configuration to install cert from CA @ http://tomcat.apache.org/tomcat-7.0-doc/ssl-howto.html#Installing_a_Certificate_from_a_Certificate_Authority
0
 
LVL 32

Expert Comment

by:shalomc
ID: 40460826
Simple when you know it :)

Read the link graciously provided by btan. Essentially, the process to use your self-created cert is nearly identical to the process of using a CA issued wildcard cert. You need 3 files.

Get the private key that was used to create the CSR for the wildcard cert you own. This is the equivalent of the "Local Certificate" in the "Create a local Certificate Signing Request (CSR)" section.
Get the wildcard certificate itself
Get the CA chain certificate.
Someone in your organization has all three because you use them
You do not need to create a CSR.
Follow the instructions in "Importing the Certificate"
Follow the instructions in "Edit the Tomcat Configuration File" but use your wildcard certificate, private key and CA chain

Good luck!!
0

Featured Post

Do You Know the 4 Main Threat Actor Types?

Do you know the main threat actor types? Most attackers fall into one of four categories, each with their own favored tactics, techniques, and procedures.

Join & Write a Comment

Suggested Solutions

If you've heard about htaccess and it sounds like it does what you want, but you're not sure how it works... well, you're in the right place. Read on. Some Basics #1. It's a file and its filename is .htaccess (yes, with a dot in the front). #…
If your site has a few sections that need to be secure when data is transmitted between the server and local computer, such as a /order/ section for ordering or /customer/ which contains customer data, etc it would of course be recommended to secure…
In this seventh video of the Xpdf series, we discuss and demonstrate the PDFfonts utility, which lists all the fonts used in a PDF file. It does this via a command line interface, making it suitable for use in programs, scripts, batch files — any pl…
This video shows how to remove a single email address from the Outlook 2010 Auto Suggestion memory. NOTE: For Outlook 2016 and 2013 perform the exact same steps. Open a new email: Click the New email button in Outlook. Start typing the address: …

747 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

13 Experts available now in Live!

Get 1:1 Help Now