|
1
|
Replication set up for tomcat4 standalone (java1.4)
|
|
2
|
1. Generate keys in java default key store - $jAVA_HOME/jre/lib/security/cacerts:
|
|
3
|
keytool -genkey -alias pinetomcat -keyalg RSA -validity 800 -keystore cacerts
|
|
4
|
Note: when ask you name, you should put your host name, such as "pine.nceas.ucsb.edu"
|
|
5
|
The state name should be full name, e.g. California.
|
|
6
|
|
|
7
|
2. Generate certificate:
|
|
8
|
keytool -export -alias pinetomcat -file pinetomcatjava14.cert -keystore cacerts
|
|
9
|
|
|
10
|
3. Configure server.xml for tomcat 4.
|
|
11
|
Removed the comment for port 8443. In factory element add an attribute:
|
|
12
|
keystoreFile="/usr/java/j2sdk1.4.1_01/jre/lib/security/cacerts"
|
|
13
|
In windows machine, it will look like keystoreFile="C:\usr\java\j2sdk1.4.1_01\jre\lib\security\cacerts"
|
|
14
|
|
|
15
|
4. Import other server's certificate to cacerts:
|
|
16
|
keytool -import -alias fatalitomcatjava14 -file ~/keys/fatalitomcat/fatalitomcatjava14.cert -keystore cacerts
|
|
17
|
|
|
18
|
5. Restart tomcat
|
|
19
|
|
|
20
|
6. Set up xml_replication table in metacat
|
|
21
|
|
|
22
|
Replication set up for Apache2 (with Tomcat4):
|
|
23
|
1. Generate keys by openssl (In pine machine)
|
|
24
|
openssl req -new -out REQ.pem -keyout server.key
|
|
25
|
Note: the first quetion is asked to set your password.
|
|
26
|
|
|
27
|
2. Generate certificate:
|
|
28
|
openssl req -x509 -days 800 -in REQ.pem -key server.key -out server.crt
|
|
29
|
|
|
30
|
3. Put server.key into $APACHE_HOME/conf/ssl.key and server.crt into APACHE_HOME/conf/ssl.crt
|
|
31
|
|
|
32
|
4. Import other server's certificate to java's cacerts:
|
|
33
|
keytool -import -alias pinetomcat14 -file pinetomcatjava14.cert -keystore cacerts
|
|
34
|
|
|
35
|
5. Restart apache and tomcat
|
|
36
|
|
|
37
|
6. Set up xml_replication table in metacat
|
|
38
|
|
|
39
|
The example to set up a key:
|
|
40
|
Country Name (2 letter code) [GB]:US
|
|
41
|
State or Province Name (full name) [Berkshire]:California
|
|
42
|
Locality Name (eg, city) [Newbury]:Santa Barbara
|
|
43
|
Organization Name (eg, company) [My Company Ltd]:UCSB
|
|
44
|
Organizational Unit Name (eg, section) []:NCEAS
|
|
45
|
Common Name (eg, your name or your server's hostname) []:dev.nceas.ucsb.edu
|
|
46
|
(Note: don't put port number here)
|
|
47
|
Email Address []:tao@nceas.ucsb.edu
|