tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Dave Brondsema <d...@brondsema.net>
Subject Re: scheme="https" not working?
Date Mon, 20 Feb 2006 17:53:57 GMT
Markus Schönhaber wrote:
> Dave Brondsema wrote:
>> I'm using Tomcat 5.5.15 on Windows 2000.  I have this connector:
>>     <Connector scheme="https" port="443" maxHttpHeaderSize="8192"
>>                maxThreads="150" minSpareThreads="25" maxSpareThreads="75"
>>                enableLookups="false" disableUploadTimeout="true"
>>                acceptCount="100" secure="true"
>>                clientAuth="false" sslProtocol="TLS"
>>                keystoreFile="C:\Program Files\Apache Software
>> Foundation\Tomcat 5.5\conf\ssl_keystore" keystorePass="XXX"
>>                keystoreType="JKS"/>
>>
>> I can access
>> http://eaglesnest-test.cornerstone.edu:443/manager/html
>> but I get no response when attempting to access
>> https://eaglesnest-test.cornerstone.edu:443/manager/html
>>
>> Somehow it's running unsecured but still on port 443.
>>
>> What's happening?
>>
>>
>> Here are the logfiles:
>>
>> DEBUG 2006-02-20 11:20:29,288 org.apache.catalina.startup.Embedded -
>> Setting naming prefix=org.apache.naming
>> DEBUG 2006-02-20 11:20:29,413 org.apache.catalina.startup.Catalina -
>> Digester for server.xml created 125
>> DEBUG 2006-02-20 11:20:30,600 org.apache.coyote.http11.Http11AprProtocol
>> - Attribute soLinger: -1
> 
> [...]
> 
> Since you're using APR, you have to configure your <Connector> the APR way:
> http://tomcat.apache.org/tomcat-5.5-doc/apr.html#HTTPS
> AFAIK you can't use the Java keystore with APR but have to use certificates.
> 
> As an alternative: don't use APR and keep your configuration as-is.
> 

Thanks, that worked.  But shouldn't there be errors or warnings if I'm
using Java keystore attributes (e.g. keystoreFile) with APR?

-- 
Dave Brondsema
Software Developer
Cornerstone University


Mime
View raw message