1 |
1765
|
tao
|
Replication set up for tomcat4 standalone (java1.4)
|
2 |
|
|
1. Generate keys in java default key store - $jAVA_HOME/jre/lib/security/cacerts:
|
3 |
|
|
keytool -genkey -alias pinetomcat -keyalg RSA -validity 800 -keystore cacerts
|
4 |
|
|
Note: when ask you name, you should put your host name, such as "pine.nceas.ucsb.edu"
|
5 |
|
|
|
6 |
|
|
2. Generate certificate:
|
7 |
|
|
keytool -export -alias pinetomcat -file pinetomcatjava14.cert -keystore cacerts
|
8 |
|
|
|
9 |
|
|
3. Configure server.xml for tomcat 4.
|
10 |
|
|
Removed the comment for port 8443. In factory element add an attribute:
|
11 |
|
|
keystoreFile="/usr/java/j2sdk1.4.1_01/jre/lib/security/cacerts"
|
12 |
|
|
In windows machine, it will look like keystoreFile="C:\usr\java\j2sdk1.4.1_01\jre\lib\security\cacerts"
|
13 |
|
|
|
14 |
|
|
4. Import other server's certificate to cacerts:
|
15 |
|
|
keytool -import -alias fatalitomcatjava14 -file ~/keys/fatalitomcat/fatalitomcatjava14.cert -keystore cacerts
|
16 |
|
|
|
17 |
|
|
5. Restart tomcat
|
18 |
|
|
|
19 |
|
|
6. Set up xml_replication table in metacat
|
20 |
|
|
|
21 |
|
|
Replication set up for Apache2 (with Tomcat4):
|
22 |
|
|
1. Generate keys by openssl (In pine machine)
|
23 |
|
|
openssl req -new -out REQ.pem -keyout server.key
|
24 |
|
|
Note: the first quetion is asked to set your password.
|
25 |
|
|
|
26 |
|
|
2. Generate certificate:
|
27 |
|
|
openssl req -x509 -days 800 -in REQ.pem -key server.key -out server.crt
|
28 |
|
|
|
29 |
|
|
3. Put server.key into $APACHE_HOME/conf/ssl.key and server.crt into APACHE_HOME/conf/ssl.crt
|
30 |
|
|
|
31 |
|
|
4. Import other server's certificate to java's cacerts:
|
32 |
|
|
keytool -import -alias pinetomcat14 -file pinetomcatjava14.cert -keystore cacerts
|
33 |
|
|
|
34 |
|
|
5. Restart apache and tomcat
|
35 |
|
|
|
36 |
|
|
6. Set up xml_replication table in metacat
|