Geronimo
- Create key in Geronimo (setup certificate)
- CN needs to be the server name (e.g www.wordpress.com)
- Create new Keystore (e.g wordpress)
- In keystore create private key, again CN needs to be server name
- Add Trust Certificate (copy paste it from the one you created before)
- In Web Server edit the HTTPS listener and change the keystore file to the on you create before (e.g wordpress)
- Optional: change address to fixed ip of server
Get certificate
In firefox got to https address -> Add exception -> Get Certificate -> View ->
Details -> Export: export certificate (PEM will do) (e.g. www.wordpress.com)
Shell
keytool -import -trustcacerts -storepass secretphrase -alias “Apache Geronimo Dev” -file www.wordpress.com.cer
The keystore is created in default location ${home}/.keystore
Java
System.setProperty("javax.net.ssl.trustStore", "/home/user/.keystore");
System.setProperty("javax.net.ssl.trustStorePassword","secretphrase");
System.setProperty("java.protocol.handler.pkgs", "com.sun.net.ssl.internal.www.protocol");
Security.addProvider(new com.sun.net.ssl.internal.ssl.Provider());
PS Of course it shouldn’t be a static url (/home/user/.keystore), but this is for simplicities sake
