IIS Server Security - HTTPS design question

This is Interesting: Free IT Magazines  
Home > Archive > IIS Server Security > July 2005 > HTTPS design question





You are viewing an archived Text-only version of the thread. To view this thread in it's original format and/or if you want to reply to this thread please [click here]

Author HTTPS design question
John @ X

2005-07-27, 7:51 am

Hi there,
We have a tomcat servlet container which runs in the context of HTTPS. We
have created a self signed certificate using keytool and this is stored in
the tomcat environment (this certificate has the expiration date as well). We
are having a client which basically is an applet which connects to the server
and gets authenticated. The client certificates are stored in the client
machine. In one scanerio the client and server have an expired certificates.
In that case we need to renew these certificates somehow. Is there any way to
automate the renewal of certificates using someother mechanism than putting
in tomcat. My question is: Is it possible to do these things in IIS
environment? I dont want to get a CA to issue a certificate. I want to have
self signed certificate and authenticate the user to access the servlet
container. Please help me in this regards
Thanks
John
Miha Pihler [MVP]

2005-07-27, 5:54 pm

Hi,

Does client use certificate for authentication?

There is a tool called SelfSSL that you can download from Microsoft that
will issue certificate for SSL but not for user authentication.

--
Mike
Microsoft MVP - Windows Security

"John @ X" <JohnX@discussions.microsoft.com> wrote in message
news:BCC20EF3-DA6E-4C25-AF35-DD398D4A8F39@microsoft.com...
> Hi there,
> We have a tomcat servlet container which runs in the context of HTTPS. We
> have created a self signed certificate using keytool and this is stored in
> the tomcat environment (this certificate has the expiration date as well).
> We
> are having a client which basically is an applet which connects to the
> server
> and gets authenticated. The client certificates are stored in the client
> machine. In one scanerio the client and server have an expired
> certificates.
> In that case we need to renew these certificates somehow. Is there any way
> to
> automate the renewal of certificates using someother mechanism than
> putting
> in tomcat. My question is: Is it possible to do these things in IIS
> environment? I dont want to get a CA to issue a certificate. I want to
> have
> self signed certificate and authenticate the user to access the servlet
> container. Please help me in this regards
> Thanks
> John


Sponsored Links






Free braindumps | Software forum | Database administration forum

Copyright 2003 - 2008 webservertalk.com