Versions Compared

Old Version 1

changes.mady.by.user Sam Tsoi

Saved on

compared with

New Version 2

changes.mady.by.user David Walend

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

To serve SSL find this section and change it to use the right keystore password and key alias to serve https from tomcat. Although you can use the same keyAlias to sign shrine queries and to support TLS for https most sites choose to use their own cert signed by a CA in a public cert tree. This prevents dire warnings from browsers. Follow standard procedures for serving https via TLS from tomcat.

Code Block
languagebash
themerdark
    <!-- Define a SSL/TLS HTTP/1.1 Connector on port 8443
         This connector uses the NIO implementation that requires the JSSE
         style configuration. When using the APR/native implementation, the
         OpenSSL style configuration is required as described in the APR/native
         documentation -->

    <Connector port="6443" protocol="org.apache.coyote.http11.Http11NioProtocol"
               maxThreads="150" SSLEnabled="true" scheme="https" secure="true"
               clientAuth="false" sslProtocol="TLS"
               keystoreFile="/opt/shrine/shrine.keystore"
               keystorePass="password"
               keyAlias="$Private_Key_Alias" />

...