tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From José Manuel Prada Sierra <>
Subject combine http and https
Date Mon, 14 Jun 2004 17:19:51 GMT

Hi mariano.

First of all sorry by send my question to your private email, and sorry to 
all of tomcat list users.

I have done all you write in your message.
I have j2sdk1.4.1 and j2re1.4.2_04 and it isn't necessary download jsse.
I have create the certificate like you write above, with de password 

Mi server.xml is:
    <!-- Define an SSL HTTP/1.1 Connector on port 8443 -->

    <Connector className="org.apache.catalina.connector.http.HttpConnector"
               port="8443" minProcessors="5" maxProcessors="75"
               acceptCount="100" debug="0" scheme="https" secure="true">
      <Factory className=""
               clientAuth="false" protocol="TLS"/>

I think that the problem may be into the server.xml
when I connect to my application with the port 8443, it show me a website 
I have not sslProtocol, keystorieFile... Are they necessary? If it is true, 
what should I do?


Do you have well configured Tomcat's server.xml file for SSL connections ?

For example:
<Connector port="8443" maxThreads="150"
	     minSpareThreads="25" maxSpareThreads="75"
	     enableLookups="false" disableUploadTimeout="true"
           acceptCount="100" debug="0" scheme="https" secure="true"
           clientAuth="false" sslProtocol="TLS" URIEncoding="UTF-8"
           keystoreFile="/...../.../Tomcat's SSL File"

And well generated certificate necesary for SSL ?:

1.	If you are running a 1.3 JVM, download JSSE 1.0.3 (or later) from and either make it an installed extension
on the system, or else set an environment variable JSSE_HOME that points at
the directory into which you installed JSSE.
2.	Create a certificate keystore by executing the following command:

	Windows:%JAVA_HOME%\bin\keytool -genkey -alias tomcat -keyalg RSA
	Unix:$JAVA_HOME/bin/keytool -genkey -alias tomcat -keyalg RSA

	and specify a password value of "changeit".
3.	Uncomment the "SSL HTTP/1.1 Connector" entry in
$CATALINA_HOME/conf/server.xml and tweak as necessary.

And, please don't send e-mails to private address, always to Tomcat list

Mariano López

¿Estás pensando en cambiar de coche? Todas los modelos de serie y extras en 
MSN Motor.

To unsubscribe, e-mail:
For additional commands, e-mail:

View raw message