geronimo-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Donald Woods <dwo...@apache.org>
Subject Re: Set Keystore Password From GShell?
Date Tue, 18 Nov 2008 16:09:43 GMT
If you are using the Tomcat assembly (I'm looking at 2.1.x), then there 
is a complete example of a HTTPS connector in config.xml, which includes 
the keystorePass attribute -

         <gbean name="TomcatWebSSLConnector">
             <attribute name="host">${ServerHostname}</attribute>
             <attribute name="port">${HTTPSPort + PortOffset}</attribute>
             <attribute name="maxHttpHeaderSize">8192</attribute>
             <attribute name="maxThreads">150</attribute>
             <attribute name="minSpareThreads">25</attribute> 
  <attribute name="maxSpareThreads">75</attribute>
             <attribute name="enableLookups">false</attribute>
             <attribute name="acceptCount">100</attribute>
             <attribute name="disableUploadTimeout">false</attribute>
             <attribute name="clientAuth">false</attribute>
             <attribute name="algorithm">Default</attribute>
             <attribute name="sslProtocol">TLS</attribute>
             <attribute 
name="keystoreFile">var/security/keystores/geronimo-defau
lt</attribute>
             <attribute name="keystorePass">secret</attribute>
             <attribute name="keystoreType">JKS</attribute>
         </gbean>


-Donald

Doug Reeder wrote:
> http://cwiki.apache.org/GMOxDOC21/administering-certificates.html
> explains how to configure an HTTPS listener to use SSL, including 
> setting the keystore and keystore password.  However, this requires the 
> console, which is not installed on my production server, to keep the 
> memory footprint small.
> 
> I can set the keystore used by the HTTPS listener on my production 
> server in var/config/config.xml, but not the password.  Is there a way 
> to do this from GShell, or bash?
> 
> 

Mime
View raw message