If you really did follow the links, then the easiest is to continue to use
OpenSSL. Assuming that you have already set up an OpenSSL CA, then just
sign the CRS as normal, and send the resulting cert file back to the client.
They will need to import it into their keystore file (which should be n
For one of our projects, we have created our own CA for Tomcat using the
methods laid out here;
http://users.skynet.be/pascalbotte/art/ca.htm
http://marc.info/?l=tomcat-user&m=106293430225790&w=2
Now, Tomcat is up and running and serving the site over HTTPS using our
certificates and browsers