tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Ivo Kammerath <ivolat...@gmail.com>
Subject Inconsistency in user documentation
Date Fri, 03 Jun 2011 13:50:17 GMT
Hello,

When going through the SSL docs to use APR for native OpenSSL I found an 
inconsistency in the docs. However I couldn't quite find how to change 
it as http://tomcat.apache.org/getinvolved.html  only states 
/"Contribute other documentation patches, either for the website or for 
the Apache Tomcat user documentation."/ without providing links on how 
to do so.  So I thought I post it here, such that you can point me in 
the right direction.

in 
http://tomcat.apache.org/tomcat-6.0-doc/ssl-howto.html#Edit_the_Tomcat_Configuration_File

it suggests that a correct connector in the server.xml should look like:

<-- Define a SSL Coyote HTTP/1.1 Connector on port 8443 -->
<!--
<Connector
            port="8443" maxThreads="200"
            scheme="https" secure="true" SSLEnabled="true"
            SSLCertificateFile="/usr/local/ssl/server.crt"
            SSLCertificateKeyFile="/usr/local/ssl/server.pem"
            clientAuth="optional" SSLProtocol="TLSv1"/>
-->

this however didn't work and resulted in:

WARNING: [SetAllPropertiesRule]{Server/Service/Connector} Setting property 'clientAuth' to
'true' did not find a matching property.

An actual working config can be found in 
http://tomcat.apache.org/tomcat-6.0-doc/apr.html#HTTPS . I propose 
copying the example section:

<Connector port="443" maxHttpHeaderSize="8192"
                maxThreads="150"
                enableLookups="false" disableUploadTimeout="true"
                acceptCount="100" scheme="https" secure="true"
                SSLEnabled="true"
                SSLCertificateFile="${catalina.base}/conf/localhost.crt"
                SSLCertificateKeyFile="${catalina.base}/conf/localhost.key" />

To replace the, what I believe to be false, example in the ssl-howto. In 
addition I would like to provide a link to the apr https guide right there.

Is this something I can do myself, If yes how can I do this? Is there 
some kind of content management behind the general web pages or is this 
simply static content? Am I even allowed to make this change myself?

many thanks in advance
Ivo





Mime
View raw message