Hi Rama,
You send this certificate signing request to certificate authority (CA) of your choice. What you get from CA is signed certificate that Apache should be able to use with on modification. Same cert needs to be imported to key store you use in Grizzly.
HTH,
Hubert.
-original message-
Subject: ssl how-to
From: rama <rama.rama_at_tiscali.it>
Date: 28-05-2009 10:20
Hello :)
i have some question related to ssl cert.
this is the piece of code that i use to start ssl
-----------
SSLConfig sslConfig = new SSLConfig();
sslConfig.setKeyStoreFile(keyStoreFile);
sslConfig.setKeyStorePass(keyStorePwd);
WebServer w = new WebServer();
w.setSSLConfig(sslConfig);
w.start();
istances.add(w);
----------
where webserver extend grizzlywebserver.
now, to create the keystorefile i use something like
keytool -genkey -alias supersite.com -keyalg RSA -keystore supersite.jks
then i generate the cert request using
keytool -certreq -alias "supersite.com" -keystore supersite.jks -file
supersite.csr
After that, i have to send to someone(??) the csr.
Then, i miss what i need to have inorder to proceede.
I have some doubt because right now, we are using a reverse proxy
company to do ddos mitigation.
For that reason, this company need to have the same "cert" that we
are using.
So, right now i am using self signed cert, but i want to switch to
signed one.
The reverseproxy guy need a ".crt" apache compliant turbo certificate :)
So, at last, the question is:
How i am supposed to make a .crt "apache friendly" certificate &
grizzly "friendly" certificate after i get the "csr" signed?
Tnx for your help :)
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe_at_grizzly.dev.java.net
For additional commands, e-mail: dev-help_at_grizzly.dev.java.net