Thank you Dave. This is all new to me so your information is really helpful.

Regarding your response:

My files are in pem format.

The default server.xml has
<Listener className="org.apache.catalina.core.AprLifecycleListener"
SSLEngine="on" />
I'll leave that in since it seems to be what I need

http://www.digicert.com/ssl-support/pem-ssl-creation.htm talks about how to
concatenate the different chunks of data into one file, with the .pem
extension. I take it this is not necessary.

Here is what I have so far:
<Connector port="443" protocol="HTTP/1.1" SSLEnabled="true"
               maxThreads="150" scheme="https" secure="true"
               clientAuth="false" sslProtocol="SSLv3"
               SSLCertificateKeyFile="${catalina.base}/conf/privatekey.txt

 SSLCertificateFile="${catalina.base}/conf/milestone.lobby3.raknet.com.txt"
SSLCertificateChainFile="${catalina.base}/conf/intermediate.txt"
/>

I notice on this page
http://tomcat.apache.org/tomcat-7.0-doc/config/http.html#SSL%20Support it
says (NOT RECOMMENDED) in the block for SSLCertificateKeyFile. Why would it
not be recommended to use SSLCertificateKeyFile ?

Do I need to download files from OpenSSL for this to work, or do you know
if Tomcat already has built-int what I need? You said Apache "native" httpd
so perhaps I do not?

Reply via email to