On 22/10/2010 14:04, Pid * wrote: > On 22 Oct 2010, at 13:54, Richard da Silva <roman_s...@yahoo.com> wrote: > >> Hi all, >> >> I've been fighting with a very silly problem all day. >> >> I have an instance of Sun Identity Manager (IDM) running on a Tomcat server. >> >> To be able to use some of its Resources features, we have had to create and >> install SSL Certificates. >> >> Using some of the online documentation on the installation of SSL >> Certificates, I was able to successfully copy the Certificate to the >> keystore. (I did not create a new keystore. Instead, I used the default >> keystore which comes with the JAVA kit : "cacerts" ) >> >> Everything seemed to work fine, and I got the confirmation message saying : >> "Certificate installed in keystore" >> >> The final stage involves configuring the Tomcat "server.xml" file, to be >> able to allow SSL connection, and also to pinpoint the location of the >> Keystore. >> >> First, I commented out the "Connector Port 8080" details. And then, I >> modified the "Connector port 8443" as follows : >> >> >> <Connector port="8443" maxHttpHeaderSize="8192" maxThreads="150" >> minSpareThreads="25" maxSpareThreads="75" enableLookups="false" >> disableUploadTimeout="true" acceptCount="100" scheme="https" secure="true" >> SSLEnabled="true" clientAuth="false" sslProtocol="TLS" keyAlias="tomcat" >> keystoreFile="C:\Program Files\Java\jdk1.6.0_21\jre\lib\security\cacerts" >> keypass="my_password"/> > > You need to specify that it's an HTTP connector, rather than say an > AJP connector. > > Check your configuration against the docs.
Actually, I'm talking total nonsense. Can you please remove the comments from server.xml and paste it, inline, into here? The docs are here: http://tomcat.apache.org/tomcat-6.0-doc/config/http.html p >> And, this is where my problems began. >> >> For some reason, I cannot get this to work. >> >> At first, I was using Tomcat version 6.0.21 >> >> I began to get several errors in my Tomcat window >> >> (a) only one usage allowed for each of the following : port / protocol / >> maxThreads, >> >> etc, etc >> >> (b) System parameter "maxThreads"........no match found for parameter; >> System parameter "scheme"........no match found for parameter; >> System parameter "clientAuth"........no match found for parameter; >> >> etc, etc >> >> >> >> I began to wonder if, maybe, there was something wrong with the Tomcat >> version (6.0.21) >> >> Last year, I had successfully performed a similar procedure (installed >> Certificate, modified Tomcat server.xml file, etc). But, that version I >> used was : 6.0.18 >> >> So, I decided to try it. I downloaded an older version of Tomcat (6.0.18), >> and repeated the process all over again. >> >> This time, there were none of the above-mentioned errors. But, I got another >> error : >> >> Alias "tomcat" not found. >> >> So, I removed that line ----- keyAlias="tomcat" ---- and re-started the >> server. >> >> This time, something else happened : when I start-up the server, the Tomcat >> window goes haywire. I see phrases and lines of data (output) flashing on >> the screen at the speed of light. And, then, my computer hangs. I have to >> re-boot it, to get it working again. >> >> I'm at a total loss. >> >> I have racked my brain for any and all possible causes. At first, I thought >> that, maybe, I ought to have created a whole NEW keystore (as it mentions in >> the online manual). But, since I was able to successfully import my >> certificate into the default "cacerts", I figured that was not the reason. >> >> And, besides, there is obviously something wrong with the newer version of >> Tomcat, because the older version (which I am now using), did not give me >> those earlier errors. >> >> But, I still do not know what I am doing wrong. >> >> Any help will be greatly appreciated. >> >> >> Thanks. >> >> >> Richard da Silva >> >>
0x62590808.asc
Description: application/pgp-keys
signature.asc
Description: OpenPGP digital signature