Java Mailing List Archive

http://www.junlu.com/

Home » Home (12/2007) » Apache Tomcat »

Re: Tomcat 5.5 and SSL

Roger Roger

2007-07-19

Replies:

Hi Peter,

I've done this and got it working. What I did was the following (on
Windows, Tomcat 5.5, Java 1.5):

1) Goto $JAVA_HOME\bin
2) keytool -genkey -alias tomcat -keyalg RSA -keystore
c:\websites\keystore\.keystore
3) edit server.xml
3a) uncomment <Connector port="8443" ...... />
3b) add the following to this connector:
keystoreFile="C:\websites\keystore\.keystore", resulting in something
like this:

<Connector port="8443" keystoreFile="C:\websites\keystore\.keystore"
 maxThreads="150" minSpareThreads="25" maxSpareThreads="75"
 enableLookups="false" disableUploadTimeout="true"
 acceptCount="100" scheme="https" secure="true"
 clientAuth="false" sslProtocol="TLS" />

4) restart tomcat
5) test: https://localhost:8443/

Good luck!

Roger


Peter Stavrinides schreef:
> Knock knock... anybody?
>
> Peter Stavrinides wrote:
>> Hi All
>>
>> This may be a trivial issue for most, but I am quite new to tomcat.
>>
>> I am trying to configure SSL, These are the steps I took:
>>
>> - I have created a key/value pair using the keytool in suns jdk no
>> problem there
>> - I have configured the http connector in tomcats server.xml like this:
>> <Connector port="8443" minProcessors="5" maxProcessors="75"
>>      enableLookups="true" disableUploadTimeout="true"
>>      acceptCount="100" debug="0" scheme="https" secure="true"
>>      clientAuth="false" sslProtocol="TLS"
>> keystoreFile="/opt/irm-server/conf/.tomcat5key"            
>> keystorePass="my secret password" />
>>
>> - I added the following to my web.xml:
>>  <user-data-constraint>
>>       <transport-guarantee>
>>        CONFIDENTIAL
>>      </transport-guarantee>
>>   </user-data-constraint>
>>
>> After restarting tomcat the port changes correctly, so it appears to
>> be working but the page wont come up in the browser.
>> Firefox Error Message:
>> Unable to connect
>> Firefox can't establish a connection to the server at
>> mydomain.myserver:8443.
>>
>> what am I missing?
>>
>> thanks in advance,
>> Peter
>>
>> ---------------------------------------------------------------------
>> To start a new topic, e-mail: users@(protected)
>> To unsubscribe, e-mail: users-unsubscribe@(protected)
>> For additional commands, e-mail: users-help@(protected)
>>
>


---------------------------------------------------------------------
To start a new topic, e-mail: users@(protected)
To unsubscribe, e-mail: users-unsubscribe@(protected)
For additional commands, e-mail: users-help@(protected)

©2008 junlu.com - Jax Systems, LLC, U.S.A.