You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@tomcat.apache.org by Randy Watler <wa...@wispertel.net> on 2005/03/16 00:43:18 UTC
SSL Appliance and Tomcat5.0.30/CoyoteConnector
We employ an SSL appliance in front of servers running Tomcat5
stand-alone and wish to configure the CoyoteConnector as we have done
previously with Tomcat4:
<Connector className="org.apache.coyote.tomcat5.CoyoteConnector"
port="8543" minProcessors="16" maxProcessors="384"
enableLookups="false" acceptCount="128" debug="0"
connectionTimeout="300000" scheme="https" secure="true"
disableUploadTimeout="true" proxyName="localhost"
proxyPort="443"/>
However, since secure="true" is being specified,
Http11Protocol.checkSocketfactory() in Tomcat 5.0.30 is attempting to
create a secure SSL ServerSocketFactory. Of course, this fails since
other SSL configuration parameters are not present. Since we are behind
and SSL appliance, we really want just an ordinary ServerSocketFactory
to be used and request.isSecure() to return "true" within our web
applications. As I noted above, a similar configuration used to work for
us on Tomcat 4.1.
Short of implementing a custom SSLImplementation and configuring it
using an imbedded <Factory/> tag within the Connector definition, is
there any way to force Tomcat 5.0/Http11Protocol to use a default
ServerSocketFactory?
Randy Watler
---------------------------------------------------------------------
To unsubscribe, e-mail: tomcat-user-unsubscribe@jakarta.apache.org
For additional commands, e-mail: tomcat-user-help@jakarta.apache.org