Re: Tomcat 5.5 won't do TLS
On 4 May 2010 14:22, Looijmans, Mike mike.looijm...@oce.com wrote: I'm trying to enable TLS (or SSL) in a Tomcat 5.5.29 server, on a Windows XP machine. Whatever I do, I always end up with a server that just delivers plain HTML on port 443, and it doesn't even try to use TLS. [...] !-- Define a SSL HTTP/1.1 Connector on port 443 -- Connector port=443 maxHttpHeaderSize=8192 maxThreads=150 minSpareThreads=2 maxSpareThreads=75 enableLookups=false disableUploadTimeout=true acceptCount=10 scheme=https secure=true clientAuth=false sslProtocol=TLS keystoreFile=conf/server.ks keystorePass=tomcat / See http://tomcat.apache.org/tomcat-5.5-doc/ssl-howto.html . I suspect you're missing: SSLEnabled=true - Peter - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: Tomcat 5.5 won't do TLS
2010/5/4 Looijmans, Mike mike.looijm...@oce.com: May 4, 2010 3:13:52 PM org.apache.coyote.http11.Http11AprProtocol init INFO: Initializing Coyote HTTP/1.1 on http-443 The Apr in the above message means that you are using APR version of the connector. !-- Define a SSL HTTP/1.1 Connector on port 443 -- Connector port=443 maxHttpHeaderSize=8192 maxThreads=150 minSpareThreads=2 maxSpareThreads=75 enableLookups=false disableUploadTimeout=true acceptCount=10 scheme=https secure=true clientAuth=false sslProtocol=TLS keystoreFile=conf/server.ks keystorePass=tomcat / When APR version of the connector is used, you should specify the SSLCertificateFile and SSLCertificateKeyFile attributes. The keystoreFile attribute is ignored. See http://tomcat.apache.org/tomcat-5.5-doc/ssl-howto.html See also configuration reference: http://tomcat.apache.org/tomcat-5.5-doc/config/http.html If you do not want to use the APR connector, you can either remove bin/tcnative-1.dll, or set protocol=org.apache.coyote.http11.Http11Protocol FIXME: 1) The SSLEnabled attribute is @since Tomcat 6. It should not be present in the examples, though it does not hurt, because unknown configuration attributes are ignored in Tomcat 5.5 2) SSLCertificateFile, SSLCertificateKeyFile are not mentioned in the configuration reference (config/http.html). Best regards, Konstantin Kolinko - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
RE: Tomcat 5.5 won't do TLS
From: Looijmans, Mike [mailto:mike.looijm...@oce.com] Subject: Tomcat 5.5 won't do TLS Connector port=443 maxHttpHeaderSize=8192 maxThreads=150 minSpareThreads=2 maxSpareThreads=75 enableLookups=false disableUploadTimeout=true acceptCount=10 scheme=https secure=true clientAuth=false sslProtocol=TLS keystoreFile=conf/server.ks keystorePass=tomcat / Note that the above is for the Java-based SSL connector, but... May 4, 2010 3:13:52 PM org.apache.coyote.http11.Http11AprProtocol init INFO: Initializing Coyote HTTP/1.1 on http-443 You're using the APR version, since you have tcnative-1.dll in Tomcat's bin directory. You can either disable APR by renaming or deleting the above .dll file (and adding the SSLEnabled=true attribute, as Peter mentioned), or change your SSL configuration to the APR settings: http://tomcat.apache.org/tomcat-5.5-doc/apr.html#HTTPS - Chuck THIS COMMUNICATION MAY CONTAIN CONFIDENTIAL AND/OR OTHERWISE PROPRIETARY MATERIAL and is thus for use only by the intended recipient. If you received this in error, please contact the sender and delete the e-mail and its attachments from all computers. - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org