Sep 13th, 2010, 11:14 AM
Step-by-step instructions for how to deploy a secure Tomcat application
I've already deploy my WAR file to tcServer and got it working. But now I need to make it secure. I'm a novice at SSL and security certificates. So I've been trying to learn as much as I can and to stitch bits and pieces of information together on how to make my application secure. But there is no set of instructions anywhere on how to do this. CloudFoundry requires a certificate with crt extension and private key with a key extension. The certificates that Amazon creates all have pem extension and don't work here. On the other hand CloudFoundry seems to indicate that the certificates generated in Amazon or by CloudFoundry for the four region (us-west, us-east, ...) are the ones to use for deploying secure application. But these certificates have a pem extension and there aren't easy instructions for how to convert them to crt/key.
I even registered with GoDaddy and created a certificate for my website name. Had to use a tool posted by someone online to export a key file out of the GoDaddy certificate. I got my application deployed successfully. But then when I tried to convert my application URL to https, it gave me a failure message. CloudFoundry by default goes to http even for a secure application. Furthermore, it occured to me that since my certificate is for *.website.com, how does Amazon know about the name of my website? It only sees the web traffic routed to it by the DNS server.
Can someone please provide step-by-step instructions on how to deploy a secure application using CloudFoundry say using GoDaddy or even the certificate generated by Amazon?
Your assistance is much appreciated.
Tags for this Thread