4.2.5.1. Creating a Key

In order to connect client and servlet container via HTTPS you have to generate a key for the servlet container. This key is sent from servlet container to client with each query of the client to the server. The client decides whether the sender of the key is trustworthy with every single request.

Creation of the key

The tool for creating the key is supplied with the JDK. You create the key with the following entries:

  1. Enter the following command:

<java-home>/bin/keytool -genkey -alias tomcat
-keystore /example/coremedia/.keystore -keyalg rsa
  • In this way you call the program keytool in the directory <java-home>/bin. You initiate creation of the key (-genkey) with the alias name (-alias tomcat ). A key is created according to the RSA algorithm. The key is saved in the keystore file /example/coremedia/.keystore (here you can enter your own path/name). If you already have a key store file, you must enter the location of this file.

  1. At the next input request, enter a password. If you want to save the key in an already existing key store, you must enter the password of this file.

  2. At the next input request, enter the name of the server (the entry given below is an example).

  • What are your first and last name?

  • [Unknown]: webserver.coremedia.com

  1. Confirm the following input requests with <Return>, until you are asked to confirm the correctness of the previous entries.

  2. Enter "y" and <Return> to confirm the previous entries. You can cancel by entering <Return>.

  • After a short pause, you are asked for the "key password for < Tomcat>".

  1. Enter the password you have defined in step 2 for your newly created key with the alias "tomcat".

Now, you have finished key creation.