How to create a self signed certificate for apache

how to create a self signed certificate for apache

Generating the certificate

Our first step is to generate the certificate. (This example is for Windows, Unix is almost the same.) This is done by using the keytool, located in your JAVA_HOME. For our Windows example this will be C:\Program Files\Java\jdk1.6.0_18\bin

Open a command prompt. First create the directory for your keystore-file, that is the file that will hold your certificate. We will put the keystore-file in the Tomcat-directory: C:\Tomcat\Keystore.

C:\>mkdir C:\Tomcat\Keystore

The command you are going to use, keytool.exe, is part of your Java-installation. Switch to your JAVA_HOME directory, in the example C:\Program Files\Java\jdk1.6.0_18 and from there to the bin directory.

Start the keytool, with the following parameters: keytool -genkey -alias tomcat -keyalg RSA -keystore c:\tomcat\keystore\.keystore. This means more or less:

generate a certificate/key called tomcat, using RSA as key-algorithm and store the certificate in the keystore, located in C:\Tomcat\Keystore.

C:\>cd %JAVA_HOME%

C:\Program Files\Java\jdk1.6.0_18>cd bin

C:\Program Files\Java\jdk1.6.0_18\bin>keytool -genkey -alias tomcat -keyalg RSA -keystore c:\tomcat\keystore\.keystore

Now you must supply several parameters. None of these are very important, except the keystore password. Standard is changeit. but of course you can use anything. But whatever you choose: write it down. You will need this password in the server.xml file, so Tomcat can open the keystore and read the certificate. A typical output of the keystore is:

Enter keystore password:

Re-enter new password:

What is your first and last name?

[Unknown]: GR Visser

What is the name of your City or Locality?


Category: Insurance

Similar articles: