Versions Compared

Old Version 6

changes.mady.by.user Karl Henselin

Saved on

compared with

New Version 7

changes.mady.by.user Karl Henselin

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Code Block
<Connector port="8443" protocol="HTTP/1.1" sslEnabledProtocols="TLSv1.2"
               connectionTimeout="20000" maxThreads="200" SSLEnabled="true" secure="true"
               maxHttpHeaderSize="16384" keystoreFile="/u01/flexdeploy/keystore"
               keystorePass="changeit" keyAlias="myalias" clientAuth="false" compression="on" compressionMinSize="1024" />

In case the certificate is shared in .pfx format the same can be converted to desired jks format using below command

...

Code Block
<Connector port="8443" protocol="HTTP/1.1" sslEnabledProtocols="TLSv1.2"
               connectionTimeout="20000" maxThreads="200" SSLEnabled="true" secure="true"
               maxHttpHeaderSize="16384" keystoreFile="/u01/flexdeploy/flexdeploy.pfx"
               keystorePass="changeit" keyAlias="myalias" clientAuth="false" compression="on" compressionMinSize="1024"/>

On Unix, privileged ports (less than 1024) cannot be opened by a non-root user. The solution is to forward traffic from 443 to the port used above (8443). As root, update iptable rule to redirect the traffic from 443 to 8443.

...