On 22 Oct 2010, at 13:54, Richard da Silva <roman_s...@yahoo.com> wrote:
> Hi all, > > I've been fighting with a very silly problem all day. > > I have an instance of Sun Identity Manager (IDM) running on a Tomcat server. > > To be able to use some of its Resources features, we have had to create and > install SSL Certificates. > > Using some of the online documentation on the installation of SSL > Certificates, I was able to successfully copy the Certificate to the > keystore. (I did not create a new keystore. Instead, I used the default > keystore which comes with the JAVA kit : "cacerts" ) > > Everything seemed to work fine, and I got the confirmation message saying : > "Certificate installed in keystore" > > The final stage involves configuring the Tomcat "server.xml" file, to be able > to allow SSL connection, and also to pinpoint the location of the Keystore. > > First, I commented out the "Connector Port 8080" details. And then, I > modified the "Connector port 8443" as follows : > > > <Connector port="8443" maxHttpHeaderSize="8192" maxThreads="150" > minSpareThreads="25" maxSpareThreads="75" enableLookups="false" > disableUploadTimeout="true" acceptCount="100" scheme="https" secure="true" > SSLEnabled="true" clientAuth="false" sslProtocol="TLS" keyAlias="tomcat" > keystoreFile="C:\Program Files\Java\jdk1.6.0_21\jre\lib\security\cacerts" > keypass="my_password"/> You need to specify that it's an HTTP connector, rather than say an AJP connector. Check your configuration against the docs. p > And, this is where my problems began. > > For some reason, I cannot get this to work. > > At first, I was using Tomcat version 6.0.21 > > I began to get several errors in my Tomcat window > > (a) only one usage allowed for each of the following : port / protocol / > maxThreads, > > etc, etc > > (b) System parameter "maxThreads"........no match found for parameter; > System parameter "scheme"........no match found for parameter; > System parameter "clientAuth"........no match found for parameter; > > etc, etc > > > > I began to wonder if, maybe, there was something wrong with the Tomcat > version (6.0.21) > > Last year, I had successfully performed a similar procedure (installed > Certificate, modified Tomcat server.xml file, etc). But, that version I used > was : 6.0.18 > > So, I decided to try it. I downloaded an older version of Tomcat (6.0.18), > and repeated the process all over again. > > This time, there were none of the above-mentioned errors. But, I got another > error : > > Alias "tomcat" not found. > > So, I removed that line ----- keyAlias="tomcat" ---- and re-started the > server. > > This time, something else happened : when I start-up the server, the Tomcat > window goes haywire. I see phrases and lines of data (output) flashing on the > screen at the speed of light. And, then, my computer hangs. I have to > re-boot it, to get it working again. > > I'm at a total loss. > > I have racked my brain for any and all possible causes. At first, I thought > that, maybe, I ought to have created a whole NEW keystore (as it mentions in > the online manual). But, since I was able to successfully import my > certificate into the default "cacerts", I figured that was not the reason. > > And, besides, there is obviously something wrong with the newer version of > Tomcat, because the older version (which I am now using), did not give me > those earlier errors. > > But, I still do not know what I am doing wrong. > > Any help will be greatly appreciated. > > > Thanks. > > > Richard da Silva > > --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org