tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Michael Magnuson <mmagnu...@sempervalens.com>
Subject Re: OCSP Connector on Tomcat 8.5 not working
Date Tue, 25 Jun 2019 18:24:27 GMT


Oh I see.  I was trying to use those fields for the OCSP responder information.  Thanks for
the clarification.


Mike

________________________________
From: Mark Thomas <markt@apache.org>
Sent: Tuesday, June 25, 2019 11:03 AM
To: users@tomcat.apache.org
Subject: Re: OCSP Connector on Tomcat 8.5 not working

On 25/06/2019 18:04, Michael Magnuson wrote:
>
>
> Mark, are you defining your server SSL certificate someplace else, other than within
the connector in server.xml?

No.

> From your example connector config, I'm not seeing it defined.

<Connector port="8443"
           protocol="org.apache.coyote.http11.Http11AprProtocol"
           maxThreads="150" SSLEnabled="true" >
  <UpgradeProtocol className="org.apache.coyote.http2.Http2Protocol"/>
  <SSLHostConfig certificateVerification="required"
                 caCertificateFile="conf/ca-rsa-cert.pem"
                 certificateRevocationListFile="conf/crl.pem">
    <Certificate certificateKeyFile="conf/localhost-rsa-key.pem"
                 certificateFile="conf/localhost-rsa-cert.pem"
                 certificateChainFile="conf/localhost-rsa-chain.pem"
                 type="RSA" />
  </SSLHostConfig>
</Connector>

Server key is defined by certificateKeyFile
Server cert is defined by certificateFile
Server cert chain is defined by certificateChainFile

Mark

---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org


Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message