> We have an official wildcard certificate, that we can use.
> But I did not found a manual how this is to install.
You can use the java way with keystore, which is a bit
of a hassle, or the traditional way of specifying cert
and key locations.
server.xml for the latter:
<Connector port="5443" protocol="org.apache.coyote.http11.Http11AprProtocol"
maxThreads="150" SSLEnabled="true" >
<UpgradeProtocol className="org.apache.coyote.http2.Http2Protocol" />
<SSLHostConfig>
<Certificate certificateKeyFile="conf/your_key.pem"
certificateFile="conf/your_crt.pem"
certificateChainFile="conf/your_ca.pem"
type="RSA" />
</SSLHostConfig>
</Connector>
The certificates and key can be anywhere, not necessarily
in conf/, as long as the user running OM can traverse their
directory and read them. It is advisable that others cannot,
i.e. chown omuser, chmod 400.
Cheers,
Z
