Tech blogs

cURL - command line tool for transferring data using multiple proto cols.  To es tablish a tw o-way ssl communi cat ion between cURL and a apache tomcat web application, generate a s elf-signed certificate for server and client (machine cURL is running on ). Self-Signed certificate for client: 1. Create a private key for client.      openssl genrsa -out clientprivatekey.pem 2048 2. Create an openSSL self-signed certificate for the client using the private key      openssl req -new -x509 -key clientprivatekey.pem -out clientcert.pem -days 365.      Self-Signed certificate for server: 1. Generate a private key for server openssl genrsa -out serverprivatekey.pem 2048 2.Create an openSSL self-signed certificate for the server using the private key       openssl req -new -x509 -key serverprivatekey.pem -out servercert.pem -days 1095             This prompts you to enter a few pieces of information, use “.” to leave the field blank. When prompted for '

Two-way SSL authentication: Openssl is used for creating private keys and certificates. Setting up two-way ssl authentication on tomcat is done as follows  Generate a self-signed certificate for tomcat web application  Generate a self-signed certificate for the client (consider browser for this example)  Import client certificate into server's keystore - as CA is not used and server needs to know public key of client.(Optional)  Configuring tomcat's server.xml Generating a private key using openSSL openssl genrsa -out privkey.pem 2048 This generates an RSA private key of 2048 bits. With OpenSSL, the private key contains the public key information as well, so a public key doesn't need to be generated separately. Generating a self-signed certificate using openSSL openssl req -new -x509 -key privkey.pem -out cacert.pem -days 1095 Generates a self-signed certificate that has public key in it valid for 1095 days. 1. Generate a self