RE: certificate for tomcat and ssl

Thu, 31 May 2001 05:43:25 -0700 

We use Tomcat 3.2.1 with IIS5.0 on Win2k.  We setup our Tomcat the same
way and all works well here too.

Todd

-----Original Message-----
From: Twylite [mailto:[EMAIL PROTECTED]]
Sent: Thursday, May 31, 2001 4:47 PM
To: [EMAIL PROTECTED]
Subject: Re:certificate for tomcat and ssl


Hi

>Has someone configured tomcat to work with SSL without use APACHE
server? I've try lot of things and 
nothing has worked, i'm seeking for all the steps to generated
certificate and configure tomcat to work with it. 
Can someone help me?


I am running Tomcat 3.2.1 (as its own webserver) under Windows 2000 with
Sun's JDK 1.3.  I have SSL 
working successfully.  For the most part following the tomcat-ssl HOWTO
is the right way to go.  This is what I 
did (if I remember correctly):

Download the JSSE jar file from sun
(http://java.sun.com/products/jsse/).  Place the .jar file in your 
$JAVA_HOME/jre/lib/ext directory, as well as in $TOMCAT_HOME/lib .  You
shouldn't need both, but I have 
class-not-found problems otherwise.

Tomcat 3.2.1 is compiled with SSL support, as long as it finds that
jsse.jar file, so that's all okay.

Find the file $JAVA_HOME/jre/lib/security/java.security.  There is
probably already a line starting with 
"security.provide.2" - comment it out with a #, and add the line:
        security.provider.2=com.sun.net.ssl.internal.ssl.Provider 

Now create yourself an SSL certificate, using the Java "keytool"
utility.  You should run:
        keytool -genkey -alias tomcat
Answer all the questions, and use the same password for the keystore and
the key you generate!

Now you need to edit your $TOMCAT_HOME/conf/server.xml file, and add in
the SSL configuration:
(if you have an HTML browser, the next bit, which is XML, will be
missing.  Have a nice day.)

        <Connector
className="org.apache.tomcat.service.PoolTcpConnector">
            <Parameter name="handler" 
 
value="org.apache.tomcat.service.http.HttpConnectionHandler"/>
            <Parameter name="port" 
                value="8443"/>
            <Parameter name="socketFactory" 
                value="org.apache.tomcat.net.SSLSocketFactory" />
        <Parameter name="keypass" value="mypass"/>
        </Connector>

Now restart your tomcat server, and watch as it hopefully finds
everything and starts listening for SSL 
connections on port 8443.

Twylite

Reply via email to