...
If you do need this support, these connections require special security properties which are not appropriate for user-facing/browser use. Therefore an additional endpoint must be configured.
Configure Tomcat
- Download tomcat6-dta-ssl-1.01.0.jar (asc) in to server/<serviceProfile>/deploy/jboss-web.sar/
Add the following Connector definition into JBoss Tomcat's server/<serviceProfile>/deploy/jboss-web.sar//server.xml (replacing
IDP_HOME
with your IdP's home directory):Code Block xml xml <Connector port="8443" protocol="org.apache.coyote.http11.Http11Protocol" SSLImplementation="edu.internet2.middleware.security.tomcat6.DelegateToApplicationJSSEImplementation" scheme="https" maxPostSize="100000" SSLEnabled="true" clientAuth="want" keystoreFile="IDP_HOME/credentials/idp.jks" keystorePass="PASSWORD" />