Configuring the http server for https using the keytool

From PresenceWiki
Revision as of 16:40, 20 January 2012 by Graham (Talk | contribs)

Jump to: navigation, search

To create a keystore for the https server:-


keytool -keyalg RSA -genkey -validity 731 -keystore c:\\keystore

http://www.international-presence.com/images/docs/https/createkeystore.png

After this you can then create a self signed certificate:-

keytool -selfcert -validity 721 -keystore c:\\keystore

http://www.international-presence.com/images/docs/https/selfsigned.png

Now place the file keystore into the presence res directory.

In the httpconfig edit the following:-

<http-config httpenabled="true" httpsenabled="true" port="81" secureport="443">
<security>
       <keystore>./res/keystore</keystore>
       <password>password</password>
       <keypassword>password</keypassword>
</security>


Because we gave the name as impscloud, if we go to C:\WINDOWS\system32\drivers\etc\hosts and edit this we can point it to a chosen machine:-

http://www.international-presence.com/images/docs/https/hosts.png

Then we can go to this page:-

https://impscloud/test.xhtml

Initially we will receive a warning, if we choose, I understand the risks.

http://www.international-presence.com/images/docs/https/untrustedconnection.png

We can then select "Get The Certificiate" and then "Confirm Security Exception"

http://www.international-presence.com/images/docs/https/confirmsecurityexception.png

From now on, we shall receive the page as intended:-

http://www.international-presence.com/images/docs/https/page.png http://www.international-presence.com/images/docs/https/simplesecureresponse.png