Welcome to the Web Developer and Business Applications Forum

Here's how you can participate: Below are the general forums where you can post. Select the one that best fits the topic you wish to address.

To create a new discussion thread/topic: click on the forum link below where you'd like to add your thread, such as Tips and Tricks Exchange. Then, once you've logged in, click on the New Topic link at the top. This will allow you to create a new thread.

To respond to a current thread or post: click on the forum where the post resides, then click on the link to the thread you are responding to, and at the top click the Reply link.

If you have any questions, please feel free to call us at 630-916-0662.



A Message Board, Guestbook, or Poll hosted for your website.
Register Login New Posts Chat
 
mrc > Forums > m-Power Tips and Tricks > Using SSL on Stand Alone Tomcat
 
Username:  
Password:  
 
   
 


Thread Tools Search This Thread 
Reply
 
Author Comment
 
rickh
Moderator
Registered: 05/25/06
Posts: 27

    05/27/10 at 01:52 PMReply with quote#1
While setting up SSL for generated applications is not something covered with the Hotline, I wanted to share a document that I have used on past consulting projects. It has helped me, and I know it can help you too!
-----
This link describes how to configure SSL support on Tomcat 6. Please read the whole document to gain basic understanding of SSL mechanism and consequence of using SSL.

http://tomcat.apache.org/tomcat-6.0-doc/ssl-howto.html

For example, if we want to run m-power generated apps on SSL we need to do the following 2 steps: (assuming you are using JDK 1.6)

1. Create a keystore file by type this at a command line:
C:\>keytool -genkey -alias tomcat -keyalg RSA
(we have entered password as ‘changeit’ to simplify the process). A file .keystore is created in you home directory. Tomcat by default will look in this location for this file.

2. Modify server.xml file to add these lines to it: (you may already have these lines in the file and you only need to uncomment them out)

maxThreads="150" minSpareThreads="25" maxSpareThreads="75"
enableLookups="false" disableUploadTimeout="true"
acceptCount="100" debug="0" scheme="https" secure="true"
clientAuth="false" sslProtocol="TLS" />

Of course, because we created this Key ourselves, our browser is going to complain that the certificate is not authentic. That makes sense -- Firefox or IE cannot trust me (or you!). In a real world scenario (i.e. banking), you will need to buy a key from a reputable company. This key would then replace the one you created in step #1.
Previous Thread | Next Thread
Reply

  Bookmarks  
Digg Diggdel.icio.us del.icio.usStumbleUpon StumbleUponGoogle Google

mrc (US)
555 Waters Edge
Suite 120
Lombard, IL 60148
630-916-0662
mrc (UK)
Argyle House
1 Dee Road
Richmond, Surrey
TW9 2JN
+44-20-8322-7720
Links
Employee Intranet
Privacy Policy
Newsletter Signup
Contact Us