> On Jan 4, 2018, at 1:53 AM, Mark Thomas <ma...@apache.org> wrote: > > This might help. > > https://www.youtube.com/watch?v=I6TbMqH9WFg > <https://www.youtube.com/watch?v=I6TbMqH9WFg> It was, along with the script (after a little search and replace on / and \).
I have just walked through this and worked alongside with the script. All seemed to go well, nice to see that experienced presenters fumble passwords and forget to clean out old files, but I’m not quite there. Learned a few things about setting defaults in openssl.cnf do I don’t have to retype and get it wrong from one step to the next (did I do uppercase or lowercase last time?). The log shows that tomcat is running, I see it listening on port 8443, but it times out. It’s literally 10 feet from me, one hop via my wireless router, so I’m pretty confident it’s not a network error. Is there a way to run tomcat with no encryption at all? The system it runs on sits on a table across the room and is behind a router on a private network. I may never need encryption if the application itself doesn’t work. So the fact that this is so fiddly to get working chafes a bit. The only reason I need tomcat is to run another application which has its own configuration/documentation/deployment issues and I can’t get to that til this works. If my nginx instance is encrypted, do I need tomcat to be as well? Can I forward requests to it that are already encrypted, all through nginx? What might be useful, as well, is a similar script, with or without video, that explicitly details using LetsEncrypt certs with tomcat. This makes tomcat more accessible and perhaps increases the use of reliable encryption for more sites and services.
