Versions Compared

Old Version 1

changes.mady.by.user Runhua Chi

Saved on

compared with

New Version 132

changes.mady.by.user maojia

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Comment: Migration of unmigrated content due to installation of a new plugin

...

Excerpt

This section is about how to administer certificates from the administration console.

To administer SSL certificates, the Keystore Configuration portlet is available by selecting Keystore on the Console Navigation menu on the left hand side. From this portlet, you can either import an existing certificate or create a new certificate request.

...

The certificates in Geronimo are stored in a keystore located in <geronimo_home>\var\security\keystores\geronimo-default.

If you want to use a different keystore other than the one provided by default, you can create one by clicking on New Keystore. You will be prompted with a keystore name and a password, enter those values and click Create Keystore, for . For this example we entered , the keystore is named sample_keystore and password respectively.

The keystore you just created does not yet contain any certificates nor key as depicted in the following figure. Also note that the keystore is by default locked, that is the closed lock in the Available column. Once After you create the certificate, you will need to click on the lock to make that certificate available, and you will be prompted with the passwords for the keystore and certificate.

To create a private key, click on the keys on the keystore you just created and then on the next page click on Create Private Key. Enter valid data in the appropriate field data.

Click on Review Key Data and then on the next page click Generate Key. You should now see the key you just generated listed in the Keystore Configuration portlet.

You now Now you can use that certificate this key by configuring an HTTPS connector as described in
httphttps://cwiki.apache.org/GMOxDOC22/adding-new-listeners-for-the-web-containers.htmlconfluence/display/GMOxDOC30/Add+new+HTTPS+listener. Remember to make the certificate and keystore available by clicking on the "lock" icon. For this example we have , you can modified the existing TomcatWebSSLConnector, we specified the new keystore and saved the configuration.

For this configuration to take effect, you need to restart the connector. Click on the stop link corresponding to the network listener you just updated, in this case TomcatWebSSLConnector, and then click on start. Now this connector is using the new keystore and certificate.

...

If you now point your browser to that particular port, you should see the server is using the certificate you created previously. For this example, as we because you are using the existing SSL connector, we point the your browser to:

https://localhost:8443/consoleImage Removed