Author: jfclere
Date: Mon Mar 17 02:59:15 2008
New Revision: 637810
URL: http://svn.apache.org/viewvc?rev=637810&view=rev
Log:
Add SSLRandomSeed documentation.
Modified:
tomcat/trunk/webapps/docs/ssl-howto.xml
Modified: tomcat/trunk/webapps/docs/ssl-howto.xml
URL:
http://svn.apache.org/viewvc/tomcat/trunk/webapps/docs/ssl-howto.xml?rev=637810&r1=637809&r2=637810&view=diff
==============================================================================
--- tomcat/trunk/webapps/docs/ssl-howto.xml (original)
+++ tomcat/trunk/webapps/docs/ssl-howto.xml Mon Mar 17 02:59:15 2008
@@ -282,11 +282,11 @@
<subsection name="Edit the Tomcat Configuration File">
<p>If you are using APR, you have the option of configuring an alternative
engine to openSSL.
<source>
-<Listener className="org.apache.catalina.core.AprLifecycleListener"
SSLEngine="someengine" />
+<Listener className="org.apache.catalina.core.AprLifecycleListener"
SSLEngine="someengine" SSLRandomSeed="somedevice" />
</source>
The default value is
<source>
-<Listener className="org.apache.catalina.core.AprLifecycleListener"
SSLEngine="on" />
+<Listener className="org.apache.catalina.core.AprLifecycleListener"
SSLEngine="on" SSLRandomSeed="builtin" />
</source>
So to use SSL under APR, make sure the SSLEngine attribute is set to something
other than <code>off</code>.
The default value is <code>on</code> and if you specify another value, it has
to be a valid engine name.
@@ -295,6 +295,9 @@
<source>
<Listener className="org.apache.catalina.core.AprLifecycleListener"
SSLEngine="off" />
</source>
+SSLRandomSeed allows to specify a source of entropy. Productive system needs a
reliable source of entropy
+but entropy may need a lot of time to be collected therefore test systems
could use no blocking entropy
+sources like "/dev/urandom" that will allow quickier starts of Tomcat.
</p>
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
