PhenixID

PSD1060 – How to configure SSL for Tomcat

Fact

PhenixID Identity Manager 5.0 or later

Situation

How to enable Tomcat for SSL communication. This article requires a certificate and are not provided by PhenixID. Certificate type must be a “PKCS12”.

Solution

In the file server.xml, which can be found under /../PhenixID/IM/server/conf/, add (or adjust) the block below:

The “Connector” tag must reside in a “Service” tag in server.xml
Note that “keystoreFile” and “keystorePass” must be changed to match the environment.

Linux Example

       <Connector port="443" protocol="HTTP/1.1" SSLEnabled="true"
            maxThreads="150" scheme="https" secure="true"
            clientAuth="false" sslProtocol="TLS" 
            keystoreType="PKCS12" keystoreFile="/opt/PhenixID/IM/customer/config/mycert.p12"
            keystorePass="myCertpassword" 
      />

 

Windows Example

       <Connector port="443" protocol="org.apache.coyote.http11.Http11NioProtocol" SSLEnabled="true" 
            maxThreads="150"  enableLookups="true" isableUploadTimeout="true" acceptCount="100" 
            scheme="https" secure="true" clientAuth="false" sslProtocol="TLS" 
            keystoreFile="C:\Program Files\PhenixID\IM\customer\config\webappsmycert.jks" 
            keystorePass="myCertpassword"
      />

DISCLAIMER
Information provided in this document is for your information only. PhenixID makes no explicit or implied claims to the validity of this information. Any trademarks referenced in this document are the property of their respective owners.

The origin of this information may be internal or external to PhenixID. PhenixID makes all reasonable efforts to verify this information.

PhenixID - support.phenixid.se