Menu
▾
▴
RE: [FWD: RE: [ebxmlms-general] Configuring SSL and Hermes - step by step Guide]
|
From: Ladislav U. <lad...@we...> - 2006-05-19 02:33:34
|
Could you please write detail error message from logs? On Mon, 2006-05-15 at 16:54 -0400, Tanveer, Ashique (NIH/OD) [C] wrote: > Ladislav, > > > > Will you be able to send me your complete msh_properties.xml file and > also tell me if using the NullHostVerifier is enough to turn off host > verification. > > I keep getting the error: Hostname should be <120.123.134.111> > > > > Any help will be hugely appreciated. > > Thanks so much in advance > > > > |----------------------------------------------------------------------------------- > > | Ashique Tanveer > > | Booz | Allen | Hamilton > > | > > | Contractor, eRA Project, National Institute Of Health > > | Off: 301-451-1772 | Fax: 925-889-3635 > > | Email: tan...@od..., tan...@ba... > > |----------------------------------------------------------------------------------- > > > > ______________________________________________________________________ > From: David RR Webber (XML) [mailto:da...@dr...] > Sent: Monday, May 15, 2006 8:41 AM > To: Tanveer, Ashique (NIH/OD) [C] > Subject: [FWD: RE: [ebxmlms-general] Configuring SSL and Hermes - step > by step Guide] > > > > > > > > > -------- Original Message -------- > Subject: RE: [ebxmlms-general] Configuring SSL and Hermes - > step by > step Guide > From: Ladislav Urban <lad...@we...> > Date: Mon, May 08, 2006 3:25 pm > To: ebx...@li... > > Hello Ashique, > we use SSL configuration for hermes. You can set it up the > same way as > for tomcat. > Are you going to use selfsigned certs? > > 1st Step > create generate keys in keystores of both tomcats. The kystore > is > usually in root directory of the tomcat and its name > is .keystore > > example: > keytool -genkey -keyalg "RSA" -dname "cn=company1, ou=company, > o=company1, c=US" -keystore ./.keystore -alias tomcat -keypass > password222 -storepass password222 > > > 2nd Step: > > Configuration of msh.properties.xml > <SSL> > > <HostnameVerifier>com.webswell.hermes.NullHostVerifier</HostnameVerifier> > <TrustedAnchor> > <!-- Trust keystore for SSL Server Authentication --> > <KeyStore> > <Path>/usr/local/Webswell/jakarta-tomcat</Path> > <File>.keystore</File> > <Password>password222</Password> > </KeyStore> > </TrustedAnchor> > <ClientAuth> > <URL></URL> > <KeyStore> > <Path></Path> > <File></File> > <Alias></Alias> > <Password></Password> > </KeyStore> > </ClientAuth> > </SSL> > > > As you can see we do have null host verifier. It switch off > verification > of host name in http request against host name in credentials. > I can > send you the java code. > > 3rd Step > > Export public part of the generated keys from both keystores. > This will > create the selfsigned certificate files. > keytool -export -alias tomcat -keystore ./.keystore > -storepass > password222 -file ./company1.cer > > > and import the certificates to the opposite keystore. > > Ladislav > > On Mon, 2006-05-08 at 12:53 -0400, Tanveer, Ashique (NIH/OD) > [C] wrote: > > > > > > I guess I am looking for something like a “SSL > configuration with > > Hermes for dummiesâ€. Assuming I have two Hermes server > running on > > Tomcat server, what are the steps (generate the certificate, > keystore > > etc,?) to have both Hermes communicate via SSL. I assume > some > > configuration needed on the tomcat as well as hermes > properties files? > > Any tips would help. > > > > > > > > Thanks > > > > -- Ashique > > > > > > > > > |----------------------------------------------------------------------------------- > > > > | Ashique Tanveer > > > > | Booz | Allen | Hamilton > > > > | > > > > | Contractor, eRA Project, National Institute Of Health > > > > | Off: 301-451-1772 | Fax: 925-889-3635 > > > > | Email: tan...@od..., tan...@ba... > > > > > |----------------------------------------------------------------------------------- > > > > > > > > > ______________________________________________________________________ > > From: David RR Webber (XML) [mailto:da...@dr...] > > Sent: Monday, May 08, 2006 12:33 PM > > To: ebx...@li... > > Subject: [ebxmlms-general] Configuring SSL and Hermes - step > by step > > Guide > > > > > > > > > > Team, > > > > > > > > > > > > Does anyone have any notes they can share on setting up > Hermes <-> > > Hermes using SSL? > > > > > > > > > > > > The Hermes docs are not forthcoming on this - so would be > helpful to > > have something available. > > > > > > > > > > > > More to the point - if you succeeded in getting this working > - can you > > share the steps you > > > > > > had to go thru?! > > > > > > > > > > > > Thanks, DW > > > > > > ------------------------------------------------------- > Using Tomcat > > but need to do more? Need to support web services, security? > Get stuff > > done quickly with pre-integrated technology to make your job > easier > > Download IBM WebSphere Application Server v.1.0.1 based on > Apache > > Geronimo > > > http://sel.as-us.falkag.net/sel?cmd=lnk&kid=120709&bid=263057&dat=121642 _______________________________________________ ebxmlms-general mailing list ebx...@li... https://lists.sourceforge.net/lists/listinfo/ebxmlms-general > > > > > -- > Ladislav Urban > CEO > Webswell Inc. > 1333 Howe Avenue, Suite 100 > Sacramento, 95825 CA > email: lad...@we... > phone: +1 (916) 290-2040 > fax: +1 (916) 921-2850 > http://www.webswell.com > > > > ------------------------------------------------------- > Using Tomcat but need to do more? Need to support web > services, security? > Get stuff done quickly with pre-integrated technology to make > your job easier > Download IBM WebSphere Application Server v.1.0.1 based on > Apache Geronimo > http://sel.as-us.falkag.net/sel?cmd=lnk&kid=120709&bid=263057&dat=121642 > _______________________________________________ > ebxmlms-general mailing list > ebx...@li... > https://lists.sourceforge.net/lists/listinfo/ebxmlms-general > -- Ladislav Urban CEO Webswell Inc. 1333 Howe Avenue, Suite 100 Sacramento, 95825 CA email: lad...@we... phone: +1 (916) 290-2040 fax: +1 (916) 921-2850 http://www.webswell.com |
