I am abandoning the IIS/isapi_redirect.dll method of authenticating via SSL into our web application due to the "authentication" process taking a while, causing the web app to run abnormally slow.
I am wanting to use our server certificate (PKCS12) as the keystore. I've
been doing a lot of research and it seems that I need to import the root
certificates into the keystore using OpenSSL. What I am not too clear on is
how to edit the server.xml file to accommodate these configurations. Here is
what I have thus far, however, SSL does not seem to be working.
Copied from Notepad:
<!-- Define a SSL HTTP/1.1 Connector on port 8443
This connector uses the JSSE configuration, when using APR, the
connector should be using the OpenSSL style configuration
described in the APR documentation -->
<Connector port="443" protocol="HTTP/1.1" SSLEnabled="true"
maxThreads="150" scheme="https" secure="true"
keystoreFile="C:\Program Files\Apache Software
Foundation\Tomcat 6.0\con\geo.pfx"
keystorePass="password" keystoreType="pkcs12"
clientAuth="false" sslProtocol="TLS" />
smime.p7s
Description: S/MIME cryptographic signature
