Versions Compared

Old Version 2

changes.mady.by.user David E Tanner

Saved on

compared with

New Version Current

changes.mady.by.user David E Tanner

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Comment: Migration of unmigrated content due to installation of a new plugin

...

    Before you begin, you must have the following:

Panel
indent

* a server certificate Java keystore.

\\
If you do not have a server certificate Java keystore, here are {color:blue}[instructions | How to create a Server Certificate Java keystore]{color} on how to create a server certificate Java keystore.
\\
* a trusted server Java keystore.

\\
If you do not have a Trusted Server Java keystore, here are {color:blue}[instructions | How to create a Trusted Server Java keystore]{color} on how to create a trusted server Java keystore.
\\
* a Tomcat server installed on your software development workstation.

\\
If you do not have Tomcat installed on your workstation, click {color:blue}[here | http://tomcat.apache.org/]{color} to download a copy of Tomcat.\\

1.  How to configure Tomcat to use https.

Panel

To use the Java "server certificate" and "trusted server" jsk keystores with Tomcat, edit the Tomcat's server.xml file (found in $TOMCAT_HOME/conf) and find the line below:

    <!-- Define a SSL HTTP/1.1 Connector on port 8443 -->

Immediately following the above line, add the following lines and save the changes:

    <Connector portSSLEnabled="8443true"
     maxHttpHeaderSizeacceptCount="8192100"
     maxThreadsclassName="150org.apache.catalina.connector.http.HttpConnector"
     minSpareThreadsclientAuth="25true"
     maxSpareThreadsdisableUploadTimeout="75true"
     enableLookups="true"
     maxHttpHeaderSize="8192"
     disableUploadTimeoutmaxSpareThreads="true75"
     acceptCountmaxThreads="100150"
     schememinSpareThreads="https25"
     secureport="true8443"
     sslProtocolscheme="TLShttps"
     clientAuthsecure="true"
     classNamesslProtocol="org.apache.catalina.connector.http.HttpConnectorTLS"
     keystoreFile="/path/to/keystore/<the name of your Server Certificate jks>.jks"
     keystorePass="the password for your Server Certificate jks"
     truststoreFile="/path/to/keystore/<the name of your Server Trust Store jks>.jks"
     truststorePass="the password for your Server Trust Store jks" />

When you have completed the above and have saved the changed; restart Tomcat. Once Tomcat has started, https will now be available on port 8443 and http will be available on port 8080.

To verify that the Tomcat configuration is correct, open a browser and go to "https://servername.mit.edu:8443/tomcat-docs/" and you should be prompted for your MIT Certificate after which the "The Apache Tomcat Servlet/JSP Container" documentation page will be displayed.