cosign-discuss at umich.edu
general discussion of cosign development and deployment
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Java Cosign Filter
- To: Cosign Discussion <cosign-discuss@xxxxxxxxx>
- Subject: Java Cosign Filter
- From: John Mitchell <jfm@xxxxxxxxxxx>
- Date: Fri, 02 Jul 2004 16:09:36 +0100
- User-agent: Mozilla/5.0 (X11; U; SunOS sun4u; en-US; rv:1.4) Gecko/20040414
I'm reading the following in the Java filter README.
To install jCoSign into an existing web application, perform the following.
- Create an SSL KeyStore:
1. Create a keystore using your JDK or JRE's "keytool" utility.
A description of how to use keytool can be found at
2. Place your keystore somewhere that your application server has
It is not clear what the keystore is meant to contain - is it just a
public / private key pair for the web application - or is it a self
signed certificate for the web application...in which case if there is a
"real" certificate available - should this be imported into the above
keystore? And what about aliases for the keys / certificates - are there
any specific aliases that are expected by the filter?