I'm using CentOS and making protocol="HTTP/1.1" does not work for some
reason, you need another protoco (check the bold part).
Here is my config (placement of pk12 files is not important in regards to
tomcat configuration, it is up to you to put it maybe in some nice place)
<Connector port="8843" protocol="*
org.apache.coyote.http11.Http11NioProtocol*" SSLEnabled="true"
maxThreads="150" scheme="https" secure="true"
clientAuth="false" sslProtocol="TLS"
keystoreType="PKCS12"
keystoreFile="/etc/cloudstack/management/cloud-localhost.pk12"
keystorePass="mypasss"
/>
On 29 October 2013 10:12, Erdősi Péter <[email protected]> wrote:
> Hy,
>
> 2013.10.29. 10:02 keltezéssel, Indra Pramana írta:
>
> I have put the cloud-localhost.pk12 on the folder. What's next?:)
>>
> I already configured this.
> In my server.xml i definied this:
>
> <Connector port="8443" protocol="HTTP/1.1" SSLEnabled="true"
> maxThreads="150" scheme="https" secure="true"
> clientAuth="false" sslProtocol="TLS"
> keystoreType="PKCS12"
> keystoreFile="conf/cloud.**somewhere.com.pk12"
> keystorePass="PASSWORD"
> />
>
> The conf directory is there (Ubuntu package installed):
> /usr/share/cloudstack-**management/conf/
> but it's just a symlink to /etc/cloudstack/management, so if You copied
> it, should be good, but need the conf/ path, cause CS search cert on
> /usr/share/...
>
> And I also put this iptables rule :
> iptables -t nat -A PREROUTING -i eth0 -p tcp -m tcp --dport 443 -j
> REDIRECT --to-ports 8443
>
> to reach the frontend at 443.
>
> Hope that helps,
>
> Regards,
> Fazy
>
>
--
Andrija Panić
--------------------------------------
http://admintweets.com
--------------------------------------
