Install SSH Certificate

Questions and answers for all installation-related topics for Servoy products

Install SSH Certificate

Postby hovw » Mon Apr 08, 2019 9:57 pm

How to create a ssl connection, with speciale thanks to Marc Boegem

Generate a Private Key
openssl genrsa -des3 -out server.key 1024

Generate a CSR (Certificate Signing Request)
openssl req -new -key server.key -out server.csr

server.csr -- CSR
server.key -- private key

Send your CSR to the certification authority (CA)

return from CA
server.crt – returned from CA
RapidSSL_TLS_RSA_CA_G1.crt – returned from CA

generate a new p12 certificate with your private key, CA.crt and the returned server.crt

openssl pkcs12 -export -out server.p12 -name server_name -inkey server.key -in server.crt -certfile RapidSSL_TLS_RSA_CA_G1.crt

Enter Export Password: pw_1234

Make a keystore from the p12 certificate

keytool -importkeystore -deststorepass pw_1234 -destkeypass pw_1234 -destkeystore server.jks -srckeystore server.p12 -srcstoretype PKCS12 -srcstrepass pw_1234 -alias server_name

copy the server.jks to the conf folder in Tomcat

in the server.xml

<Connector port="9094"
protocol="HTTP/1.1"
redirectPort="443"/>
<Connector port="8443"
protocol="HTTP/1.1"
maxThreads="500" connectionTimeout="60000"
useBodyEncodingForURI="true"
compression="4096"
scheme="https"
secure="true"
SSLEnabled="true"

sslProtocol="TLS"
protocols="TLSv1.2,TLSv1.1,TLSv1,,SSLv2Hello"
ciphers="TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256, TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA,TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384, TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA, TLS_RSA_WITH_AES_128_CBC_SHA256,TLS_RSA_WITH_AES_128_CBC_SHA,TLS_RSA_WITH_AES_256_CBC_SHA256"
keystoreFile="conf/server.jks"
keystorePass="pw_1234"
compressableMimeType="text/html,text/xml,text/plain,text/javascript,text/css"
/>
OSX 10.9.5 - 10.13.1
hovw
 
Posts: 22
Joined: Wed Nov 04, 2009 10:41 pm

Return to Installation

Who is online

Users browsing this forum: No registered users and 2 guests

cron