I use this in my configuration and it works, i think you miss the protocol and scheme attribute. Ciao. Stefano.
<Connector port="8443" protocol="HTTP/1.1" SSLEnabled="true" maxThreads="150" scheme="https" secure="true" clientAuth="false" sslProtocol="TLS" keystoreFile="/usr/local/tomcat/conf/.keystore" keypass="tomcat" /> Il giorno ven, 22/10/2010 alle 07.45 -0700, Richard da Silva ha scritto: > "You need to specify that it's an HTTP connector, rather than say an > AJP connector. > > Check your configuration against the docs." > > > Sorry, I don't understand what you said. Specify this where, exactly? > > And, which docs should I check? I've been over everything, and have found > nothing remotely addressing my problem. > > > Richard da Silva > > --- On Fri, 10/22/10, Pid * <p...@pidster.com> wrote: > > From: Pid * <p...@pidster.com> > Subject: Re: SSL Certificate : Unable to configure Tomcat "server.xml" > To: "Tomcat Users List" <users@tomcat.apache.org> > Date: Friday, October 22, 2010, 4:04 PM > > On 22 Oct 2010, at 13:54, Richard da Silva <roman_s...@yahoo.com> wrote: > > > Hi all, > > > > I've been fighting with a very silly problem all day. > > > > I have an instance of Sun Identity Manager (IDM) running on a Tomcat server. > > > > To be able to use some of its Resources features, we have had to create and > > install SSL Certificates. > > > > Using some of the online documentation on the installation of SSL > > Certificates, I was able to successfully copy the Certificate to the > > keystore. (I did not create a new keystore. Instead, I used the > default keystore which comes with the JAVA kit : "cacerts" ) > > > > Everything seemed to work fine, and I got the confirmation message saying : > > "Certificate installed in keystore" > > > > The final stage involves configuring the Tomcat "server.xml" file, to be > > able to allow SSL connection, and also to pinpoint the location of the > > Keystore. > > > > First, I commented out the "Connector Port 8080" details. And then, I > > modified the "Connector port 8443" as follows : > > > > > > <Connector port="8443" maxHttpHeaderSize="8192" maxThreads="150" > > minSpareThreads="25" maxSpareThreads="75" enableLookups="false" > > disableUploadTimeout="true" acceptCount="100" scheme="https" secure="true" > > SSLEnabled="true" clientAuth="false" sslProtocol="TLS" keyAlias="tomcat" > > keystoreFile="C:\Program Files\Java\jdk1.6.0_21\jre\lib\security\cacerts" > > keypass="my_password"/> > > You need to specify that it's an HTTP > connector, rather than say an > AJP connector. > > Check your configuration against the docs. > > > p > > > > And, this is where my problems began. > > > > For some reason, I cannot get this to work. > > > > At first, I was using Tomcat version 6.0.21 > > > > I began to get several errors in my Tomcat window > > > > (a) only one usage allowed for each of the following : port / protocol / > > maxThreads, > > > > etc, etc > > > > (b) System parameter "maxThreads"........no match found for parameter; > > System parameter "scheme"........no match found for parameter; > > System parameter "clientAuth"........no match found for parameter; > > > > etc, etc > > > > > > > > I began to wonder if, maybe, there was something wrong with the Tomcat > > version (6.0.21) > > > > Last year, I had successfully performed a > similar procedure (installed Certificate, modified Tomcat server.xml file, > etc). But, that version I used was : 6.0.18 > > > > So, I decided to try it. I downloaded an older version of Tomcat (6.0.18), > > and repeated the process all over again. > > > > This time, there were none of the above-mentioned errors. But, I got > > another error : > > > > Alias "tomcat" not found. > > > > So, I removed that line ----- keyAlias="tomcat" ---- and re-started the > > server. > > > > This time, something else happened : when I start-up the server, the Tomcat > > window goes haywire. I see phrases and lines of data (output) flashing on > > the screen at the speed of light. And, then, my computer hangs. I have to > > re-boot it, to get it working again. > > > > I'm at a total loss. > > > > I have racked my brain for any and all possible causes. At first, I thought > > that, maybe, I ought to have created a whole > NEW keystore (as it mentions in the online manual). But, since I was able to > successfully import my certificate into the default "cacerts", I figured that > was not the reason. > > > > And, besides, there is obviously something wrong with the newer version of > > Tomcat, because the older version (which I am now using), did not give me > > those earlier errors. > > > > But, I still do not know what I am doing wrong. > > > > Any help will be greatly appreciated. > > > > > > Thanks. > > > > > > Richard da Silva > > > > > > --------------------------------------------------------------------- > To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org > For additional commands, e-mail: users-h...@tomcat.apache.org > > > > >