Hi,
To configure tomcat using SSL on Windows I use:
multi-host tomcat ssl on windows
download and install java 1.5 jdk
set JAVA_HOME to the root of the JDK directory
add JAVA_HOME\bin to the path
install Visual C++ 2008 redistributable
download and install openssl
http://www.openssl.org --> related -->binaries (at the top)
place the files in c:\program files\openssl
set OPENSSL_HOME to c:\program files\openssl
add OPENSSL_HOME\bin to the path
search for an openssl.cnf on google
download and install tomcat
download tomcat and extract to c:\program files\apache software
foundation\tomcat
set CATALINE_HOME to c:\program files\apache software foundation\tomcat
download tomcat native and extract to CATALINA_HOME\bin
add CATALINA_HOME\bin to the path
set CLASSPATH to
.;%CATALINA_HOME%\libservlet-api.jar;%CATALINA_HOME%\lib\jsp-api.jar
cd %CATALINA_HOME\conf
mkdir ssl
cd ssl
genrsa -aes256 -out key.pem 8192
Enter pass phrase for key.pem: proactix
req -new -key key.pem -sha1 -x509 -out cert.pem
<Connector protocol="org.apache.coyote.http11.Http11AprProtocol"
port="443"
enableLookups="true" disableUploadTimeout="true"
acceptCount="100" maxThreads="200"
scheme="https" secure="true" SSLEnabled="true"
SSLCertificateFile="${catalina.home}/conf/ssl/cert.pem"
SSLCertificateKeyFile="${catalina.home}/conf/ssl/key.pem"
SSLPassword="proactix"
sslProtocol="TLSv1"/>
The same should be similar on Linux
Regards,
Serge Fonville
On Wed, Nov 5, 2008 at 4:29 PM, Michael A. Tucker <
[EMAIL PROTECTED]> wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> I'm trying to setup SSL on a web app that I have running on a server. I
> created my keystore.key file and then uncommented this section in my
> server.xml file:
>
> > Connector port="8443" protocol="HTTP/1.1" SSLEnabled="true"
> > maxThreads="150" scheme="https" secure="true"
> >
> keystoreFile="${/usr/local/jre1.6.0_06/bin/keystore.key}/.keystore"
> keystorePass="changeit"
> > clientAuth="false" sslProtocol="TLS"
>
> Now when I go to https://localhost:8443/ I get "failed to connect" page
> load error. I think I'm not doing something wrong in the server.xml
> file, but I'm not sure what. I already have another program running on
> 443 so could that interfere? I also don't know what APR means in the
> SSL doc.
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG v1.4.6 (GNU/Linux)
> Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
>
> iD8DBQFJEbv2iSj9VAB3NO8RAkyLAJ0ZhVqiOz0cKuZILoYMYQTjojD8awCfXjHY
> pI7vAxr3JZan3Mq87uzrhMU=
> =8iED
> -----END PGP SIGNATURE-----
>
> ---------------------------------------------------------------------
> To start a new topic, e-mail: users@tomcat.apache.org
> To unsubscribe, e-mail: [EMAIL PROTECTED]
> For additional commands, e-mail: [EMAIL PROTECTED]
>
>
