We've been running with Tomcat 4 and Apache 2 for a very long time. Recently another department was put in charge of all of our static pages. This means we will have nothing on our servers but dynamic pages (java web apps) and this is good. The other department specializes in static HTML pages. We are now playing more to our strengths. I've removing Apache/mod_jk from the mix and we are now running exclusively on Tomcat 5, on our development server. Previously we couldn't get our apps to run on Tomcat 5 but I've figured it out recently and was hoping that perhaps we might see a little bit of a performance increase.
If the testing works out and our apps benchmark well under Tomcat we will move our production servers to Tomcat 5 exclusively. This is why I needed to be sure I could move the SSL certs between the two servers. Thanks, -Mark -----Original Message----- From: Mikhail Kruk [mailto:[EMAIL PROTECTED] Sent: Friday, April 01, 2005 9:31 AM To: Tomcat Users List Subject: RE: SSL configuration question Fortunately it's not that Frequent that people end up where you did :) You should first finalize your config and decide whether you will run Tomcat standalone or with Apache/IIS, test it with a self-signed cert and only actually go ahead and buy the real cert before going live. > Thanks, the link you provided allowed me to get it imported correctly. > This should go on a FAQ. > > Thanks again, > -Mark > > > -----Original Message----- > From: Mikhail Kruk [mailto:[EMAIL PROTECTED] > Sent: Thursday, March 31, 2005 3:42 PM > To: Tomcat Users List > Subject: RE: SSL configuration question > > > The certificate I imported was not self-signed (or should not be). > > It is what I received back from Entrust after submitting a CSR. It > > was already in use on Apache before I decided not to use Apache anymore. > > It worked before on Apache. I shut down apache and was intending to > > use the cert on only Tomcat. > > You can't easily import the certificate that was generated for Apache > into Tomcat -- you need to have the prvite key part in your keystore > and your private key is in your Apache. There must be a way to get > the key from Apache and move it to Tomcat, but I'm not sure what it is. > This might help: > http://kb.thawte.com/thawte/thawte/esupport.asp?id=vs24694 > > > > > > > Thanks, > > -Mark > > > > > > -----Original Message----- > > From: Sasisekar S Sundaram [mailto:[EMAIL PROTECTED] > > Sent: Thursday, March 31, 2005 2:43 PM > > To: Tomcat Users List > > Subject: Re: SSL configuration question > > > > It shows both "issued to" and "issue by" because it is a self signed > > certificate. when you get you certificate authorized by some one > > like verisign, and then import that certificate into your keystore, > > you'll get "issued by" as that certifying authority's name. > > ----- Original Message ----- > > From: "Faine, Mark" <[EMAIL PROTECTED]> > > To: "'Tomcat Users List'" <tomcat-user@jakarta.apache.org> > > Sent: Thursday, March 31, 2005 1:13 PM > > Subject: RE: SSL configuration question > > > > > > > Thanks, I tried that before and got a permission error, but it > > > works > now. > > > > > > -Mark > > > > > > > > > -----Original Message----- > > > From: Hein Behrens [mailto:[EMAIL PROTECTED] > > > Sent: Thursday, March 31, 2005 12:41 PM > > > To: Tomcat Users List > > > Subject: Re: SSL configuration question > > > > > > Answer to number 2 is edit your server.xml change 8443 to 443 in > > > the ssl section also check that the the normal port redirects to 443. > > > > > > Where you see 8443 change to 443. > > > > > > 2 changes in your server.xml. > > > > > > > > > ----- Original Message ----- > > > From: "Faine, Mark" <[EMAIL PROTECTED]> > > > To: <tomcat-user@jakarta.apache.org> > > > Sent: Thursday, March 31, 2005 7:44 PM > > > Subject: SSL configuration question > > > > > > > > > > Solaris 8, Tomcat 5.0.28 > > > > > > > > I've configured my tomcat installation with my SSL key from > > > > Entrust > and > > it > > > > is working (sort of). > > > > > > > > 1. It is not correctly configured. It shows my organization as > > > > both "issued to" and "issue by" when I view the certificate information. > > Could > > > > someone explain what I have done wrong and how to correct it. > > > > > > > > 2. It must be run on port 8443 because I need to run it as a > > > > user > other > > > > than root. How can I bypass this limitation and run it on the > standard > > > 443 > > > > port? > > > > > > > > Thanks, > > > > -Mark > > > > > > > > ---------------------------------------------------------------- > > > > ----- To unsubscribe, e-mail: > > > > [EMAIL PROTECTED] > > > > For additional commands, e-mail: > > > > [EMAIL PROTECTED] > > > > > > > > > > > > > > ------------------------------------------------------------------ > > > --- To unsubscribe, e-mail: > > > [EMAIL PROTECTED] > > > For additional commands, e-mail: > > > [EMAIL PROTECTED] > > > > > > ------------------------------------------------------------------ > > > --- To unsubscribe, e-mail: > > > [EMAIL PROTECTED] > > > For additional commands, e-mail: > > > [EMAIL PROTECTED] > > > > > > > > > -------------------------------------------------------------------- > > - To unsubscribe, e-mail: [EMAIL PROTECTED] > > For additional commands, e-mail: [EMAIL PROTECTED] > > > > -------------------------------------------------------------------- > > - To unsubscribe, e-mail: [EMAIL PROTECTED] > > For additional commands, e-mail: [EMAIL PROTECTED] > > > > > > --------------------------------------------------------------------- > To unsubscribe, e-mail: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED] > > --------------------------------------------------------------------- > To unsubscribe, e-mail: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED] > > --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
