-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Dale,
On 2/1/12 11:34 PM, Dale Ogilvie wrote: > FYI, Here's how we did it with APR for local workstation SSL. > > Download APR from here: > http://tomcat.apache.org/download-native.cgi Nit: that's tcnative, not APR. tcnative requires APR, but they are separate things. > Copy the files (openssl.exe and tc-native.dll) into the tomcat > bin directory Note that you'll also need libapr.dll. Also, I believe you'll have to set "-Djava.library.path=%CATALINA_BASE%\bin", otherwise the JVM won't find the libraries. > Set up your SSL connector, pointing to your CA signed server > SSLCertificateFile and the CA as SSLCACertificateFile: > > <Connector port="8443" protocol="HTTP/1.1" SSLEnabled="true" > maxThreads="150" scheme="https" secure="true" clientAuth="false" > sslProtocol="TLS" SSLCertificateFile="c:/temp/localhost.cer" > SSLCACertificateFile="c:/temp/ca2cert.pem" /> Just make sure that everything is in PEM form. - -chris -----BEGIN PGP SIGNATURE----- Version: GnuPG/MacGPG2 v2.0.17 (Darwin) Comment: GPGTools - http://gpgtools.org Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iEYEARECAAYFAk8qooIACgkQ9CaO5/Lv0PB/cwCgxDDHRBD/h7JfjjSdeRz4Q9g1 EK8AoKbF0/cLo/zz4vYV1pXmjP21Z8/c =czvq -----END PGP SIGNATURE----- --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
