I recently had the pleasure of trying to secure Apache Tomcat7 using a CA signed SSL cert.
This proved harder than I would have thought…anyway, here is the steps I used to get it all to work…

1: Create KeyStore and (embedded) Private key
keytool -genkey -alias example.com -keyalg RSA -keysize 2048 -keystore /etc/pki/keystore

TIP: When it asks for your full name, enter the FQDN of your server (e.g. example.com)

2: Generate Cert Signing Request
keytool -certreq -keyalg RSA -alias example.com -file example-com.csr -keystore /etc/pki/keystore

3: Submit CSR to Signing Authority Service

4: Download both the server cert & the cert chain file

5: Open the cert chain file and export the root & intermediate certificates to Base-64 encoded X.509 (.cer) files

6: Rename all the *.cer files (there should be 3) to .crt

7: Install Root Cert into the KeyStore
keytool -import -alias root -keystore /etc/pki/keystore -trustcacerts -file example-com-root.crt

8: Install Intermediate Cert into KeyStore
keytool -import -alias intermed -keystore /etc/pki/keystore -trustcacerts -file example-com-intermed.crt

9: Install Server Cert into KeyStore (generated from CSR)
keytool -import -alias example.com -keystore /etc/pki/keystore -trustcacerts -file example-com.crt

10: Modify the server.xml file for Tomcat

<Connector port=”8443″ protocol=”HTTP/1.1″
                keystorePass=”changeit” />

11: Restart the Tomcat service
service tomcat7 restart

The "toolbox" testing approach

Update: My abstract was accepted for inclusion in the 2015 Pacific North-West Software Quality Conference! I’ve updated the abstract below to the final version. Now to write the paper and presentation…


Since attending the Pacific Northwest Software Quality Conference (PNSQC) last year, I’ve been toying with the idea of writing a paper myself.

The following is a draft abstract of a paper I’m intending to submit, on how to use automated keyword-driven test frameworks (like Robot Framework) to test complex tech stacks.

I’d be interested in any comments or feedback on it!

In an ever changing and increasing world of agile software development, automated testing approaches have struggled to keep up with the amount of software that can be developed. This has been exacerbated with the recent trend of using multiple development technologies, to form a complex stack on which software products are created.

The usual approach to this problem from an automated test tooling perspective, is to make use of multiple, separate test tools/harnesses. These tools can only provide test automation for some of the complex development stack. This can be an expensive, heavy-weight and inflexible solution, that struggles to provide testers the agility they need to implement robust, automated tests. Large COTS (Commercial Off The Shelf) software is normally rigid in its ability to be customised, or adapted to test different technologies it was not originally intended for.

This paper sets out a solution to the problem, with the use of a ‘toolbox’ test approach, leveraging the power of Robot Framework. The approach provides flexibility by allowing testers to utilise multiple automated testing techniques and technologies, using one easy to use, but powerful automation framework. The key and the purpose of this paper, is to help you understand how to fit all the “tools” together, to form your ready-for-anything “toolbox”.

The “toolbox” does not replace your existing tools, instead it helps you to utilise them more effectively. All the information, links and implementation examples are provided, so that you can have the flexibility to reach into your “toolbox” for whatever mix of technology comes your way to test.

I recently created a small AppleScript to easily create tasks in 2Do (Task Manager) from my notes in Evernote.

It uses a the custom URL for 2Do to add new tasks, and uses AppleScript to select the notes in Evernote.  I wrapped it all up in an OS X Service, so that it can easily be run using a shortcut key. So all you have to do is, select your note in Evernote, press your shortcut key, and watch as a new task appears in 2Do. Lovely!

The code and OS X Service are hosted on Bitbucket.

I sent a tweet to the developers of 2Do (@2DoApp) telling them about my script and got the following response:

I’m really pleased that other 2Do users will be able to find my script. I’ll update this post when 2Do add it to their Tips & Ticks page…

If you find it useful, please let me know in the comments.

Update (05/02/2014):
Just to make things even easier, I’ve created a litle DMG installer… It can be downloaded here: http://bit.ly/1bvF

A useful Perl sub-program I use in a lot of scripts, is this great little spinner. It can be used to show that there is activity happening on a command-line.

It can be called like this:

And look something like this: