...
Step 3 - Open the server.xml file with an editor. The SSL configuration is around line 100 of the
...
file and looks similar to the code examples below.
Step 4 - Depending on your VFC release version, edit the server.xml file as below:
Code Block | ||||
---|---|---|---|---|
| ||||
<Connector SSLEnabled="true" port="443" protocol="org.apache.coyote.http11.Http11AprProtocol" clientAuth="false" scheme="https" secure="true" SSLCertificateFile="c:\Verba.crt" SSLCertificateKeyFile="c:\Verba.key" SSLPassword="verba123456" SSLCipherSuite="RC4-MD5:RC4-SHA:AES128-SHA:DHE-DSS-AES128-SHA:DES-CBC3-SHA:DHE-DSS-DES-CBC3-SHA" SSLProtocol="SSLv3+TLSv1" URIEncoding="UTF-8" maxHttpHeaderSize="16384" /> |
a) Change the SSLCertificateFile="c:\Verba.crt" to the new .crt file
b) Change the SSLCertificateKeyFile="c:\Verba.key" to the new .key file
c) Change SSLPassword="verba123456" to the private key's password.
d) Optionally, add an SSLCertificateChainFile setting and specify the intermediate certificate file.
Code Block | ||||
---|---|---|---|---|
| ||||
<Connector SSLEnabled="true" port="443" protocol="com.verba.util.tomcat.VerbaHttp11AprProtocol" clientAuth="false" scheme="https" secure="true" SSLCertificateFile="c:\Verba.crt" SSLCertificateKeyFile="c:\Verba.key" SSLPassword="Verba123456" SSLCipherSuite="RC4-MD5:RC4-SHA:AES128-SHA:DHE-DSS-AES128-SHA:DES-CBC3-SHA:DHE-DSS-DES-CBC3-SHA" SSLProtocol="SSLv3+TLSv1" URIEncoding="UTF-8" maxHttpHeaderSize="16384" /> |
a) Change the SSLCertificateFile="c:\Verba.crt" to the new .crt file
b) Change the SSLCertificateKeyFile="c:\Verba.key" to the new .key file
c) Change SSLPassword="Verba123456" to the private key's encrypted password.
d) Optionally, add an SSLCertificateChainFile setting and specify the intermediate certificate file.
Code Block | ||||
---|---|---|---|---|
| ||||
<Connector
SSLEnabled="true"
port="443"
protocol="com.verba.util.tomcat.VerbaHttp11Nio2Protocol"
scheme="https"
secure="true"
URIEncoding="UTF-8"
maxHttpHeaderSize="32768"
relaxedQueryChars="[]|{}^\`"<>"
>
<SSLHostConfig
ciphers="ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-SHA384:ECDHE-ECDSA-AES128-SHA256:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384"
honorCipherOrder="true"
protocols="TLSv1.1,+TLSv1.2,+TLSv1.3"
>
<Certificate
certificateFile="c:\Verba.crt"
certificateKeyFile="c:\Verba.key"
certificateKeyPassword="Verba123456"
/>
</SSLHostConfig>
</Connector> |
a) Change the certificateFile="c:\Verba.crt" to the new .crt file
b) Change the certificateKeyFile="c:\Verba.key" to the new .key file
c) Change certificateKeyPassword="Verba123456" to the private key's encrypted password.
d) Optionally, add an certificateChainFile setting and specify the intermediate certificate file.
...