I am trying to set up Tomcat for HTTPS connection with keystore and truststore files. I want to use Tomcat as the
web server so the port number is 80 and 443 for HTTP and HTTPS, respectively. I am running Tomcat on Windows XP.
Here is the 'Connector' entry in %CATALINA_HOME%\conf\server.xml.
<Connector port="443"
maxThreads="150" minSpareThreads="25" maxSpareThreads="75"
enableLookups="false" disableUploadTimeout="true"
acceptCount="100" debug="0" scheme="https" secure="true"
clientAuth="true" sslProtocol="TLS"
keystoreFile="server.ks" keystoreType="JCEKS"
keystorePass="changeit"
truststoreFile="server.ts" truststoreType="JCEKS" >
</Connector>When I start tomcat, I get the following error:
java.io.FileNotFoundException: server.ks (The system cannot find the file specif
ied)
at java.io.FileInputStream.open(Native Method)
at java.io.FileInputStream.<init>(FileInputStream.java:106)
at java.io.FileInputStream.<init>(FileInputStream.java:66)
at org.apache.tomcat.util.net.jsse.JSSESocketFactory.getStore(JSSESocket
Factory.java:262)
at org.apache.tomcat.util.net.jsse.JSSESocketFactory.getKeystore(JSSESoc
ketFactory.java:232)
......
I tried to put the file in different places, the user's home directory in C:\Documents and Settings\%user%\,
%CATALINA_HOME%\, %CATALINA_HOME%\webapps, %CATALINA_HOME%\webapps\ROOT,
but they all failed.
My questions are:
1. Where should the keystore file be stored if I set the 'keystoreFile' attribute in Connector element?
2. If I set 'clientAuth' to true, shouldn't there be a place to store the the client's certificate, i.e. the truststore?
Where do I specify the file that store the client's certificate?
I saw the truststoreFile attribute in an example from http://www.j2ee-security.net/book/sample-chap/
It sets this attribute in a 'Factory' subelement. But that is for Tomcat 4.X.
Any help is appreciated.
--------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
