Details

      Description

      Josh,

      I have couple of suggestions regarding generation of self signed certificate.
      One can use following option combination to generate cert. in one go.
      keytool -genkey -alias ejb-ssl -keystore localhost.keystore -storepass EJB-SSL_KEYPAIR_PASSWORD -keypass EJB-SSL_KEYPAIR_PASSWORD-dname "CN=localhost,OU=QE,O=redhat.com,L=Brno,C=CZ"

      Especially important is part -dname where CN must contain name of server which will use the certificate in its https connector.
      My example is for localhost usage. Certificate has to have CN=server_name from this example scheme https://server_name:8443/invoker/JNDIFactory. If not, user will get "javax.net.ssl.SSLHandshakeException: java.security.cert.CertificateException: No name matching" exception.

      Can you incorporate this to the section 16.2.1.1, please?

        Gliffy Diagrams

          Attachments

            Issue Links

              Activity

                People

                • Assignee:
                  jwulf Joshua Wulf
                  Reporter:
                  pskopek Peter Škopek
                • Votes:
                  0 Vote for this issue
                  Watchers:
                  0 Start watching this issue

                  Dates

                  • Created:
                    Updated:
                    Resolved: