Hi,
I want to run Aware with a https URL and am looking for a how-to guide.
First quest is how to install the certificate.
I've the certificate file, but do not know how to install this in the Tomcat webserver.
And second question, what else do I have to do run run it under https ??
TIA
Rob
Certificate en https setup
Certificate en https setup
Using 8.7 Professional 3025 on MySQL/Windows
Re: Certificate en https setup
This USED to be easy, search the forums and you will find a lot of step by step guides etc. but they doesn't seem to work in later versions of Aware (or Tomcat). Many of the steps are probably the same but something has changed and nobody seems to know (or want to share) what and how to set it up now.
I ended up going the reverse proxy route when I couldn't get my certs integrated and working so is a tip. Otherwise I would suggest you search for Tomcat guides on how to do this in the Tomcat version you are using.
If you manage to figure it out, please share a thought or two on what/how you did.
I ended up going the reverse proxy route when I couldn't get my certs integrated and working so is a tip. Otherwise I would suggest you search for Tomcat guides on how to do this in the Tomcat version you are using.
If you manage to figure it out, please share a thought or two on what/how you did.
Henrik (V8 Developer Ed. - Windows)
Re: Certificate en https setup
Ok, thats a pitty. I was searching in the forum and saw a lot about it, but no real guides or solution. This should be easy, because applications build in Aware should be secure.
So, @Aware_support....could you tell us how to do this properly ??
So, @Aware_support....could you tell us how to do this properly ??
Using 8.7 Professional 3025 on MySQL/Windows
Re: Certificate en https setup
I received a .pfc, a .cert and a .p7b file
Using 8.7 Professional 3025 on MySQL/Windows
Re: Certificate en https setup
I've implemented Digicert's SSL using a .p7b cert with Tomcat 9.
You need to generate a keystore file .jks and use that file to configure Tomcat.
Detailed steps can be found here https://www.digicert.com/kb/csr-ssl-installation/tomcat-keytool.htm
My Tomcat 9 C:\AwareIM\Tomcat\conf\server.xml SSL config:
You need to generate a keystore file .jks and use that file to configure Tomcat.
Detailed steps can be found here https://www.digicert.com/kb/csr-ssl-installation/tomcat-keytool.htm
My Tomcat 9 C:\AwareIM\Tomcat\conf\server.xml SSL config:
Code: Select all
<Connector port="8080" protocol="org.apache.coyote.http11.Http11Nio2Protocol"
connectionTimeout="60000"
redirectPort="8443" />
Code: Select all
<Connector port="8443" protocol="org.apache.coyote.http11.Http11Nio2Protocol"
sslImplementationName="org.apache.tomcat.util.net.jsse.JSSEImplementation"
connectionTimeout="20000"
asyncTimeout="150000"
maxThreads="450"
minSpareThreads="50"
SSLEnabled="true"
enableLookups="false"
scheme="https"
secure="true"
maxTrailerSize="-1"
maxCookieCount="-1"
processorCache="450" >
<SSLHostConfig
sslProtocol="TLS"
protocols="+TLSv1,+TLSv1.1,+TLSv1.2,+TLSv1.3,-SSLv2,-SSLv3"
honorCipherOrder="true"
ciphers="TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256,TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384,TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384,TLS_DHE_DSS_WITH_AES_128_GCM_SHA256,TLS_ECDHE_RSA_WITH_AES_128_SHA256,TLS_ECDHE_ECDSA_WITH_AES_128_SHA256,TLS_ECDHE_RSA_WITH_AES_128_SHA,TLS_ECDHE_ECDSA_WITH_AES_128_SHA,TLS_ECDHE_RSA_WITH_AES_256_SHA384,TLS_ECDHE_ECDSA_WITH_AES_256_SHA384,TLS_ECDHE_RSA_WITH_AES_256_SHA,TLS_ECDHE_ECDSA_WITH_AES_256_SHA,TLS_DHE_RSA_WITH_AES_128_SHA256,TLS_DHE_RSA_WITH_AES_128_SHA,TLS_DHE_DSS_WITH_AES_128_SHA256,TLS_DHE_RSA_WITH_AES_256_SHA256,TLS_DHE_DSS_WITH_AES_256_SHA,TLS_DHE_RSA_WITH_AES_256_SHA" >
<Certificate
certificateKeystoreFile="C:\Your\JKS\File\Location\yourJKSfile.jks"
certificateKeystorePassword="yourPasswordgoesHere"
type="RSA"
certificateKeystoreType="JKS" />
</SSLHostConfig>
</Connector>
-
- Posts: 1460
- Joined: Tue Jan 24, 2017 5:51 am
- Location: 'Stralya
Re: Certificate en https setup
I would go down the Reverse Proxy route for these reasons
Re: Certificate en https setup
I managed to get it running on 443 under https.
But now I have a problem in my Aware Configurator.
It does not show my forms anymore. It show something like: Cannot load localhost:443
Any clue?
But now I have a problem in my Aware Configurator.
It does not show my forms anymore. It show something like: Cannot load localhost:443
Any clue?
Using 8.7 Professional 3025 on MySQL/Windows
Re: Certificate en https setup
Re: Certificate en https setup
Cool, I hadn´t seen this.joben wrote: ↑Mon Sep 19, 2022 7:48 ampfc, I assume you mean .pfx?
This Tomcat configuration works for me:
viewtopic.php?f=4&t=12399
Henrik (V8 Developer Ed. - Windows)