Hi. I try to make a "good" tomcat config and read the docs.
Now in the Connector doc is the following statement. http://tomcat.apache.org/tomcat-9.0-doc/config/http.html#SSL_Support http://tomcat.apache.org/tomcat-10.0-doc/config/http.html#SSL_Support Each secure connector must define at least one SSLHostConfig. But when I look into the SSL/TLS Configuration How-To is the snipplet without SSLHostConfig. What's now the "best" way to setup TLS/SSL with tomcat. I would prefer to put SSLHostConfig but I'm not sure if it's the way how the developer think to setup the TLS in tomcat? I use JSSE as implementation. http://tomcat.apache.org/tomcat-9.0-doc/ssl-howto.html http://tomcat.apache.org/tomcat-10.0-doc/ssl-howto.html ``` <!-- Define an SSL Coyote HTTP/1.1 Connector on port 8443 --> <Connector protocol="org.apache.coyote.http11.Http11NioProtocol" port="8443" maxThreads="200" scheme="https" secure="true" SSLEnabled="true" keystoreFile="${user.home}/.keystore" keystorePass="changeit" clientAuth="false" sslProtocol="TLS"/> ``` What's your suggestion and opinion to configure the tomcat in a proper way to use TLS also for the future versions. Regards Alex --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
