I have a problem that I'm unfortunately finding little documentation to
help. I'm writing a servlet and embedding it in a larger Java program by
using the
org.apache.catalina.startup.Embedded class. Things have been
working fine up until now. I'm currently trying to add SSL support so that
the servlet can operate securely. The only information that I can find
about configuring Tomcat to do this is in the config files. This won't work
for me - I need to do it programmatically like I'm doing everything else.
From what I can understand, I need to create a connector for port 443, and
then attach a special socket factory that deals in SSL to this connector. I
thought I've done this, as well as configuring this socket factory to read
the keystore where I have the necessary certificates.
What I see when I run this code is I can connect to port 80 correctly (as
was working before), and I can even connect to 443 if I specify http and
this works (not sure why). If I try https with 443 then my browser just
hangs and I can't seem to see anything going on at the server side.
I've created my keystore properly. I acted as my own CA and dummied it all
up - even installed the root certificate into Windows so that the browser
could find it correctly. For some reason, I don't even think that the
keystore file is being accessed.
Any ideas on what I need to do? I'm attaching the important parts of the
code that worked before and what I did to change it.
Thanks for any help,
Sander Smith
// standard stuff to embed Tomcat
Engine engine = null;
// Set the home directory
System.setProperty("catalina.home",
getPath().externalForm());
// Create an embedded server
embedded = new Embedded();
// print all log statements to standard error
embedded.setDebug(0);
// Create an engine
engine = embedded.createEngine();
engine.setDefaultHost("localhost");
// Create a default virtual host
host = embedded.createHost("localhost",
"webapps");
engine.addChild(host);
Context context = embedded.createContext("/xxx",
"xxx.war");
context.addParameter(INSTALL_DIR,
getPath().externalForm());
host.addChild(context);
// Install the assembled container hierarchy
embedded.addEngine(engine);
/***************************************************************
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
^^^^^^^^^^^^^^^^^^^^^ Start SSL Code ^^^^^^^^^^^^^^^^^^^^^^^^
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
***************************************************************/
SSLServerSocketFactoryssf = new SSLServerSocketFactory();
ssf.setKeystoreFile("c:\\KS.Keystore");
ssf.setKeystorePass("KSPASSWORD");
// Assemble and install a default HTTP connector
Connector connector = embedded.createConnector(null,
80,
false);
embedded.addConnector(connector);
connector = embedded.createConnector(null,
443,
true);
connector.setFactory(ssf);
embedded.addConnector(connector);
/***************************************************************
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
^^^^^^^^^^^^^^^^^^^^^ END SSL Code ^^^^^^^^^^^^^^^^^^^^^^^^
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
***************************************************************/
---------------------------------------------------------------------
To unsubscribe, e-mail: tomcat-user-unsubscribe@(protected)
For additional commands, e-mail: tomcat-user-help@(protected)
