tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Hansel, Jason T CTR SPAWARSYSCEN-ATLANTIC, 55E00" <jason.t.hansel....@navy.mil>
Subject RE: Configuring Tomcat 6.0.28 with SSL
Date Wed, 11 Aug 2010 14:52:38 GMT
Jorge,
I do get the "INFO: The APR based Apache Tomcat Native library which allows
optimal performance in production environments was not found on the
java.library.pat". When I try and access my webapp via 443, I am getting a
404 error "Not Found", even though I removed jakarta from IIS and commented
out the AJP 1.3 connector. Seems as though isapi_redirect.dll is stil being
used, I cannot delete from my directory. Any Help would be great.

-----Original Message-----
From: Jorge Medina [mailto:cerebrotecnologico@gmail.com] 
Sent: Tuesday, August 10, 2010 4:27 PM
To: Tomcat Users List
Subject: Re: Configuring Tomcat 6.0.28 with SSL

There are two ways to add SSL support to Tomcat

a) Pure java support
b) Using OpenSSL through the APR library

For (b) you need to compile (or use a distribution with) the Tomcat Native
Library.

Configuring SSL using (a) is different than when using (b).

You may now if your server is running the APR by looking at the logs, at
startup you may find a line similar to:

INFO: The APR based Apache Tomcat Native library which allows optimal
performance in production environments was not found on the
java.library.path:

After you have determined if you have the APR, look at how to configure SSL
at http://tomcat.apache.org/tomcat-6.0-doc/ssl-howto.html

-Jorge


On Tue, Aug 10, 2010 at 3:41 PM, Hansel, Jason T CTR SPAWARSYSCEN-ATLANTIC,
55E00 <jason.t.hansel.ctr@navy.mil> wrote:
>
> I am abandoning the IIS/isapi_redirect.dll method of authenticating 
> via SSL into our web application due to the "authentication" process 
> taking a while, causing the web app to run abnormally slow.
>
> I am wanting to use our server certificate (PKCS12) as the keystore. 
> I've been doing a lot of research and it seems that I need to import 
> the root certificates into the keystore using OpenSSL. What I am not 
> too clear on is how to edit the server.xml file to accommodate these 
> configurations. Here is what I have thus far, however, SSL does not seem
to be working.
>
> Copied from Notepad:
>
> <!-- Define a SSL HTTP/1.1 Connector on port 8443
>         This connector uses the JSSE configuration, when using APR, the
>         connector should be using the OpenSSL style configuration
>         described in the APR documentation -->
>
>    <Connector port="443" protocol="HTTP/1.1" SSLEnabled="true"
>               maxThreads="150" scheme="https" secure="true"
>               keystoreFile="C:\Program Files\Apache Software 
> Foundation\Tomcat 6.0\con\geo.pfx"
> keystorePass="password" keystoreType="pkcs12"
>               clientAuth="false" sslProtocol="TLS" />
>
>
>
>
>
>

---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org


Mime
View raw message