Author: jfclere Date: Mon Mar 17 02:59:15 2008 New Revision: 637810 URL: http://svn.apache.org/viewvc?rev=637810&view=rev Log: Add SSLRandomSeed documentation.
Modified: tomcat/trunk/webapps/docs/ssl-howto.xml Modified: tomcat/trunk/webapps/docs/ssl-howto.xml URL: http://svn.apache.org/viewvc/tomcat/trunk/webapps/docs/ssl-howto.xml?rev=637810&r1=637809&r2=637810&view=diff ============================================================================== --- tomcat/trunk/webapps/docs/ssl-howto.xml (original) +++ tomcat/trunk/webapps/docs/ssl-howto.xml Mon Mar 17 02:59:15 2008 @@ -282,11 +282,11 @@ <subsection name="Edit the Tomcat Configuration File"> <p>If you are using APR, you have the option of configuring an alternative engine to openSSL. <source> -<Listener className="org.apache.catalina.core.AprLifecycleListener" SSLEngine="someengine" /> +<Listener className="org.apache.catalina.core.AprLifecycleListener" SSLEngine="someengine" SSLRandomSeed="somedevice" /> </source> The default value is <source> -<Listener className="org.apache.catalina.core.AprLifecycleListener" SSLEngine="on" /> +<Listener className="org.apache.catalina.core.AprLifecycleListener" SSLEngine="on" SSLRandomSeed="builtin" /> </source> So to use SSL under APR, make sure the SSLEngine attribute is set to something other than <code>off</code>. The default value is <code>on</code> and if you specify another value, it has to be a valid engine name. @@ -295,6 +295,9 @@ <source> <Listener className="org.apache.catalina.core.AprLifecycleListener" SSLEngine="off" /> </source> +SSLRandomSeed allows to specify a source of entropy. Productive system needs a reliable source of entropy +but entropy may need a lot of time to be collected therefore test systems could use no blocking entropy +sources like "/dev/urandom" that will allow quickier starts of Tomcat. </p> --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]