D*****n
发帖数: 363 | 1 I'm trying to secure a web service with SSL certificates. Is there
any easy way to generate the certificates for the web servers? Don't
want to buy them since I'm still at testing stage.
I used selfssl bundled in IIS resource kit. It generates the certs
but doesn't tell me where they are stored. I need the physical files
to secure the web service. |
k****i
发帖数: 1072 | 2 You can export it to .pfx file and import it to another site
【在 D*****n 的大作中提到】
: I'm trying to secure a web service with SSL certificates. Is there
: any easy way to generate the certificates for the web servers? Don't
: want to buy them since I'm still at testing stage.
: I used selfssl bundled in IIS resource kit. It generates the certs
: but doesn't tell me where they are stored. I need the physical files
: to secure the web service.
|
y********o
发帖数: 2565 | 3 Free CA:
http://www.cacert.org/
OpenSSL should have a tool for you to create a self-signed certificate as we
ll. Never tried, though.
I tried JDK's keytool and created a self-signed cert for Tomcat.
【在 D*****n 的大作中提到】
: I'm trying to secure a web service with SSL certificates. Is there
: any easy way to generate the certificates for the web servers? Don't
: want to buy them since I'm still at testing stage.
: I used selfssl bundled in IIS resource kit. It generates the certs
: but doesn't tell me where they are stored. I need the physical files
: to secure the web service.
|
y********o
发帖数: 2565 | 4 IIS 可以直接用PKCS #12 keystore 吗?
我用tomcat的时候,得将PFX 文件import到JKS keystore才行。JDK的keytool还不支持
PKCS #12文件。
【在 k****i 的大作中提到】
: You can export it to .pfx file and import it to another site
|
D*****n
发帖数: 363 | 5 I can export with the command certmgr.msc now but selfssl generated
certs don't get seem to count as trusted certs on other machines.
【在 k****i 的大作中提到】
: You can export it to .pfx file and import it to another site
|
k****i
发帖数: 1072 | 6 Of course 'YOU' are not trusted publisher. For development testing purpose,
you can install the cert on the client machine.
【在 D*****n 的大作中提到】
: I can export with the command certmgr.msc now but selfssl generated
: certs don't get seem to count as trusted certs on other machines.
|
y********o
发帖数: 2565 | 7 What do you want? You'll be in the trusted root CA keystore by default in
all browsers only if you are VeriSign, Thawte or something like these.
【在 D*****n 的大作中提到】
: I can export with the command certmgr.msc now but selfssl generated
: certs don't get seem to count as trusted certs on other machines.
|
D*****n
发帖数: 363 | 8 I figured it out, just followed what WSE 3.0 document suggests.
【在 y********o 的大作中提到】
: What do you want? You'll be in the trusted root CA keystore by default in
: all browsers only if you are VeriSign, Thawte or something like these.
|
