tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Christopher Schultz <ch...@christopherschultz.net>
Subject Re: How to configure certificate file (*.cer) in Tomcat 6
Date Thu, 02 Feb 2012 14:49:38 GMT
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Dale,

On 2/1/12 11:34 PM, Dale Ogilvie wrote:
> FYI, Here's how we did it with APR for local workstation SSL.
> 
> Download APR from here:
> http://tomcat.apache.org/download-native.cgi

Nit: that's tcnative, not APR. tcnative requires APR, but they are
separate things.

> Copy the files (openssl.exe and tc-native.dll)  into the tomcat
> bin directory

Note that you'll also need libapr.dll.

Also, I believe you'll have to set
"-Djava.library.path=%CATALINA_BASE%\bin", otherwise the JVM won't
find the libraries.

> Set up your SSL connector, pointing to your CA signed server 
> SSLCertificateFile and the CA as SSLCACertificateFile:
> 
> <Connector port="8443" protocol="HTTP/1.1" SSLEnabled="true" 
> maxThreads="150" scheme="https" secure="true" clientAuth="false"
> sslProtocol="TLS" SSLCertificateFile="c:/temp/localhost.cer" 
> SSLCACertificateFile="c:/temp/ca2cert.pem" />

Just make sure that everything is in PEM form.

- -chris
-----BEGIN PGP SIGNATURE-----
Version: GnuPG/MacGPG2 v2.0.17 (Darwin)
Comment: GPGTools - http://gpgtools.org
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/

iEYEARECAAYFAk8qooIACgkQ9CaO5/Lv0PB/cwCgxDDHRBD/h7JfjjSdeRz4Q9g1
EK8AoKbF0/cLo/zz4vYV1pXmjP21Z8/c
=czvq
-----END PGP SIGNATURE-----

---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org


Mime
View raw message