Misc
tunein
sky.fm
browser import cert
ssl in archlinux
ssl in tomcat
Openssl
1
2
3
4
5
6
| openssl test https
openssl s_client -showcerts -connect 10.13.139.102:443 -state -debug
openssl s_client -connect 10.13.139.102:465
OpenSSL Command-Line HOWTO
http://www.madboa.com/geek/openssl/(中文版http://www.linuxfly.org/post/185/1/4/)
|
Tomcat
1
2
3
4
5
| keytool -genkey -alias developerstation -keyalg RSA -keystore developerstation.keystore -keysize 2048
<Connector port="8443" protocol="HTTP/1.1" SSLEnabled="true"
maxThreads="150" scheme="https" secure="true"
clientAuth="false" sslProtocol="TLS" keystoreFile="C:\Software\Tomcat\conf\developerstation.keystore" keystorePass="password"/>
|
tomcat7中配置ssl的详细步骤(双向认证)
tomcat7中配置ssl的详细步骤(单向认证)
IHS
例子
1
2
3
4
5
6
7
8
9
| Listen 10.13.139.102:443
<VirtualHost 10.13.139.102:443>
SSLEnable
SSLClientAuth none
Keyfile C:\temp\ssl\key.kdb
SSLV2Timeout 100
SSLV3Timeout 1000
</VirtualHost>
SSLDisable
|
Reference:
Guide to properly setting up SSL within the IBM HTTP Server
在IHS上配置SSL
Configuring the IBM HTTP Server for SSL
SSL Directives
Debugging SSL communications
IKEYMAN生成证书
例子
1
2
3
4
5
6
| "C:\Program Files\IBM\gsk5\bin\gsk5cmd.exe" -keydb -create -db xx.kdb -pw password -type cms -expire 60 -stash
"C:\Program Files\IBM\gsk5\bin\gsk5cmd.exe" -cert -create -db xx.kdb -pw password -size 1024 -dn "CN=weblinux.raleigh.ibm.com,O=IBM,OU=IBM HTTP Server,L=RTP,ST=NC,C=US" -label mylabel -default_cert yes
"C:\Program Files\IBM\gsk5\bin\gsk5cmd.exe" -cert -list -db xx.kdb -pw password
"C:\Program Files\IBM\gsk5\bin\gsk5cmd.exe" -cert -details -db xx.kdb -pw password -label mylabel
"C:\Program Files\IBM\gsk5\bin\gsk5cmd.exe" -cert -extract -db xx.kdb -pw password -label mylabel -format ascii -target forest-certficate
"C:\Program Files\IBM\gsk5\bin\gsk5cmd.exe" -cert -export -db xx.kdb -pw password -label mylabel -target forest.p12 -target_pw password -target_type pkcs12 -encryption strong
|
Using iKeyman to create a key database file
Using the Key Management Utility
httpservers doc
ikeycmd参考