| View previous topic :: View next topic |
| Author |
Message |
dasalvagg
Apprentice
Joined: 26 Jun 2002
Posts: 183
Location: NY
|
 Posted: Tue Mar 22, 2005 2:55 am Post subject: tomcat ssl setup |
 |
|
I'm trying to get tomcat working with ssl enabled. I followed a guide on the tomcat faq http://jakarta.apache.org/tomcat/tomcat-5.0-doc/ssl-howto.html
Right now when i go to https://server:8443 there is no response. A netstat on the server confirms there is nothing running on port 8443 eventho I have uncommented it in server.xml. I've restarted the tomcat process many times and there are no error messages in /var/log/tomcat-5/catalina.out
I've done the keytool generation of the certificate, and modified the /etc/tomcat-5/server.xml file. Here is the relevant section
| Quote: |
<Connector port="8443"
maxThreads="150" minSpareThreads="25" maxSpareThreads="75"
enableLookups="false" disableUploadTimeout="true"
acceptCount="100" debug="0" scheme="https" secure="true"
clientAuth="false" sslProtocol="TLS"
keystoreFile="/root/.keystore" keystorePass="changeit"
/>
|
thanks |
|
| Back to top |
|
 |
yaneurabeya
Veteran
Joined: 13 May 2004
Posts: 1754
Location: Seattle
|
| Posted: Tue Mar 22, 2005 8:31 am Post subject: |
|
|
| Maybe you can increase the verbosity of the tomcat error messages? Does it say anything about failing on startup possibly for the tomcat service? |
|
| Back to top |
|
|
dasalvagg
Apprentice
Joined: 26 Jun 2002
Posts: 183
Location: NY
|
| Posted: Tue Mar 22, 2005 9:18 pm Post subject: |
|
|
I'm having trouble getting log4j working correctly. I'm getting an error message that says
| Quote: |
log4j:WARN No appenders could be found for logger (org.apache.commons.digester.Digester.sax).
log4j:WARN Please initialize the log4j system properly.
|
Forums haven't offered any help, neither has the tomcat faq, |
|
| Back to top |
|
|
C4RD0Z4
Guru
Joined: 09 Feb 2005
Posts: 304
Location: Roma
|
| Posted: Wed May 04, 2005 11:22 am Post subject: |
|
|
Hi,
I have your same problem. Seems that Tomcat5 have problems with HTTP - SSL Connector. The SSL-HowTo is not clear. Have you ever solved this problem? |
|
| Back to top |
|
|
Salemixu
n00b
Joined: 01 Jul 2004
Posts: 72
Location: Spain
|
| Posted: Sun May 22, 2005 3:25 pm Post subject: |
|
|
Hi i had the same problem and i have just fixed it! 
Here it goes what i did regarding the problem:
When the keystore is generated you usually use the root user, so first i copied the file into the configuration folder of tomcat:
| Code: |
cp /root/.keystore /etc/tomcat5/keystore
|
then give it enough permissions so the tomcat user can red it, because it has root permisions only, remember you created it as root :p
| Code: |
chown tomcat:tomcat /etc/tomcat5/keystore
|
then on the server.xml file specify where the keystore file is and its password:
| Code: |
<Connector port="15002"
maxThreads="150" minSpareThreads="25" maxSpareThreads="75"
enableLookups="false" disableUploadTimeout="true"
acceptCount="100" debug="0" scheme="https" secure="true"
clientAuth="false" sslProtocol="TLS"
keystoreFile="/etc/tomcat5/keystore" keystorePass="abcdef" />
|
I'm using port 15002 to use ssl, if you change the port you must change the redirectPort variable in the non-ssl connector of the server.xml
Hope this helps for you guys!  |
|
| Back to top |
|
|
|
Networking & Security
