Create
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Sign up Log in
Products
See all
Community resources
Top groups
Explore all groups
Community resources
Learn
Community resources
Events
Community resources

Configuring SSL for Crowd 5.2 with Tomcat 9

isher
isher March 21, 2024

Hey Community!

I'm having trouble configuring SSL for Crowd 5.2, which now uses Tomcat 9. Can anyone provide guidance or tips on how to properly configure the server.xml file in Tomcat 9 to support SSL for Crowd 5.2?

Till 5.2 version release my server.xml looks like this:

<?xml version="1.0" encoding="UTF-8"?>
<Server port="8020" shutdown="SHUTDOWN">
    <Service name="Catalina">
<Connector
                   port="443"
                   protocol="org.apache.coyote.http11.Http11Protocol"
                   maxThreads="150"
                   SSLEnabled="true"
                   scheme="https"
                   secure="true"
                   clientAuth="false"
                   sslProtocol="TLS"
                   keystoreFile="${user.home}/.keystore/keystore.jks"
                   keystorePass="myPass"
   />
<Connector
acceptCount="100"
                    connectionTimeout="20000"
                    disableUploadTimeout="true"
                    enableLookups="false"
                    protocol="HTTP/1.1"
                    maxHttpHeaderSize="8192"
                    maxThreads="150"
                    minSpareThreads="25"
                    port="80"
                    secure="false"
                    scheme="http"
                    redirectPort="443"
                    useBodyEncodingForURI="true"
                    URIEncoding="UTF-8"
                    compression="on"
                    sendReasonPhrase="true"
                    compressableMimeType="text/html,text/xml,application/xml,text/plain,text/css,application/json,application/javascript,application/x-javascript"
/>
        <Engine defaultHost="localhost" name="Catalina">
            <Host appBase="webapps" autoDeploy="true" name="localhost" unpackWARs="true"/>
            <Valve className="org.apache.catalina.valves.AccessLogValve" directory="logs" prefix="localhost_access_log." suffix=".log" pattern="%t %{User-Agent}i %h %m %r %b %s %I %{X-AUSERNAME}o %{X-AAPPNAME}o" />
            <Valve className="org.apache.catalina.valves.RemoteIpValve" remoteIpHeader="x-forwarded-for" protocolHeader="x-forwarded-proto" />
        </Engine>
        <!-- To connect to an external web server (typically Apache) -->
        <!-- Define an AJP 1.3 Connector on port 8009 -->
        <!--
            <Connector port="8009" enableLookups="false" redirectPort="8443" protocol="AJP/1.3" />
        -->
    </Service>
    <!-- Security listener. Documentation at /docs/config/listeners.html
    <Listener className="org.apache.catalina.security.SecurityListener" />
    -->
    <!--APR library loader. Documentation at /docs/apr.html -->
    <Listener className="org.apache.catalina.core.AprLifecycleListener" SSLEngine="on" />
    <!-- Prevent memory leaks due to use of particular java/javax APIs-->
    <Listener className="org.apache.catalina.core.JreMemoryLeakPreventionListener" />
    <Listener className="org.apache.catalina.mbeans.GlobalResourcesLifecycleListener" />
    <Listener className="org.apache.catalina.core.ThreadLocalLeakPreventionListener" />
</Server>

Any help or insights would be greatly appreciated!

 

Answer
Watch
Like Be the first to like this
623 views

1 answer

1 accepted

1 vote
Answer accepted
isher
isher March 21, 2024

Weird, spend so much time on solving this, but solution was simple. Maybe someone will find it usefull:

<Connector port="443" protocol="org.apache.coyote.http11.Http11NioProtocol" SSLEnabled="true"
maxThreads="150" scheme="https" secure="true"
sslProtocol="TLS"
keystoreFile="${user.home}/.keystore/keystore.jks"
keystorePass="myPass"
/>
Reply

Suggest an answer

Log in or Sign up to answer
Crowd
Crowd
TAGS
AUG Leaders

Atlassian Community Events

    See all events