Replication set up for tomcat4 standalone (java1.4)
1. Generate keys in java default key store - $jAVA_HOME/jre/lib/security/cacerts:
   keytool -genkey -alias pinetomcat -keyalg RSA -validity 800 -keystore cacerts
   Note: when ask you name, you should put your host name, such as "pine.nceas.ucsb.edu"

2. Generate certificate:
   keytool -export -alias pinetomcat -file pinetomcatjava14.cert -keystore cacerts

3. Configure server.xml for tomcat 4.
   Removed the comment for port 8443. In factory element add an attribute:
   keystoreFile="/usr/java/j2sdk1.4.1_01/jre/lib/security/cacerts"
   In windows machine, it will look like keystoreFile="C:\usr\java\j2sdk1.4.1_01\jre\lib\security\cacerts"
   
4. Import other server's certificate to cacerts:
    keytool -import -alias fatalitomcatjava14 -file ~/keys/fatalitomcat/fatalitomcatjava14.cert -keystore cacerts

5. Restart tomcat

6. Set up xml_replication table in metacat

Replication set up for Apache2 (with Tomcat4):
1. Generate keys by openssl (In pine machine)
   openssl req -new -out REQ.pem -keyout server.key
   Note: the first quetion is asked to set your password.

2. Generate certificate:
   openssl req -x509 -days 800 -in REQ.pem -key server.key -out server.crt

3. Put server.key into $APACHE_HOME/conf/ssl.key and server.crt into APACHE_HOME/conf/ssl.crt

4. Import other server's certificate to java's cacerts:
   keytool -import -alias pinetomcat14 -file pinetomcatjava14.cert -keystore cacerts

5. Restart apache and tomcat

6. Set up xml_replication table in metacat