2017-10-09 17:01 GMT+02:00 John Ellis <john.el...@lsgsolutions.com>: > I posted questions about this a couple of weeks ago I think it was. I have > been trying to get Tomcat running on a secure port with a valid SSL > certificate. We finally got version 9.0.0.M20 setup successfully on port > 9443 and I can go to that IP:port and get a Tomcat webpage but when I go > through all the steps using the keytool commands to submit a certificate > (we use Cacert.org) and try to plug that certificate into the mix it > doesn’t work. I still get an error message telling me that I will have to > create an exception to go to that IP address and port. Last Friday I even > deleted the certificate and all the keystore file, etc. and got the same > exact error. So it appears that Tomcat is not seeing the certificate at all > since I get the same error about having to add an exception whether or not > I have a valid certificate in place on the server. > > The lines we added to the server.xml file to get the secure port working > are- > > > > <Connector port="9443" protocol="HTTP/1.1" SSLEnabled="true" > > maxThreads="150" scheme="https" secure="true" > > clientAuth="false" sslProtocol="TLS" > > keystoreFile="/home/tomcat9.0. > 0.M20/apache-tomcat-9.0.0.M20/conf/keystore.jks" > > keystorePass="changeit" /> >
Maybe you should use <SSLHostConfig> element, do you ? Read: https://tomcat.apache.org/tomcat-9.0-doc/config/http.html#SSL_Support_-_SSLHostConfig Each secure connector must define at least one *SSLHostConfig* > > > John Ellis > > > > 405.285.2500 office > > > > [image: United States] > > [image: bize-logo-rgb-original_Ryan_Revised_portal size] [image: > cid:image002.jpg@01CECFDA.65B42CD0] > > > > http://biz-e.io > > >