On 22/10/2010 14:04, Pid * wrote:
> On 22 Oct 2010, at 13:54, Richard da Silva <roman_s...@yahoo.com> wrote:
> 
>> Hi all,
>>
>> I've been fighting with a very silly problem all day.
>>
>> I have an instance of Sun Identity Manager (IDM) running on a Tomcat server.
>>
>> To be able to use some of its Resources features, we have had to create and 
>> install SSL Certificates.
>>
>> Using some of the online documentation on the installation of SSL 
>> Certificates, I was able to successfully copy the Certificate to the 
>> keystore. (I did not create a new keystore. Instead, I used the default 
>> keystore which comes with the JAVA kit :  "cacerts" )
>>
>> Everything seemed to work fine, and I got the confirmation message saying : 
>> "Certificate installed in keystore"
>>
>> The final stage involves configuring the Tomcat "server.xml" file, to be 
>> able to allow SSL connection, and also to pinpoint the location of the 
>> Keystore.
>>
>> First, I commented out the "Connector Port 8080" details.  And then, I 
>> modified the "Connector port 8443" as follows :
>>
>>
>> <Connector port="8443" maxHttpHeaderSize="8192" maxThreads="150" 
>> minSpareThreads="25" maxSpareThreads="75" enableLookups="false" 
>> disableUploadTimeout="true" acceptCount="100" scheme="https" secure="true" 
>> SSLEnabled="true" clientAuth="false" sslProtocol="TLS" keyAlias="tomcat"
>> keystoreFile="C:\Program Files\Java\jdk1.6.0_21\jre\lib\security\cacerts" 
>> keypass="my_password"/>
> 
> You need to specify that it's an HTTP connector, rather than say an
> AJP connector.
> 
> Check your configuration against the docs.

Actually, I'm talking total nonsense.

Can you please remove the comments from server.xml and paste it, inline,
into here?


The docs are here:

 http://tomcat.apache.org/tomcat-6.0-doc/config/http.html


p


>> And, this is where my problems began.
>>
>> For some reason, I cannot get this to work.
>>
>> At first, I was using Tomcat version 6.0.21
>>
>> I began to get several errors in my Tomcat window
>>
>> (a)  only one usage allowed for each of the following :  port / protocol / 
>> maxThreads,
>>
>> etc, etc
>>
>> (b) System parameter "maxThreads"........no match found for parameter;
>>      System parameter "scheme"........no match found for parameter;
>>      System parameter "clientAuth"........no match found for parameter;
>>
>> etc, etc
>>
>>
>>
>> I began to wonder if, maybe, there was something wrong with the Tomcat 
>> version (6.0.21)
>>
>> Last year, I had successfully performed a similar procedure (installed 
>> Certificate, modified Tomcat server.xml file, etc).  But, that version I 
>> used was :  6.0.18
>>
>> So, I decided to try it.  I downloaded an older version of Tomcat (6.0.18), 
>> and repeated the process all over again.
>>
>> This time, there were none of the above-mentioned errors. But, I got another 
>> error :
>>
>> Alias "tomcat" not found.
>>
>> So, I removed that line ----- keyAlias="tomcat" ---- and re-started the 
>> server.
>>
>> This time, something else happened : when I start-up the server, the Tomcat 
>> window goes haywire. I see phrases and lines of data (output) flashing on 
>> the screen at the speed of light. And, then, my computer hangs.  I have to 
>> re-boot it, to get it working again.
>>
>> I'm at a total loss.
>>
>> I have racked my brain for any and all possible causes. At first, I thought 
>> that, maybe, I ought to have created a whole NEW keystore (as it mentions in 
>> the online manual). But, since I was able to successfully import my 
>> certificate into the default "cacerts", I figured that was not the reason.
>>
>> And, besides, there is obviously something wrong with the newer version of 
>> Tomcat, because the older version (which I am now using), did not give me 
>> those earlier errors.
>>
>> But, I still do not know what  I am doing wrong.
>>
>> Any help will be greatly appreciated.
>>
>>
>> Thanks.
>>
>>
>> Richard da Silva
>>
>>

Attachment: 0x62590808.asc
Description: application/pgp-keys

Attachment: signature.asc
Description: OpenPGP digital signature

Reply via email to