Hi all,
New to this listserv. I had jumped the gun and submitted a bug, as I really
do think it is a bug, but I was told to come here first. So I am here :D
Anyway,
Here's the issue that I'm looking for insight on(I did a workaround that
seems to work fine, just doesn't make sense why it works differently on OS
if Tomcat is portable across OS).
Tomcat 7.0.47
Using SSL on a connector, defining the connector like so...
<Connector port="443"
maxThreads="150" minSpareThreads="25" maxSpareThreads="75"
enableLookups="false" disableUploadTimeout="true"
acceptCount="101" debug="0" scheme="https" secure="true"
SSLEnabled="true" keyAlias="MyAlias"
keystoreFile="<relative path to file cert file>.pfx"
keystoreType="pkcs12"
keystorePass="mypassword"
clientAuth="false" sslProtocol="TLS"
/>
Seems as though on Linux, works like a charm...
When I recreate this install on a Windows 2008 R2 box, I get an error
SEVERE: Failed to initialize end point associated with ProtocolHandler [...]
java.lang.Exception: Connector attribute SSLCertificateFile must be defined
when using SSL with APR
I have to take out the following line from the server.xml
<Listener className="org.apache.catalina.core.AprLifecycleListener"
SSLEngine="on" />
Now, from what I'm reading(far from an expert here) it looks like APR is
OpenSSL and if you comment this out, it defaults to JSSE's SSL "stuff".
When I google further, it seems that people are having this issue and they
think it's related to how the .pfx file is being read in, text vs binary.
Anyway, I've contacted a few colleagues that do the same thing as me at
other organizations, and they have been able to reproduce this problem.
It just doesn't seem right that I can't do the same thing on a Windows box.
Anyone have any thoughts?
Mike.
--
Mike Johnson
Datatel Programmer/Analyst
Northern Ontario School of Medicine
955 Oliver Road
Thunder Bay, ON P7B 5E1
Phone: (807) 766-7331
Email: mike.john...@nosm.ca
