Hello All,
I'm in a bit of a pinch here. Just had an old Solaris server fail that
housed our TomCat environment and now I'm trying to put the pieces back
together on a new server. I have a few of the applications up and
running.. but now I've run into an app that wants to run over ssl and
I'm having a hard time getting it to work.
Environment: Tomcat 5.0.28 running on CentOS 5
I am including my server.xml below.
I have already generated my certificate after reading this document and
put the cert into /usr/local/tomcat:
http://tomcat.apache.org/tomcat-5.0-doc/ssl-howto.html
Can someone please advice me on how to get ssl up and running on port 8443?
<?xml version='1.0' encoding='utf-8'?>
<Server>
<Listener className="org.apache.catalina.mbeans.ServerLifecycleListener"/>
<Listener
className="org.apache.catalina.mbeans.GlobalResourcesLifecycleListener"/>
<GlobalNamingResources>
<Environment name="simpleValue" type="java.lang.Integer" value="30"/>
<Resource auth="Container" description="User database that can be
updated and saved" name="UserDatabase"
type="org.apache.catalina.UserDatabase"/>
<ResourceParams name="UserDatabase">
<parameter>
<name>factory</name>
<value>org.apache.catalina.users.MemoryUserDatabaseFactory</value>
</parameter>
<parameter>
<name>pathname</name>
<value>conf/tomcat-users.xml</value>
</parameter>
</ResourceParams>
</GlobalNamingResources>
<Service name="Catalina">
<Connector acceptCount="100" connectionTimeout="20000"
disableUploadTimeout="true" port="8080" redirectPort="8443"
maxSpareThreads="75" maxThreads="150" minSpareThreads="25">
</Connector>
<Connector port="8009" protocol="AJP/1.3"
protocolHandlerClassName="org.apache.jk.server.JkCoyoteHandler"
redirectPort="8443">
</Connector>
<Engine defaultHost="localhost" name="Catalina">
<Host name="localhost" debug="0" appBase="webapps" unpackWARs="true"
autoDeploy="true" xmlValidation="false" xmlNamespaceAware="false">
<Valve className="org.apache.catalina.valves.AccessLogValve"
directory="logs" prefix="localhost_access_log." suffix=".txt"
pattern="common" resolveHosts="false" />
<Logger className="org.apache.catalina.logger.FileLogger"
directory="logs" prefix="localhost_log." suffix=".txt" timestamp="true" />
</Host>
<Logger className="org.apache.catalina.logger.FileLogger"
prefix="catalina_log." suffix=".txt" timestamp="true"/>
<Realm className="org.apache.catalina.realm.UserDatabaseRealm"/>
</Engine>
</Service>
</Server>
---------------------------------------------------------------------
To start a new topic, e-mail: users@tomcat.apache.org
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org
Lyallex, That worked! Thank you! I had copied and pasted from the TomCat SSL HowTo, but that didn't work... I appreciate your time! Now, on to other TomCat problems.... this server failure is killing me! -jeff Lyallex wrote: > The first thing that strikes me is that you have not defined a > connector for > port 8443, here's one of mine (Tomcat 5.5.23) > > <Connector port="8443" maxHttpHeaderSize="8192" > maxThreads="150" minSpareThreads="25" maxSpareThreads="75" > enableLookups="false" disableUploadTimeout="true" > acceptCount="100" scheme="https" secure="true" > clientAuth="false" keystoreFile="..." sslProtocol="TLS" /> > > I think you probably need this because (at the very least) you have > 'redirectPort="8443"' in your non ssl Connector config > > Rgds > Duncan > > On 7/26/07, Jeffrey C. Baldwin <Je...@ncmail.net> wrote: >> Hello All, >> >> I'm in a bit of a pinch here. Just had an old Solaris server fail that >> housed our TomCat environment and now I'm trying to put the pieces back >> together on a new server. I have a few of the applications up and >> running.. but now I've run into an app that wants to run over ssl and >> I'm having a hard time getting it to work. >> >> Environment: Tomcat 5.0.28 running on CentOS 5 >> >> I am including my server.xml below. >> >> I have already generated my certificate after reading this document and >> put the cert into /usr/local/tomcat: >> http://tomcat.apache.org/tomcat-5.0-doc/ssl-howto.html >> >> Can someone please advice me on how to get ssl up and running on >> port 8443? >> >> <?xml version='1.0' encoding='utf-8'?> >> <Server> >> <Listener >> className="org.apache.catalina.mbeans.ServerLifecycleListener"/> >> <Listener >> className="org.apache.catalina.mbeans.GlobalResourcesLifecycleListener"/> >> >> <GlobalNamingResources> >> <Environment name="simpleValue" type="java.lang.Integer" >> value="30"/> >> <Resource auth="Container" description="User database that can be >> updated and saved" name="UserDatabase" >> type="org.apache.catalina.UserDatabase"/> >> <ResourceParams name="UserDatabase"> >> <parameter> >> <name>factory</name> >> >> <value>org.apache.catalina.users.MemoryUserDatabaseFactory</value> >> </parameter> >> <parameter> >> <name>pathname</name> >> <value>conf/tomcat-users.xml</value> >> </parameter> >> </ResourceParams> >> </GlobalNamingResources> >> <Service name="Catalina"> >> <Connector acceptCount="100" connectionTimeout="20000" >> disableUploadTimeout="true" port="8080" redirectPort="8443" >> maxSpareThreads="75" maxThreads="150" minSpareThreads="25"> >> </Connector> >> <Connector port="8009" protocol="AJP/1.3" >> protocolHandlerClassName="org.apache.jk.server.JkCoyoteHandler" >> redirectPort="8443"> >> </Connector> >> <Engine defaultHost="localhost" name="Catalina"> >> <Host name="localhost" debug="0" appBase="webapps" unpackWARs="true" >> autoDeploy="true" xmlValidation="false" xmlNamespaceAware="false"> >> <Valve className="org.apache.catalina.valves.AccessLogValve" >> directory="logs" prefix="localhost_access_log." suffix=".txt" >> pattern="common" resolveHosts="false" /> >> <Logger className="org.apache.catalina.logger.FileLogger" >> directory="logs" prefix="localhost_log." suffix=".txt" >> timestamp="true" /> >> </Host> >> <Logger className="org.apache.catalina.logger.FileLogger" >> prefix="catalina_log." suffix=".txt" timestamp="true"/> >> <Realm className="org.apache.catalina.realm.UserDatabaseRealm"/> >> </Engine> >> </Service> >> </Server> >> >> >> --------------------------------------------------------------------- >> To start a new topic, e-mail: users@tomcat.apache.org >> To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org >> For additional commands, e-mail: users-help@tomcat.apache.org >> >> > > --------------------------------------------------------------------- > To start a new topic, e-mail: users@tomcat.apache.org > To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org > For additional commands, e-mail: users-help@tomcat.apache.org > --------------------------------------------------------------------- To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org For additional commands, e-mail: users-help@tomcat.apache.org
The first thing that strikes me is that you have not defined a connector for
port 8443, here's one of mine (Tomcat 5.5.23)
<Connector port="8443" maxHttpHeaderSize="8192"
maxThreads="150" minSpareThreads="25" maxSpareThreads="75"
enableLookups="false" disableUploadTimeout="true"
acceptCount="100" scheme="https" secure="true"
clientAuth="false" keystoreFile="..." sslProtocol="TLS" />
I think you probably need this because (at the very least) you have
'redirectPort="8443"' in your non ssl Connector config
Rgds
Duncan
On 7/26/07, Jeffrey C. Baldwin <Je...@ncmail.net> wrote:
> Hello All,
>
> I'm in a bit of a pinch here. Just had an old Solaris server fail that
> housed our TomCat environment and now I'm trying to put the pieces back
> together on a new server. I have a few of the applications up and
> running.. but now I've run into an app that wants to run over ssl and
> I'm having a hard time getting it to work.
>
> Environment: Tomcat 5.0.28 running on CentOS 5
>
> I am including my server.xml below.
>
> I have already generated my certificate after reading this document and
> put the cert into /usr/local/tomcat:
> http://tomcat.apache.org/tomcat-5.0-doc/ssl-howto.html
>
> Can someone please advice me on how to get ssl up and running on port 8443?
>
> <?xml version='1.0' encoding='utf-8'?>
> <Server>
> <Listener className="org.apache.catalina.mbeans.ServerLifecycleListener"/>
> <Listener
> className="org.apache.catalina.mbeans.GlobalResourcesLifecycleListener"/>
> <GlobalNamingResources>
> <Environment name="simpleValue" type="java.lang.Integer" value="30"/>
> <Resource auth="Container" description="User database that can be
> updated and saved" name="UserDatabase"
> type="org.apache.catalina.UserDatabase"/>
> <ResourceParams name="UserDatabase">
> <parameter>
> <name>factory</name>
> <value>org.apache.catalina.users.MemoryUserDatabaseFactory</value>
> </parameter>
> <parameter>
> <name>pathname</name>
> <value>conf/tomcat-users.xml</value>
> </parameter>
> </ResourceParams>
> </GlobalNamingResources>
> <Service name="Catalina">
> <Connector acceptCount="100" connectionTimeout="20000"
> disableUploadTimeout="true" port="8080" redirectPort="8443"
> maxSpareThreads="75" maxThreads="150" minSpareThreads="25">
> </Connector>
> <Connector port="8009" protocol="AJP/1.3"
> protocolHandlerClassName="org.apache.jk.server.JkCoyoteHandler"
> redirectPort="8443">
> </Connector>
> <Engine defaultHost="localhost" name="Catalina">
> <Host name="localhost" debug="0" appBase="webapps" unpackWARs="true"
> autoDeploy="true" xmlValidation="false" xmlNamespaceAware="false">
> <Valve className="org.apache.catalina.valves.AccessLogValve"
> directory="logs" prefix="localhost_access_log." suffix=".txt"
> pattern="common" resolveHosts="false" />
> <Logger className="org.apache.catalina.logger.FileLogger"
> directory="logs" prefix="localhost_log." suffix=".txt" timestamp="true" />
> </Host>
> <Logger className="org.apache.catalina.logger.FileLogger"
> prefix="catalina_log." suffix=".txt" timestamp="true"/>
> <Realm className="org.apache.catalina.realm.UserDatabaseRealm"/>
> </Engine>
> </Service>
> </Server>
>
>
> ---------------------------------------------------------------------
> To start a new topic, e-mail: users@tomcat.apache.org
> To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
> For additional commands, e-mail: users-help@tomcat.apache.org
>
>
---------------------------------------------------------------------
To start a new topic, e-mail: users@tomcat.apache.org
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org