I'm still stuck after correcting the recommendation made by Daniel.
<Listener className="org.apache.catalina.core.AprLifecycleListener"
SSLEngine="on" />
<Connector
protocol="org.apache.coyote.http11.Http11AprProtocol"
port="8443" maxHttpHeaderSize="8192"
maxThreads="150" minSpareThreads="25"
enableLookups="false" disableUploadTimeout="true"
acceptCount="100" scheme="https" secure="true"
clientAuth="false" sslProtocol="TLS"
SSLEngine="true"
SSLCertificateFile="${catalina.base}\conf\cert.pem"
SSLCertificateKeyFile="${catalina.base}\conf\key.pem"
SSLPassword="tomcat"
/>
<Connector port="8009" protocol="AJP/1.3" redirectPort="8443"/>
It still gives me this error
WARNING: [SetAllPropertiesRule]{Server/Service/Connector} Setting property
'SSLEngine' to 'true' did not find a matching property.
i'm running tomcat as localhoat under netbeans.
On Fri, Dec 2, 2011 at 9:57 PM, Daniel Mikusa <dmik...@vmware.com> wrote:
> On Fri, 2011-12-02 at 01:12 -0800, Lau Eng Huat wrote:
> > Hi everybody,
> >
> > I'm stuck on this SSL over a month. I hope somebody can help me here. I'm
> > getting a Warning on "WARNING:
> > [SetAllPropertiesRule]{Server/Service/Connector} Setting property
> > 'SSLEngine' to 'on' did not find a matching property."
>
> Tomcat is telling you that the property "SSLEngine" does not exist on a
> Connector object. Note that it is not listed in the documentation
> either.
>
> https://tomcat.apache.org/tomcat-7.0-doc/config/http.html#SSL_Support
>
>
> Perhaps you are confused with the "SSLEngine" attribute of the
> AprLifecycleListener?
>
> <Listener className="org.apache.catalina.core.AprLifecycleListener"
> SSLEngine="on" />
>
>
> and perhaps you meant SSLEnabled="true" on your Connector?
>
> Example from docs:
>
> <Connector
> port="8443" maxThreads="200"
> scheme="https" secure="true" SSLEnabled="true"
> SSLCertificateFile="/usr/local/ssl/server.crt"
> SSLCertificateKeyFile="/usr/local/ssl/server.pem"
> clientAuth="optional" SSLProtocol="TLSv1"/>
>
> https://tomcat.apache.org/tomcat-7.0-doc/ssl-howto.html
>
> Dan
>
>
>
> > I have tried using
> > all this 3 Connection type but it still does not work. I'm running on
> > Tomcat 7.0
> >
> > protocol="org.apache.coyote.http11.Http11Protocol"
> > protocol="org.apache.coyote.http11.Http11NioProtocol"
> > protocol="org.apache.coyote.http11.Http11AprProtocol"
> >
> > 1. # openssl req -new -x509 -extensions v3_ca -keyout private/cakey.pem
> -out
> > cacert.pem -days 3650 -config ./openssl.cnf
> >
> > Using configuration from ./openssl.cnfGenerating a 1024 bit RSA
> > private key.......++++++..........................++++++writing new
> > private key to 'private/cakey.pem'Enter PEM pass
> > phrase:tomcatVerifying password - Enter PEM pass phrase:tomcat-----You
> > are about to be asked to enter information that will be
> > incorporatedinto your certificate request.What you are about to enter
> > is what is called a Distinguished Name or a DN.There are quite a few
> > fields but you can leave some blankFor some fields there will be a
> > default value,If you enter '.', the field will be left
> > blank.-----Organization Name (company) [The Sample
> > Company]:<enter>Organizational Unit Name (department, division) []:CA
> > DivisionEmail Address []:ca@sample.comLocality Name (city, district)
> > [Metropolis]:<enter>State or Province Name (full name) [New
> > York]:<enter>Country Name (2 letter code) [US]:<enter>Common Name
> > (hostname, IP, or your name) []:TSC Root CA
> >
> > 2. openssl req -new -nodes -out req.pem -config ./openssl.cnf
> > 3. openssl ca -out cert.pem -config ./openssl.cnf -infiles req.pem
> >
> > Using configuration from ./openssl.cnfEnter PEM pass phrase:demoCheck
> > that the request matches the signatureSignature okThe Subjects
> > Distinguished Name is as followsorganizationName :PRINTABLE:'The
> > Sample Company'organizationalUnitName:PRINTABLE:'Mail
> > Server'emailAddress
> > :IA5STRING:'postmas...@sample.com'localityName
> > :PRINTABLE:'Metropolis'stateOrProvinceName :PRINTABLE:'New
> > York'countryName :PRINTABLE:'US'commonName
> > :PRINTABLE:'mail.sample.com'Certificate is to be certified until Dec
> > 8 04:37:38 2002 GMT (365 days)Sign the certificate? [y/n]:y
> > 1 out of 1 certificate requests certified, commit? [y/n]yWrite out
> > database with 1 new entriesData Base Updated
> >
> > 4. copy cert.pem tmp.pem5. openssl x509 -in tmp.pem -out cert.pem
> >
> > //====================================== OPENSSL.CFG
> > ======================================================
> > Attached here is the openssl.cfg
> >
> > dir = .
> >
> > [ ca ]
> > default_ca = CA_default
> >
> > [ CA_default ]
> > serial = $dir/serial
> > database = $dir/index.txt
> > new_certs_dir = $dir/newcerts
> > certificate = $dir/cacert.pem
> > private_key = $dir/private/cakey.pem
> > default_days = 365
> > default_md = md5
> > preserve = no
> > email_in_dn = no
> > nameopt = default_ca
> > certopt = default_ca
> > policy = policy_match
> >
> > [ policy_match ]
> > countryName = match
> > stateOrProvinceName = match
> > organizationName = match
> > organizationalUnitName = optional
> > commonName = supplied
> > emailAddress = optional
> >
> > [ req ]
> > default_bits = 1024 # Size of keys
> > default_keyfile = key.pem # name of generated keys
> > default_md = md5 # message digest
> algorithm
> > string_mask = nombstr # permitted characters
> > distinguished_name = req_distinguished_name
> > req_extensions = v3_req
> >
> > [ req_distinguished_name ]
> > # Variable name Prompt string
> > #---------------------- ----------------------------------
> > 0.organizationName = Organization Name (company)
> > organizationalUnitName = Organizational Unit Name (department, division)
> > emailAddress = Email Address
> > emailAddress_max = 40
> > localityName = Locality Name (city, district)
> > stateOrProvinceName = State or Province Name (full name)
> > countryName = Country Name (2 letter code)
> > countryName_min = 2
> > countryName_max = 2
> > commonName = Common Name (hostname, IP, or your name)
> > commonName_max = 64
> >
> > # Default values for the above, for consistency and less typing.
> > # Variable name Value
> > #------------------------------ ------------------------------
> > 0.organizationName_default = The Sample Company
> > localityName_default = Metropolis
> > stateOrProvinceName_default = New York
> > countryName_default = US
> >
> > [ v3_ca ]
> > basicConstraints = CA:TRUE
> > subjectKeyIdentifier = hash
> > authorityKeyIdentifier = keyid:always,issuer:always
> >
> > [ v3_req ]
> > basicConstraints = CA:FALSE
> > subjectKeyIdentifier = hash
> >
> > ============================================= SERVER.XML
> > ===================================================
> > Attached here is the server.xml
> >
> > <Server port="8025" shutdown="SHUTDOWN">
> > <Listener SSLEngine="on"
> > className="org.apache.catalina.core.AprLifecycleListener"/>
> > <Listener className="org.apache.catalina.core.JasperListener"/>
> > <Listener
> > className="org.apache.catalina.core.JreMemoryLeakPreventionListener"/>
> > <Listener
> > className="org.apache.catalina.mbeans.GlobalResourcesLifecycleListener"/>
> > <Listener
> > className="org.apache.catalina.core.ThreadLocalLeakPreventionListener"/>
> >
> > <GlobalNamingResources>
> > <Resource auth="Container" description="User database that can be
> > updated and saved"
> > factory="org.apache.catalina.users.MemoryUserDatabaseFactory"
> > name="UserDatabase" pathname="conf/tomcat-users.xml"
> > type="org.apache.catalina.UserDatabase"/>
> > </GlobalNamingResources>
> >
> > <Service name="Catalina">
> > <Connector URIEncoding="utf-8" connectionTimeout="20000"
> > port="8084" protocol="HTTP/1.1" redirectPort="8443"/>
> >
> >
> > <Connector
> > protocol="org.apache.coyote.http11.Http11AprProtocol"
> > port="8443" maxHttpHeaderSize="8192"
> > maxThreads="150" minSpareThreads="25"
> > enableLookups="false" disableUploadTimeout="true"
> > acceptCount="100" scheme="https" secure="true"
> > clientAuth="false" sslProtocol="TLS"
> > SSLEngine="on"
> > SSLCertificateFile="${catalina.base}\conf\cert.pem"
> > SSLCertificateKeyFile="${catalina.base}\conf\key.pem"
> > SSLPassword="tomcat"
> > />
> > <Connector port="8009" protocol="AJP/1.3" redirectPort="8443"/>
> > <Engine defaultHost="localhost" name="Catalina">
> > <Realm className="org.apache.catalina.realm.LockOutRealm">
> > <Realm
> > className="org.apache.catalina.realm.UserDatabaseRealm"
> > resourceName="UserDatabase"/>
> > </Realm>
> > <Host appBase="webapps" autoDeploy="false" name="localhost"
> > unpackWARs="true">
> > <Valve
> > className="org.apache.catalina.valves.AccessLogValve" directory="logs"
> > pattern="%h %l %u %t "%r" %s %b" prefix="localhost_access_log."
> > resolveHosts="false" suffix=".txt"/>
> > </Host>
> > </Engine>
> > </Service>
> > </Server>
> >
> > //================================================= NETBEAN OUTPUT
> > =======================================
> > Using CATALINA_BASE:
> > "C:\Users\LEH\.netbeans\7.0\apache-tomcat-7.0.14.0_base"
> > Using CATALINA_HOME: "D:\WEB_PROGRAMS\Apache Tomcat 7.0.14"
> > Using CATALINA_TMPDIR:
> > "C:\Users\LEH\.netbeans\7.0\apache-tomcat-7.0.14.0_base\temp"
> > Using JRE_HOME: "C:\IMPORTANT SOFTWARE\JDK_32"
> > Using CLASSPATH: "D:\WEB_PROGRAMS\Apache Tomcat
> > 7.0.14\bin\bootstrap.jar;D:\WEB_PROGRAMS\Apache Tomcat
> > 7.0.14\bin\tomcat-juli.jar"
> > Dec 2, 2011 5:04:43 PM org.apache.catalina.core.AprLifecycleListener init
> > INFO: Loaded APR based Apache Tomcat Native library 1.1.20.
> > Dec 2, 2011 5:04:43 PM org.apache.catalina.core.AprLifecycleListener init
> > INFO: APR capabilities: IPv6 [true], sendfile [true], accept filters
> > [false], random [true].
> > Dec 2, 2011 5:04:43 PM org.apache.catalina.startup.SetAllPropertiesRule
> > begin
> > WARNING: [SetAllPropertiesRule]{Server/Service/Connector} Setting
> property
> > 'SSLEngine' to 'on' did not find a matching property.
> > Dec 2, 2011 5:04:44 PM org.apache.coyote.AbstractProtocolHandler init
> > INFO: Initializing ProtocolHandler ["http-apr-8084"]
> > Dec 2, 2011 5:04:44 PM org.apache.coyote.AbstractProtocolHandler init
> > INFO: Initializing ProtocolHandler ["http-apr-8443"]
> > Dec 2, 2011 5:04:44 PM org.apache.coyote.AbstractProtocolHandler init
> > INFO: Initializing ProtocolHandler ["ajp-apr-8009"]
> > Dec 2, 2011 5:04:44 PM org.apache.catalina.startup.Catalina load
> > INFO: Initialization processed in 953 ms
> > Dec 2, 2011 5:04:44 PM org.apache.catalina.core.StandardService
> > startInternal
> > INFO: Starting service Catalina
> > Dec 2, 2011 5:04:44 PM org.apache.catalina.core.StandardEngine
> startInternal
> > INFO: Starting Servlet Engine: Apache Tomcat/7.0.14
> > Dec 2, 2011 5:04:44 PM org.apache.catalina.startup.HostConfig
> > deployDescriptor
> > INFO: Deploying configuration descriptor ABC_WEBSITE.xml from
> >
> C:\Users\LEH\.netbeans\7.0\apache-tomcat-7.0.14.0_base\conf\Catalina\localhost
> > Dec 2, 2011 5:04:47 PM com.sun.faces.config.ConfigureListener
> > contextInitialized
> > INFO: Initializing Mojarra 2.1.1 (FCS 20110408) for context
> '/ABC_WEBSITE'
> > Dec 2, 2011 5:04:47 PM com.sun.faces.spi.InjectionProviderFactory
> > createInstance
> > INFO: JSF1048: PostConstruct/PreDestroy annotations present.
> ManagedBeans
> > methods marked with these annotations will have said annotations
> processed.
> > Dec 2, 2011 5:04:47 PM org.apache.catalina.startup.HostConfig
> > deployDescriptor
> > INFO: Deploying configuration descriptor manager.xml from
> >
> C:\Users\LEH\.netbeans\7.0\apache-tomcat-7.0.14.0_base\conf\Catalina\localhost
> > Dec 2, 2011 5:04:48 PM org.apache.catalina.startup.HostConfig
> > deployDescriptor
> > INFO: Deploying configuration descriptor ROOT.xml from
> >
> C:\Users\LEH\.netbeans\7.0\apache-tomcat-7.0.14.0_base\conf\Catalina\localhost
> > Dec 2, 2011 5:04:48 PM org.apache.coyote.AbstractProtocolHandler start
> > INFO: Starting ProtocolHandler ["http-apr-8084"]
> > Dec 2, 2011 5:04:48 PM org.apache.coyote.AbstractProtocolHandler start
> > INFO: Starting ProtocolHandler ["http-apr-8443"]
> > Dec 2, 2011 5:04:48 PM org.apache.coyote.AbstractProtocolHandler start
> > INFO: Starting ProtocolHandler ["ajp-apr-8009"]
> > Dec 2, 2011 5:04:48 PM org.apache.catalina.startup.Catalina start
> >
> > God Bless
> > ENg Huat
> >
> > On Sun, Nov 13, 2011 at 11:19 PM, Pid <p...@pidster.com> wrote:
> >
> > > On 13/11/2011 10:03, Lau Eng Huat wrote:
> > > > Hi everybody,
> > > >
> > > > I have followed this example on setting up the SSL on Tomcat Expert
> > > >
> > >
> http://www.tomcatexpert.com/knowledge-base/using-openssl-configure-ssl-certificates-tomcat
> > > > .
> > > > The question that I have is how do you use Apache Common HttpClient
> to
> > > sent
> > > > and received information from the servlet. I have no idea on how to
> write
> > > > the code for the httpClient and Servlet. Please help me on this , I'm
> > > stuck
> > > > at this for couple of weeks already.
> > >
> > > One of those is a question for the Apache Commons community.
> > > Note: Commons HttpClient has been superceded by Http Components.
> > >
> > > http://hc.apache.org/httpcomponents-client-ga/index.html
> > >
> > >
> > > If you don't know how to write a Servlet, then you should have a look
> at
> > > the documentation site and examples shipped with your Tomcat version:
> > >
> > > http://tomcat.apache.org/
> > >
> > >
> > > p
> > >
> > >
> > > --
> > >
> > > [key:62590808]
> > >
> > >
>
