Setting up tomcat for openjms tunnel

1. Create Tomcat keystore and key


keytool -genkey -dname "cn=example.com" -alias tomcat -keyalg RSA
-keystore $TOMCAT_HOME/keystore -keypass changeit -storepass
changeit

2. Export the public certificate


keytool -export -alias tomcat -keystore $TOMCAT_HOME/keystore -storepass
changeit -rfc -file tomcat.pub

3. Create client keystore and Trust (import) the Tomcat public key


keytool -import -alias tomcat -keystore openjms.keystore -storepass
changeit -file tomcat.pub -noprompt

*. Repeat last step for client.keystore.

4. Don’t forget to configure tomcat:



maxThreads="150" scheme="https" secure="true"
clientAuth="false" sslProtocol="TLS"
keystoreFile="/usr/local/apache-tomcat-6.0.20/keystore"
truststoreFile="/usr/local/apache-tomcat-6.0.20/keystore"
keystorePass="changeit"
truststorePass="changeit" />

5. And make sure you drop openjms-tunnel.war in the webapps directory