directory-fortress mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Shawn McKinney <smckin...@apache.org>
Subject Re: https with fortress rest
Date Thu, 18 Jun 2015 14:07:06 GMT

> On Jun 18, 2015, at 2:56 AM, Oleksandr Bodriagov (Polystar) <oleksandr.bodriagov@polystar.com>
wrote:
> 
> How can the https protocol be enabled for the fortress rest?
> Shawn suggested configuring SSL/TLS on Tomcat and using łhttps˛-based URLs.
> Does it mean that by following these Tomcatąs instructions
> https://tomcat.apache.org/tomcat-8.0-doc/ssl-howto.html
> everything will work? Are there any other configuration steps involved?

For server-side (Tomcat) config, yes those instructions should work though I haven’t tested
that document.  

Your server.conf will have an entry that looks something like this:

    <!-- Define a TLS Coyote HTTP/1.1 Connector on port 8443 -->
	<Connector 	
           port="8443" maxThreads="200"
           scheme="https" secure="true" SSLEnabled="true"
           keystoreFile="conf/mykeystore" keystorePass="changeit"
           clientAuth="false" sslProtocol="TLS”/>

that tells it which port to listen to, which protocol, location of keystone and its password.

The client-side has to know the new URL, the location of the truststore that contains the
public key.  Are you using the fortress-core as the test client?  If so you will need to change
some fortress properties to match the new server coordinates. 

There is a tutorial that covers some of this ground:
https://symas.com/javadocs/apache-fortress-demo/

Shawn
smckinney@apache.org



Mime
View raw message