openssl pkcs12 -export -in es.crt -inkey es.key -out es.p12 -name es_tomcat
2, list privatekeyentry
keytool -list -v -keystore es.p12 -storetype pkcs12
3,Import CA/cacert.crt into the Java cacerts, so that the tomcat install can talk to itself if needed.
keytool -import -keystore es.keystore -file es.crt
4, Covert the PKCS#12 keystore to JKS keystore
keytool -importkeystore -srckeystore es.p12 -destkeystore es.jks -srcstoretype pkcs12
keytool -list -v -keystore es.jks
5 update server.xml
vim /opt/tomcat/conf/server.xml
cat /dev/null > /opt/tomcat/logs/catalina.out
/etc/init.d/tomcat stop
cat /dev/null > /opt/tomcat/logs/catalina.out
/etc/init.d/tomcat start
less /opt/tomcat/logs/catalina.out
No comments:
Post a Comment