SEC-647: Delete unused certificated directory and outdated certificates.

This commit is contained in:
Luke Taylor 2008-01-26 11:28:36 +00:00
parent 0f32b3fc40
commit 483068d486
4 changed files with 0 additions and 38 deletions

View File

@ -1,38 +0,0 @@
This directory contains some example certificates for the X.509 version of the contacts
application. They have all been generated using openssl with a demo certificate authority.
The password for all the files is "password"
- user.p12 is a pkcs12 file containing the client certificate and private key for
a user, and should be imported into your browser.
- server.p12 is a pkcs12 file containing a server certificate and private key.
- ca.jks is a java keystore file[1] containing the CA public certificate. This is used as
the trust store for the server to indicate which client certificates are valid.
The app has been tested in JBoss 3.2.7 (Tomcat 5.0) using the following configuration for
the connector:
<!-- SSL/TLS Connector configuration -->
<Connector port="8443" address="${jboss.bind.address}"
maxThreads="100" minSpareThreads="2" maxSpareThreads="10"
scheme="https" secure="true"
sslProtocol = "TLS"
clientAuth="want" keystoreFile="${jboss.server.home.dir}/conf/server.p12"
keystoreType="PKCS12" keystorePass="password"
truststoreFile="${jboss.server.home.dir}/conf/ca.jks"
truststoreType="JKS" truststorePass="password"
/>
To try out the application, first get the server running with client authentication enabled.
[1] This was originally also a pkcs12 file. However I couldn't get tomcat to work with
it unless it contained the CA's private key as well as the certificate, which is obviously
not feasible. If anyone works out how to get Tomcat to work with a pkcs12 file containing
a single certificate, then please let me know.
$Id$

Binary file not shown.