tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Alex Chen <ac...@packetmotion.com>
Subject Using HTTPS with keystore and trust store files
Date Wed, 25 Feb 2004 18:00:07 GMT
Hi,
  I am trying to set up Tomcat for HTTPS connection with keystore and 
truststore files.  I want to use Tomcat as the
web server so the port number is 80 and 443 for HTTP and HTTPS, 
respectively. I am running Tomcat on Windows XP.

Here is the 'Connector' entry in %CATALINA_HOME%\conf\server.xml.
   <Connector port="443"
               maxThreads="150" minSpareThreads="25" maxSpareThreads="75"
               enableLookups="false" disableUploadTimeout="true"
               acceptCount="100" debug="0" scheme="https" secure="true"
               clientAuth="true" sslProtocol="TLS"
               keystoreFile="server.ks" keystoreType="JCEKS"
               keystorePass="changeit"
               truststoreFile="server.ts" truststoreType="JCEKS" >
    </Connector>

When I start tomcat, I get the following error:

java.io.FileNotFoundException: server.ks (The system cannot find the 
file specif
ied)
        at java.io.FileInputStream.open(Native Method)
        at java.io.FileInputStream.<init>(FileInputStream.java:106)
        at java.io.FileInputStream.<init>(FileInputStream.java:66)
        at 
org.apache.tomcat.util.net.jsse.JSSESocketFactory.getStore(JSSESocket
Factory.java:262)
        at 
org.apache.tomcat.util.net.jsse.JSSESocketFactory.getKeystore(JSSESoc
ketFactory.java:232)
......

I tried to put the file in different places, the user's home directory 
in C:\Documents and Settings\%user%\,
%CATALINA_HOME%\,  %CATALINA_HOME%\webapps, %CATALINA_HOME%\webapps\ROOT,
but they all failed.

My questions are:
1. Where should the keystore file be stored if I set the 'keystoreFile' 
attribute in Connector element?

2.  If I set 'clientAuth' to true, shouldn't there be a place to store 
the the client's certificate, i.e. the truststore?
     Where do I specify the file that store the client's certificate?
     I saw the truststoreFile attribute in an example from 
http://www.j2ee-security.net/book/sample-chap/
     It sets this attribute in a 'Factory' subelement.  But that is for 
Tomcat 4.X.

Any help is appreciated.



---------------------------------------------------------------------
To unsubscribe, e-mail: tomcat-user-unsubscribe@jakarta.apache.org
For additional commands, e-mail: tomcat-user-help@jakarta.apache.org


Mime
View raw message