Hi, > -----Original Message----- > From: Angel, Ronald J [mailto:[EMAIL PROTECTED]] > Sent: Monday, January 21, 2002 4:49 PM > To: 'Tomcat Users List' > Subject: RE: Which SSLeay do I need...? > > > > Disclaimer, > As I a previous e-mail, I'm not a Linux/Unix/Web admin. > I'm a developer w/ a good bit of unix/linux experience who was > asked to get SSL working on a current system. > > A few people here have a bit of experience with Apache/Tomcat/SSL, > but, mostly as a user/developer not as an admin. > > Anyways, I started installing open-ssl & apache-ssl (to be replaced > w/mod-ssl) > on Friday, when someone (a co-worker) told me that wasn't necessary > for our > needs since we have little to no static content to worry about and > therefore don't > even need Apache. I was also told then that Tomcat was also a > web-server, news to me. > > Today... > I've disabled Apache (httpd stop) - no httpd processes running. > Review the changes to server.xml - basically just uncommenting > the SSL connector. > Re-started Tomcat (as a non-root user) using for 8443. (I'll try > to find out today why > this isn't running as root) > > However https://myHost/~myUser (test page) fails with "The page > cannot be displayed" > as does http://myHost/~myUser, http://myHost:8443/~myUser and > https://myHost:8443/~myUser >
I think "SSL Config HOW-TO" is just for you. :)) Did you do all it says about? At least you need to generate a keystore with aproprite sertificate. > > Question: > If I disable apache what (if anything else) do I need to do to > Tomcat? > Any server.xml mods? > Update /etc/services? https is on port 443, change to 8443? > The connector with SSL support is defined to listen on 8443 by default. It's done by port attribute. Default port for https is 443. So, if you want just https://yourHost/~yourUser you need to change port attribute to 443 in server.xml Don't forget to change redirectPort in plain http connector. > > This can really drive ya nuts. > > I think I'll go play in the snow for a while & cool off :) > This is a nice idea too :)) > > ThankX again, > > Ron > Anton. -- To unsubscribe: <mailto:[EMAIL PROTECTED]> For additional commands: <mailto:[EMAIL PROTECTED]> Troubles with the list: <mailto:[EMAIL PROTECTED]>
