Customers
User information
 Loading ...
Show article in Knowledge Base

 How to enable SSL Encryption ‑ with a purchased certificate Export knowledge base Export     SubscribeSubscribe      Show article info

How to enable SSL Encryption - With a purchased certificate

"In order to implement SSL, a web server must have an associated Certificate for each external interface
(IP address) that accepts secure connections. The theory behind this design is that a server should provide
some kind of reasonable assurance that its owner is who you think it is, particularly before receiving any
sensitive information.

While a broader explanation of Certificates is beyond the scope of this document, think of a Certificate as a
"digital driver's license" for an Internet address. It states what company the site is associated with, along with
some basic contact information about the site owner or administrator. This "driver's license" is cryptographically
signed by its owner, and is therefore extremely difficult for anyone else to forge.

For sites involved in e-commerce, or any other business transaction in which authentication of identity is
important, a Certificate is typically purchased from a well-known Certificate Authority (CA) such as VeriSign or
Thawte. Such certificates can be electronically verified -- in effect, the Certificate Authority will vouch for the
authenticity of the certificates that it grants, so you can believe that that Certificate is valid if you trust the
Certificate Authority that granted it.In many cases, however, authentication is not really a concern."
, From
Apache's web site here: http://tomcat.apache.org/tomcat-6.0-doc/ssl-howto.html


To enable SSL Encryption in the installed version of VisionFlow  with a PURCHASED certificate you'll need to follow these general steps

  1. Purchase the SSL certificate from one of the vendors that we have tested VisionFlow with such as GoDaddy, Thawte, Digicert or Verisign.
  2. Create Server certificate and keystore
  3. Validate the keystore (just to make sure everything looks ok)
  4. Generate the CSR
  5. Submit the CSR to the SSL certificate vendor such as Thawte
  6. Await approval
  7. Download the certificate from the vendor
  8. Install your certificate in your keystore
  9. Install your certificate/keystore in tomcat
More information from the certificate vendors:

Generate CSR and buy certificate:

Install certificate:

About tomcat:

About the keystore and keytools:


User comments
 Loading ...