Versions Compared

Old Version 5

changes.mady.by.user David E Tanner

Saved on

compared with

New Version Current

changes.mady.by.user David E Tanner

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Comment: Migration of unmigrated content due to installation of a new plugin

...

Panel

To use the Java "server certificate" and "trusted server" jsk keystores with Tomcat, edit the Tomcat's server.xml file (found in $TOMCAT_HOME/conf) and find the line below:

    <!-- Define a SSL HTTP/1.1 Connector on port 8443 -->

Immediately following the above line, add the following lines and save the changes:

    <Connector portSSLEnabled="8443true"
     maxHttpHeaderSizeacceptCount="8192100"
     maxThreadsclassName="150org.apache.catalina.connector.http.HttpConnector"
     minSpareThreadsclientAuth="25true"
     maxSpareThreadsdisableUploadTimeout="75true"
     enableLookups="true"
     disableUploadTimeoutmaxHttpHeaderSize="8192"
     maxSpareThreads="true75"
     acceptCountmaxThreads="100150"
     schememinSpareThreads="https25"
     secureport="true8443"
     sslProtocolscheme="TLShttps"
     clientAuthsecure="true"
     classNamesslProtocol="org.apache.catalina.connector.http.HttpConnectorTLS"
     keystoreFile="/path/to/keystore/<the name of your Server Certificate jks>.jks"
     keystorePass="the password for your Server Certificate jks"
     truststoreFile="/path/to/keystore/<the name of your Server Trust Store jks>.jks"
     truststorePass="the password for your Server Trust Store jks"
     />

When you have completed the above and have saved the changed; restart Tomcat. Once Tomcat has started, https will now be available on port 8443 and http will be available on port 8080.

To verify that the Tomcat configuration is correct, open a browser and go to "https://servername.mit.edu:8443/tomcat-docs/" and you should be prompted for your MIT Certificate after which the "The Apache Tomcat Servlet/JSP Container" documentation page will be displayed.