Well, if you look at documentation from Tomcat, there is section calls
TOMCAT-SSL. (or so).
You can build SSL directly in TOMCAT, or use Apache's SSL. I've done
build in SSL support,
and you seems have SSL on Apache only. The server.xml file should have a
section which says
"comment out this, to use SSL ...", the next block has default set-up for
SSL support
in Tomcat. I really think that using Apache's SSL isn't great idea.
Usually you do SSL
in specific areas of the web-site, such as login pages, credit-card info,
etc, which will
be 90% done in JSP/Servlets... because it's dynamic. Please take a look
at that Tomcat-SLL
section of your documentation. Also, I don't think that it's possible to
use old
certificate, with new server, although I may be wrong. The certificate is
unique to the server, and domain, etc. Definitely check Apache's ssl
section also.
Good luck,
John.
>>>>>>>>>>>>>>>>>> Original Message <<<<<<<<<<<<<<<<<<
On 2/6/01, 10:50:36 AM, "Lifeng Xu" <[EMAIL PROTECTED]> wrote regarding RE:
Newbie: HTTPS:
> Thank you John for your reply.
> Correct me if I am wrong, but I am assuming the certificate is installed
--
> it was working before, and I can still see that under my
> /usr/local/apache/conf/, there are directories such as ssl.crt, ssl.key,
> etc. There are files like srever.crt and other .crt files. Can't I just
keep
> and use them? But for the server.xml, I don't see anything that's SSL
> related. Maybe this is what I need to do something about.
> Sorry about this kind of quesion. I just want to get the old stuff
working
> for now and come back later to obsorb it.
> Thank you again for your help.
> Lifeng
> -----Original Message-----
> From: John Golubenko [mailto:[EMAIL PROTECTED]]
> Sent: Tuesday, February 06, 2001 12:18 PM
> To: [EMAIL PROTECTED]
> Subject: Re: Newbie: HTTPS
> Well, I'll suggest you to check openssl.org.
> Then you'll be able to create a certificate with your information
> in it (Manual is very clear 1->2->3). After that you can download JSSE
> (javasoft.com/products/jsee (?))
> and add couple of lines into server.xml file under tomcat (Also manual
> clear).
> Change port to 443, and it's ready to go. But, you may need to buy
> certificate for the future... I don't know any free tools to
> generate a certificate, so browser will not prompt you about
> installation,
> or that it's not trusted...
> Hope it helps a bit.
> John.
> >>>>>>>>>>>>>>>>>> Original Message <<<<<<<<<<<<<<<<<<
> On 2/6/01, 10:03:36 AM, "Lifeng Xu" <[EMAIL PROTECTED]> wrote regarding Newbie:
> HTTPS:
> > Hi all,
> > I am working in an environment of Apache/Tomcat on Linux, and I am new in
> > HTTPS/SSL. What I am facing is a project developed by someone else who is
> no
> > longer around. I am modifing the environment so that it will work with
> our
> > new release. While I am OK with the rest of the environment, I really
> don't
> > know much about this HTTPS stuff. It worked before, but not anymore after
> I
> > modified it. As I understand, I did change anything that related to SSL
> (for
> > instance the "SSLEngine on", etc., in http.conf).
> > My question is that can someone give me a simple 1,2,3... to check on?
> Since
> > I believe that the change I deed to make it back to work should be minor.
> > Right now, when I type in a https url, the browser displays page not
> found
> > message, but the http url works fine.
> > The mod_ssl is installed and used in our environment.
> > Any pelp is highly appreciated.
> > Lifeng
> > ---------------------------------------------------------------------
> > To unsubscribe, e-mail: [EMAIL PROTECTED]
> > For additional commands, email: [EMAIL PROTECTED]
> NOTICE: This communication may contain confidential or other privileged
> information. If you are not the intended recipient, or believe that you
> have received this communication in error, please do not print, copy,
> retransmit, disseminate, or otherwise use the information. Also, please
> indicate to the sender that you have received this email in error, and
> delete the copy you received. Any communication that does not relate to
> official Columbia business is that of the sender and is neither given nor
> endorsed by Columbia. Thank you.
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: [EMAIL PROTECTED]
> For additional commands, email: [EMAIL PROTECTED]
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: [EMAIL PROTECTED]
> For additional commands, email: [EMAIL PROTECTED]
NOTICE: This communication may contain confidential or other privileged information.
If you are not the intended recipient, or believe that you have received this
communication in error, please do not print, copy, retransmit, disseminate, or
otherwise use the information. Also, please indicate to the sender that you have
received this email in error, and delete the copy you received. Any communication
that does not relate to official Columbia business is that of the sender and is
neither given nor endorsed by Columbia. Thank you.
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, email: [EMAIL PROTECTED]
