You are viewing a plain text version of this content. The canonical link for it is here.

Posted to users@tomcat.apache.org by Randy Watler <wa...@wispertel.net> on 2005/03/16 00:43:18 UTC

SSL Appliance and Tomcat5.0.30/CoyoteConnector

We employ an SSL appliance in front of servers running Tomcat5 
stand-alone and wish to configure the CoyoteConnector as we have done 
previously with Tomcat4:

<Connector className="org.apache.coyote.tomcat5.CoyoteConnector"
           port="8543" minProcessors="16" maxProcessors="384"
           enableLookups="false" acceptCount="128" debug="0"
           connectionTimeout="300000" scheme="https" secure="true"
           disableUploadTimeout="true" proxyName="localhost"
           proxyPort="443"/>


However, since secure="true" is being specified, 
Http11Protocol.checkSocketfactory() in Tomcat 5.0.30 is attempting to 
create a secure SSL ServerSocketFactory. Of course, this fails since 
other SSL configuration parameters are not present. Since we are behind 
and SSL appliance, we really want just an ordinary ServerSocketFactory 
to be used and request.isSecure() to return "true" within our web 
applications. As I noted above, a similar configuration used to work for 
us on Tomcat 4.1.

Short of implementing a custom SSLImplementation and configuring it 
using an imbedded <Factory/> tag within the Connector definition, is 
there any way to force Tomcat 5.0/Http11Protocol to use a default 
ServerSocketFactory?

Randy Watler



---------------------------------------------------------------------
To unsubscribe, e-mail: tomcat-user-unsubscribe@jakarta.apache.org
For additional commands, e-mail: tomcat-user-help@jakarta.apache.org