tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Wendy Smoak <>
Subject Back to the "nonsecure items" problem
Date Tue, 03 Feb 2004 20:52:41 GMT

I'm trying to serve a PDF from a Servlet and I'm getting the "This page
contains both secure and nonsecure items. Do you want to display the
nonsecure items" prompt from IE.

This is a confidential accounting report, so that just won't do!  I was
hoping that when I put the webapp behind Apache, that the warning would
magically go away since Apache would handle encrypting the transmission
back to the client browser, but that does not seem to be the case.

The Apache HTTP server does have a Thawte certificate.  My next idea is
to try to install that same certificate on Tomcat.  But I don't think
that's going to do it entirely.

Here's some of the code that writes out the PDF:

      ByteArrayOutputStream baosPDF = null;
      ServletOutputStream sos;
      sos = resp.getOutputStream();
      baosPDF.writeTo( sos );

Can someone give me a pointer on what would have to change to encrypt
the PDF so that the browser will stop complaining about nonsecure items?
I can't have the 'nonsecure items' prompt, and I assume I will need a
known good certificate-- can I use the same one that we're using on

Or am I headed in a completely wrong direction?  We've discussed this
here before, and in the meantime I've gotten a handful of inquiries
wondering if I solved the problem.  As far as I know, it's still an open

Wendy Smoak
Application Systems Analyst, Sr.
ASU IA Information Resources Management 

To unsubscribe, e-mail:
For additional commands, e-mail:

View raw message