You are viewing a plain text version of this content. The canonical link for it is here.

Posted to users@tomcat.apache.org by Selvakumar Subramanian <ss...@gmail.com> on 2012/01/12 01:14:52 UTC

Re: Tomcat version 6 - SSL Implementation - TLS in IE settings

>
> Hi,
>
> We have reporting web application running with tomcat version 6. Recently,
> we implement SSL by converting http to https...I made below changes in
> server.xml and web.xml.
> Everything works fine.. but the issue is that all end users need to enable
> TLS in IE settings for https to work..
>
> My question here is..whether we can avoid enabling TLS for secure site to
> work..Pls suggest!
>
> Thanks in advance
>
> Changes in server.xml
> *******************
>     <Connector
>            port="8443" maxThreads="200"
>            scheme="https" secure="true" SSLEnabled="true"
>            algorithm="IbmX509"
>            clientAuth="false" SSLProtocol="all"
>            keystoreFile="/home/sas/relic1d.jks" keystorePass="****" />''
>
> changes in web.xml
> *****************
>     <security-constraint>
>        <web-resource-collection>
>           <web-resource-name>Secure Area</web-resource-name>
>           <url-pattern>/*</url-pattern>
>           <http-method>GET</http-method>
>           <http-method>POST</http-method>
>        </web-resource-collection>
>        <user-data-constraint>
>           <transport-guarantee>CONFIDENTIAL</transport-guarantee>
>        </user-data-constraint>
>     </security-constraint>
>
> Regards
> Selva
>