tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Mariano" <mlo...@sescam.org>
Subject RE: combine http and https
Date Tue, 15 Jun 2004 06:44:57 GMT
The lines:

keystoreFile="/...../.../Tomcat's SSL File"
keystorePass="........"

are absolutely necessary for connector on port 8443.

Try to set this line with yours values and set connector on port 8443 like i
put in previous message, It must work.

Regards

Mariano López

-----Mensaje original-----
De: José Manuel Prada Sierra [mailto:petinboy@hotmail.com]
Enviado el: lunes, 14 de junio de 2004 19:20
Para: tomcat-user@jakarta.apache.org
Asunto: combine http and https



Hi mariano.

First of all sorry by send my question to your private email, and sorry to
all of tomcat list users.

I have done all you write in your message.
I have j2sdk1.4.1 and j2re1.4.2_04 and it isn't necessary download jsse.
I have create the certificate like you write above, with de password
"changeit".

Mi server.xml is:
    <!-- Define an SSL HTTP/1.1 Connector on port 8443 -->

    <Connector className="org.apache.catalina.connector.http.HttpConnector"
               port="8443" minProcessors="5" maxProcessors="75"
               enableLookups="false"
               acceptCount="100" debug="0" scheme="https" secure="true">
      <Factory className="org.apache.catalina.net.SSLServerSocketFactory"
               clientAuth="false" protocol="TLS"/>
    </Connector>

I think that the problem may be into the server.xml
when I connect to my application with the port 8443, it show me a website
certificate.
I have not sslProtocol, keystorieFile... Are they necessary? If it is true,
what should I do?

Thanks.



<---------------------------------------------------------------------------
---------------->
Do you have well configured Tomcat's server.xml file for SSL connections ?

For example:
<Connector port="8443" maxThreads="150"
	     minSpareThreads="25" maxSpareThreads="75"
	     enableLookups="false" disableUploadTimeout="true"
           acceptCount="100" debug="0" scheme="https" secure="true"
           clientAuth="false" sslProtocol="TLS" URIEncoding="UTF-8"
           keystoreFile="/...../.../Tomcat's SSL File"
keystorePass="........"/>

And well generated certificate necesary for SSL ?:

1.	If you are running a 1.3 JVM, download JSSE 1.0.3 (or later) from
http://java.sun.com/products/jsse/ and either make it an installed extension
on the system, or else set an environment variable JSSE_HOME that points at
the directory into which you installed JSSE.
2.	Create a certificate keystore by executing the following command:

	Windows:%JAVA_HOME%\bin\keytool -genkey -alias tomcat -keyalg RSA
	Unix:$JAVA_HOME/bin/keytool -genkey -alias tomcat -keyalg RSA

	and specify a password value of "changeit".
3.	Uncomment the "SSL HTTP/1.1 Connector" entry in
$CATALINA_HOME/conf/server.xml and tweak as necessary.

And, please don't send e-mails to private address, always to Tomcat list
address.

Mariano López

_________________________________________________________________
¿Estás pensando en cambiar de coche? Todas los modelos de serie y extras en
MSN Motor. http://motor.msn.es/researchcentre/


---------------------------------------------------------------------
To unsubscribe, e-mail: tomcat-user-unsubscribe@jakarta.apache.org
For additional commands, e-mail: tomcat-user-help@jakarta.apache.org


---------------------------------------------------------------------
To unsubscribe, e-mail: tomcat-user-unsubscribe@jakarta.apache.org
For additional commands, e-mail: tomcat-user-help@jakarta.apache.org


Mime
View raw message