Melanie, i think keytool does not create any certificate. Its just a key/certificate management utility.What did you use to get server.crt? openssl ,selfssl or some free sites available??RegardsPrasanna Ram--On Wed, May 6, 2009 at 12:22 PM, Melanie Pfefer <melanie_pfefer@xxxxxxxxxxx> wrote:
Hi,
I have tomcat server running as a backend server and apache running as front-end, both on the same machine
In httpd.conf, I have:
SSLProxyEngine On
RewriteEngine On
SSLProxyCACertificatePath /usr/local/apache/conf/ssl
RewriteRule ^/(abc.*) https://host:port/$1 [P,L]
I am getting an error that the certificate is out of date.
What I did before was:
keytool -export -alias tomcat -rfc > tomcat.pem
c_rehash /usr/local/apache/conf/ssl
now /usr/local/apache/conf/ssl has
server.crt
server.key
tomcat.pem
cc5d41ae.0 -> tomcat.pem
I need to know how to renew the certificate.
Is it sufficient to redo:
keytool -export -alias tomcat -rfc > tomcat.pem
c_rehash /usr/local/apache/conf/ssl
how to rollback in case of failures?
Thank you
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx
" from the digest: users-digest-unsubscribe@xxxxxxxxxxxxxxxx
For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx
Prasanna Ram