IntroductionI know there has been written a lot already about SSL configuration on Tomcat and Apache, but for my own registration I store some links I used to setup SSL.
It also contains some handy commands I used to generate certificates.
LinksClient Certificate Authentication with Apache
Apache webserver and SSL configuration
Nice overview of SSL and OpenSSL
OpenSSL and PKCS#12 FQA
Description of Java keytool
Most common keytool commands
Configuration of Hermes2 (ebXML framework) with SSL
Configuration of SSL in Tomcat
In cryptography, X.509 is an ITU-T standard for a public key infrastructure (PKI) for single sign-on (SSO) and Privilege Management Infrastructure (PMI). X.509 specifies, amongst other things, standard formats for public key certificates, certificate revocation lists, attribute certificates, and a certification path validation algorithm.
PKCS#12 is a standard for storing private keys and certificates securely. It defines a file format commonly used to store X.509 private keys with accompanying public key certificates, protected with a password-based symmetric key, and is the successor to PFX from Microsoft. PFX has received heavy criticism of being one of the most complex cryptographic protocols, but nevertheless remains the only standard way today to store private keys and certificates in a single encrypted file.
Note: There are other PKCS standards described here.
OpenSSL is an open source implementation of the SSL and TLS protocols. The core library (written in the C programming language) implements the basic cryptographic functions and provides various utility functions.
In cryptography, RSA (which stands for Rivest, Shamir and Adleman who first publicly described it) is an algorithm for public-key cryptography. It is the first algorithm known to be suitable for signing as well as encryption, and was one of the first great advances in public key cryptography. RSA is widely used in electronic commerce protocols, and is believed to be secure given sufficiently long keys and the use of up-to-date implementations.