There are 2 diff ways to use SSL with Tomcat. What is the difference

If you have questions or if you want to share your opinion about Aware IM post your message on this forum
Post Reply
BLOMASKY
Posts: 1486
Joined: Wed Sep 30, 2015 10:08 pm
Location: Ocala FL

There are 2 diff ways to use SSL with Tomcat. What is the difference

Post by BLOMASKY »

OK, a lot more than 2 ways, but in the following code, the 1st one (that is NOT commented out) works and the other one does not. Can someone tell me if one is a more preferred way, or should I just be happy that it works.


<!-- Define an SSL/TLS HTTP/1.1 Connector on port 8443
This connector uses the NIO implementation. The default
SSLImplementation will depend on the presence of the APR/native
library and the useOpenSSL attribute of the
AprLifecycleListener.
Either JSSE or OpenSSL style configuration may be used regardless of
the SSLImplementation selected. JSSE style configuration is used below.
-->


<Connector port="8443" protocol="org.apache.coyote.http11.Http11NioProtocol"
maxThreads="150" SSLEnabled="true">
<SSLHostConfig>
<Certificate certificateKeyFile="/Certs/privatekey.key"
certificateFile="/Certs/theberwickgroup_com.crt"
certificateChainFile="/Certs/DigiCertCA.crt"
type="RSA" />
</SSLHostConfig>
</Connector>



<!-- Define an SSL/TLS HTTP/1.1 Connector on port 8443 with HTTP/2
This connector uses the APR/native implementation which always uses
OpenSSL for TLS.
Either JSSE or OpenSSL style configuration may be used. OpenSSL style
configuration is used below.
-->

<!-- ** THIS ONE BELOW DOES NOT WORK **

<Connector port="8443" protocol="org.apache.coyote.http11.Http11AprProtocol"
maxThreads="150" SSLEnabled="true" >
<UpgradeProtocol className="org.apache.coyote.http2.Http2Protocol" />
<SSLHostConfig>
<Certificate certificateKeyFile="/Certs/privatekey.key"
certificateFile="/Certs/theberwickgroup_com.crt"
certificateChainFile="/Certs/DigiCertCA.crt"
type="RSA" />
</SSLHostConfig>
</Connector>
-->

<!-- Define an AJP 1.3 Conn
Post Reply