Tomcat, Java and https

So I recently acquired a free https certificate from StartSSL. All well and good, this was fairly easy. Now, I have 4 files at my disposal:

ca.pem pk.mydomain.com ssl.crt sub.class1.server.ca.pem

At that stage I'm fine. I'm about to configure https and will go on with my life. As it turned out, things aren't exactly going to turn out that way.

Tomcat needs a keystore. None of those files will make the trick of course, but none of the stupid attempts I was about to try made it any more. It's not about just throwing the three certs in a keystore. Oh no, it's a bit more than that.

As usual, Stackoverflow bootstrapped me in the right direction.

openssl rsa -in pk.mydomain.com -out out/ssl.key cat sub.class1.server.ca.pem ca.pem > out/intcacerts.pem openssl pkcs12 -export -in ssl.crt -inkey out/ssl.key -certfile out/intcacerts.pem -name "mydomain" -out out/keyandcerts.p12

And that's it. Now, in the server.xml you would find the following:

... keystoreFile="/path/to/my/keystore/file/keyandcerts.p12" keystoreType="PKCS12" ...

And that's all. If you have several domain names running on your Tomcat instance, you need a certificate that will accommodate them all, because to this day, Tomcat cannot use a different certificate for different hosts.

Tags : https, java, ssl, tomcat

Add a comment

Posted by pieroxy on April 16, 2013 12:37:00 PM PDT #

Ruzzle - neat cheat

Ruzzle is a game on iPhone and Android involving small puzzles (4x4 grid of letters) and the ability of the player to find words in the grid. Of course, as soon as I saw this, I wrote a small program to cheat at it.

Here is the cheat program.

Of course I don't recommend to actually cheat at Ruzzle. But it can help you train.

Tags : cheat, news, ruzzle, solver

Add a comment

Posted by pieroxy on April 8, 2013 2:56:00 PM PDT #

HTML5 - Also offline

Apps aren't the only things you can run whenever you are offline. Websites can too be run offline, but only if they were meant to.This nice little page, while not being exhaustive by any measure, shows you how to make that work: http://www.html5rocks.com/en/mobile/workingoffthegrid/

Tags : html, offline, web

Add a comment

Posted by pieroxy on April 4, 2013 4:08:00 AM PDT #

<< March 2013 | Home | May 2013 >>

All that is in there is just stuff I made up for the most part. However, the chances that some truth found its way in it are non negligible so this possibility should not be discarded. After all, I usually link to my sources. That said, those sources are most likely probably completely made up as well. You want to make sure it's going to work? Try it out for yourself. Ah, as well, those parts that are not blatantly stolen to others are © Pieroxy. Obviously. And last, but not least, thanks to David Vignoni for his icon set nuvola, to Manfred Klein for his font Stampede and to George Herriman for the work of his life, Krazy Kat.