If you are using the JIO Connector (the default if APR isn't installed), then you should just be able to specify keystoreType="PKCS11" on the <Connector /> element, and configure the PKCS11 setting as in the JCE documents for your Java vendor. If you have more than just the one Tomcat key, then you will also want to specify the keyAlias="myHostAlias" option on the <Connector />. I'm guessing that this will work with the NIO Connector as well, but I haven't looked. I've got no clue how to do this for the APR Connector :), but if you are using truststoreFile, then you aren't using APR.
"Lee, Esmond" <[EMAIL PROTECTED]> wrote in message news:[EMAIL PROTECTED] Hello, I would like to use TOMCAT 6 as an HTTPS server on our windows/linux servers, using a PCI based PKCS11 token that stores the keys for TLS connectivity. Up until now, we've enabled TLS connections using the keystoreFile/keystorePass, truststoreFile/truststorePass attribute pairs in server.xml. Our core application currently uses the PKCS11 token for our keystore, but we would like TOMCAT to use it as well. Is there a way to configure TOMCAT (via server.xml or by other means) to use this token? =20 Thanks in advance. Esmond --------------------------------------------------------------------- To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]