tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Konstantin Kolinko <knst.koli...@gmail.com>
Subject Re: SSL on Tomcat5
Date Tue, 10 May 2011 17:48:02 GMT
2011/5/10 Lunita <hoshi.utsuku@gmail.com>:
> Hi all!
>
> I amb trying to configure SSL for Tomcat Manager with APR. I have a weird
> problem, port 8443 is listening, but no HTTPS over there! 8080 and 8443
> ports are open with HTTP
>
> I compiled tomcat native with this configure:
>
> "--prefix=/opt/tomcat/" \
> "--with-apr=/opt/apr-1.4.2/" \
> "--with-ssl=/usr" \
> "--with-java-home=/usr/java/jdk1.6.0_23/" \
> "--libdir=/usr/lib" \
>
>
> At startup, Tomcat load OK the library:
>
> INFO: Loaded APR based Apache Tomcat Native library 1.1.20.
> May 10, 2011 6:36:07 PM org.apache.catalina.core.AprLifecycleListener init
> INFO: APR capabilities: IPv6 [true], sendfile [true], accept filters
> [false], random [true].
> May 10, 2011 6:36:07 PM org.apache.coyote.http11.Http11AprProtocol init
> INFO: Initializing Coyote HTTP/1.1 on http-8080
> May 10, 2011 6:36:07 PM org.apache.coyote.http11.Http11AprProtocol init
> INFO: Initializing Coyote HTTP/1.1 on http-8443
>
> My config at server.xml looks OK ...
>
> <Connector port="8443" maxHttpHeaderSize="8192"
>           maxThreads="200" minSpareThreads="25" maxSpareThreads="75"
>           scheme="https" secure="true" SSLEnabled="true"
>
> SSLCertificateFile="/opt/apache-tomcat-5.5.33/conf/tomcat.key.noPasswd"
>           SSLCertificateKeyFile="/opt/apache-tomcat-5.5.33/conf/XX.cer"
>           clientAuth="false" SSLProtocol="TLSv1"/>
>
>
> Any help? I'm really lost =(

Configuration of APR/OpenSSL (aka "native") connector with SSL is documented in
http://tomcat.apache.org/tomcat-5.5-doc/apr.html#HTTPS

Apparently you are missing SSLEngine="on"

Note, that Tomcat 5.5 does not warn about any unknown attributes etc.
(Tomcat 6 and later do give warnings), so you should read the
configuration docs carefully.

What documentation you have followed? (Maybe something needs
amendments / corrections there?)

Best regards,
Konstantin Kolinko

---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org


Mime
View raw message