You are viewing a plain text version of this content. The canonical link for it is here.

Posted to users@tomcat.apache.org by "Steven D. Keens" <sk...@planetfred.com> on 2001/04/09 15:57:42 UTC

Using IAIK in Jakarta-Tomcat

I'm new to SSL and have the task of getting
IAIK to work with Tomcat 3.2.1 webserver.

Has anyone every tried such a thing and if so
how did you do it?  Any help would be appreciated.
Thanks in advance.

Here's what I know right now.  Tomcat's
server.xml configuration file has a section that
allows me to use JSSE for SSL.  I thought
that maybe I could replace the <Connector>
element with one that points to the correct
IAIK classes.  However, I couldn't find an
an SSLSocketFactory in the IAIK API docs.

    <!--
    <Connector className="org.apache.tomcat.service.PoolTcpConnector">
        <Parameter name="handler" 
           value="org.apache.tomcat.service.http.HttpConnectionHandler"/>
        <Parameter name="port" 
           value="8443"/>
        <Parameter name="socketFactory" 
           value="org.apache.tomcat.net.SSLSocketFactory" />
     </Connector>
     -->
    <!--
        Uncomment above for SSL support. 
        You _need_ to set up a server certificate if you want this
        to work, and you need JSSE.
        1. Add JSSE jars to CLASSPATH 
        2. Edit java.home/jre/lib/security/java.security
           Add:
           security.provider.2=com.sun.net.ssl.internal.ssl.Provider
        3. Do: keytool -genkey -alias tomcat -keyalg RSA
           RSA is essential to work with Netscape and IIS.
           Use "changeit" as password. ( or add keypass attribute )
           You don't need to sign the certificate.
        You can set parameter keystore and keypass if you want 
        to change the default ( user.home/.keystore with changeit )
     -->


--
Steven Keens                mailto:skeens@planetfred.com
PlanetFred Inc.             http://www.planetfred.com
44 Byward Market, Suite 240, Ottawa, ON, K1N 7A2, Canada