tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Markus Schönhaber <mailing-tomcat-u...@schoenhaber.de>
Subject Re: scheme="https" not working?
Date Mon, 20 Feb 2006 17:04:55 GMT
Dave Brondsema wrote:
> I'm using Tomcat 5.5.15 on Windows 2000.  I have this connector:
>     <Connector scheme="https" port="443" maxHttpHeaderSize="8192"
>                maxThreads="150" minSpareThreads="25" maxSpareThreads="75"
>                enableLookups="false" disableUploadTimeout="true"
>                acceptCount="100" secure="true"
>                clientAuth="false" sslProtocol="TLS"
>                keystoreFile="C:\Program Files\Apache Software
> Foundation\Tomcat 5.5\conf\ssl_keystore" keystorePass="XXX"
>                keystoreType="JKS"/>
>
> I can access
> http://eaglesnest-test.cornerstone.edu:443/manager/html
> but I get no response when attempting to access
> https://eaglesnest-test.cornerstone.edu:443/manager/html
>
> Somehow it's running unsecured but still on port 443.
>
> What's happening?
>
>
> Here are the logfiles:
>
> DEBUG 2006-02-20 11:20:29,288 org.apache.catalina.startup.Embedded -
> Setting naming prefix=org.apache.naming
> DEBUG 2006-02-20 11:20:29,413 org.apache.catalina.startup.Catalina -
> Digester for server.xml created 125
> DEBUG 2006-02-20 11:20:30,600 org.apache.coyote.http11.Http11AprProtocol
> - Attribute soLinger: -1

[...]

Since you're using APR, you have to configure your <Connector> the APR way:
http://tomcat.apache.org/tomcat-5.5-doc/apr.html#HTTPS
AFAIK you can't use the Java keystore with APR but have to use certificates.

As an alternative: don't use APR and keep your configuration as-is.

Regards
  mks


---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org


Mime
View raw message