Re: Embedded Tomcat and SSL?
I am using Tomcat as standalone and not with Apache.
I got it to work after playing with it for a while.
You have to set these undocumented properties to get SSL working
properly:
if (isSSLEnabled) {
IntrospectionUtils.setProperty(httpConnector, sslProtocol,
TLS);
IntrospectionUtils.setProperty(httpConnector, keystoreFile,
getPath()+/conf/tomcat.keystore);
IntrospectionUtils.setProperty(httpConnector, keystoreType,
JKS);
IntrospectionUtils.setProperty(httpConnector, clientAuth,
false);
httpConnector.setProtocol( SSL);
}
HTH
--- Mark [EMAIL PROTECTED] wrote:
are you using Apace with Tomcat? I have done embedded Tomcat and
SSL,
but it was Apache sitting in front of Tomcat.
On 10/6/05, [EMAIL PROTECTED]
[EMAIL PROTECTED] wrote:
Hi,
I am using an embedded tomcat instance within my application. I am
trying to set up a connector using SSL. When I start the server, it
creates the connector and bind to the port successfully. When I
request
a page from the web browser, I get the following error in my
browser:
The connection to the server has terminated unexpectedly. Some
data
may have been transferred.
The same scenario works fine with HTTP.
Here is my code snippet:
// APPPORT and isSSLEnabled are set correctly to 8443 and true.
Connector httpConnector =
this._server.createConnector((java.net.InetAddress)null,
Integer.parseInt(ApplicationResourcesUtil.getProperty(Constants.RESOURCEKEY_APPPORT)),isSSLEnabled);
//add new Connector to set of Connectors for embedded server,
associated with Engine
this._server.addConnector(httpConnector);
this._server.start();
Looking at the tomcat website, they talk about registering
keystore.
What APIs do I use to programmatically specify the keystore file?
Is
there something else that needs to be configured before SSL will
work
in the embedded more?
Thanks,
-Andy
-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail:
[EMAIL PROTECTED]
-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
Re: Embedded Tomcat and SSL? [255821:132351]
Many thanks for your email. This is an automated response acknowledging receipt.
Please be advised that Badge mailing commences beginning of October 2005.
Should your message require a response we will respond shortly.
Regards
Meridian Club
-Original Message-
From: [EMAIL PROTECTED]
Received: 10/7/2005 5:45 PM
To: Tomcat Users List tomcat-user@jakarta.apache.org; Mark [EMAIL
PROTECTED]
Subject: Re: Embedded Tomcat and SSL?
I am using Tomcat as standalone and not with Apache.
I got it to work after playing with it for a while.
You have to set these undocumented properties to get SSL working
properly:
if (isSSLEnabled) {
IntrospectionUtils.setProperty(httpConnector, sslProtocol,
TLS);
IntrospectionUtils.setProperty(httpConnector, keystoreFile,
getPath()+/conf/tomcat.keystore);
IntrospectionUtils.setProperty(httpConnector, keystoreType,
JKS);
IntrospectionUtils.setProperty(httpConnector, clientAuth,
false);
httpConnector.setProtocol( SSL);
}
HTH
--- Mark [EMAIL PROTECTED] wrote:
are you using Apace with Tomcat? I have done embedded Tomcat and
SSL,
but it was Apache sitting in front of Tomcat.
On 10/6/05, [EMAIL PROTECTED]
[EMAIL PROTECTED] wrote:
Hi,
I am using an embedded tomcat instance within my application. I am
trying to set up a connector using SSL. When I start the server, it
creates the connector and bind to the port successfully. When I
request
a page from the web browser, I get the following error in my
browser:
The connection to the server has terminated unexpectedly. Some
data
may have been transferred.
The same scenario works fine with HTTP.
Here is my code snippet:
// APPPORT and isSSLEnabled are set correctly to 8443 and true.
Connector httpConnector =
this._server.createConnector((java.net.InetAddress)null,
Integer.parseInt(ApplicationResourcesUtil.getProperty(Constants.RESOURCEKEY_APPPORT)),isSSLEnabled);
//add new Connector to set of Connectors for embedded server,
associated with Engine
this._server.addConnector(httpConnector);
this._server.start();
Looking at the tomcat website, they talk about registering
keystore.
What APIs do I use to programmatically specify the keystore file?
Is
there something else that needs to be configured before SSL will
work
in the embedded more?
Thanks,
-Andy
-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail:
[EMAIL PROTECTED]
-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
--
Meridian Club
Unit 5, Caxton Centre
Porters Wood
St Albans
Herts
UNITED KINGDOM
AL3 6XT
Tel: +44 1727 738855
Fax: +44 1700 578955
email: [EMAIL PROTECTED]
-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
Re: Embedded Tomcat and SSL?
are you using Apace with Tomcat? I have done embedded Tomcat and SSL, but it was Apache sitting in front of Tomcat. On 10/6/05, [EMAIL PROTECTED] [EMAIL PROTECTED] wrote: Hi, I am using an embedded tomcat instance within my application. I am trying to set up a connector using SSL. When I start the server, it creates the connector and bind to the port successfully. When I request a page from the web browser, I get the following error in my browser: The connection to the server has terminated unexpectedly. Some data may have been transferred. The same scenario works fine with HTTP. Here is my code snippet: // APPPORT and isSSLEnabled are set correctly to 8443 and true. Connector httpConnector = this._server.createConnector((java.net.InetAddress)null, Integer.parseInt(ApplicationResourcesUtil.getProperty(Constants.RESOURCEKEY_APPPORT)),isSSLEnabled); //add new Connector to set of Connectors for embedded server, associated with Engine this._server.addConnector(httpConnector); this._server.start(); Looking at the tomcat website, they talk about registering keystore. What APIs do I use to programmatically specify the keystore file? Is there something else that needs to be configured before SSL will work in the embedded more? Thanks, -Andy - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Embedded Tomcat and SSL
Sander Smith wrote: I have a problem that I'm unfortunately finding little documentation to help. I'm writing a servlet and embedding it in a larger Java program by using the org.apache.catalina.startup.Embedded class. Things have been working fine up until now. I'm currently trying to add SSL support so that the servlet can operate securely. The only information that I can find about configuring Tomcat to do this is in the config files. This won't work for me - I need to do it programmatically like I'm doing everything else. From what I can understand, I need to create a connector for port 443, and then attach a special socket factory that deals in SSL to this connector. I thought I've done this, as well as configuring this socket factory to read the keystore where I have the necessary certificates. What I see when I run this code is I can connect to port 80 correctly (as was working before), and I can even connect to 443 if I specify http and this works (not sure why). If I try https with 443 then my browser just hangs and I can't seem to see anything going on at the server side. I've created my keystore properly. I acted as my own CA and dummied it all up - even installed the root certificate into Windows so that the browser could find it correctly. For some reason, I don't even think that the keystore file is being accessed. Any ideas on what I need to do? I'm attaching the important parts of the code that worked before and what I did to change it. You don't need to set the SSLServerSocketFactory. All you need to do is to call: connector.setKeyAlias(...) directly. Tomcat will take care of creating the factory. Thanks. -- Jeanfrancois Thanks for any help, Sander Smith // standard stuff to embed Tomcat Engine engine = null; // Set the home directory System.setProperty(catalina.home, getPath().externalForm()); // Create an embedded server embedded = new Embedded(); // print all log statements to standard error embedded.setDebug(0); // Create an engine engine = embedded.createEngine(); engine.setDefaultHost(localhost); // Create a default virtual host host = embedded.createHost(localhost, webapps); engine.addChild(host); Context context = embedded.createContext(/xxx, xxx.war); context.addParameter(INSTALL_DIR, getPath().externalForm()); host.addChild(context); // Install the assembled container hierarchy embedded.addEngine(engine); /*** ^ Start SSL Code ***/ SSLServerSocketFactoryssf = new SSLServerSocketFactory(); ssf.setKeystoreFile(c:\\KS.Keystore); ssf.setKeystorePass(KSPASSWORD); // Assemble and install a default HTTP connector Connector connector = embedded.createConnector(null, 80, false); embedded.addConnector(connector); connector = embedded.createConnector(null, 443, true); connector.setFactory(ssf); embedded.addConnector(connector); /*** ^ END SSL Code ***/ - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
