This README describes how to compete by the hand the configuration of the glite-security-trustmanager rpm. In order for security-trustmanager to be enabled within tomcat the /etc/tomcat5/server.xml. The following block must be added added another Connector within the <Service name="Catalina"> </Service> tags along side the other connectors. <Connector port="8443" sSLImplementation="org.glite.security.trustmanager.tomcat.TMSSLImplementation" maxThreads="150" minSpareThreads="25" maxSpareThreads="75" enableLookups="false" disableUploadTimeout="true" acceptCount="100" debug="0" scheme="https" secure="true" sslCertFile="/etc/grid-security/glite-security-trustmanager/hostcert.pem" sslKey="/etc/grid-security/glite-security-trustmanager/hostcert.pem" log4jConfFile="/etc/glite-security-trustmanager/trustmanager-log4j.properties" clientAuth="true" sslProtocol="TLS" trustStoreDir="/etc/grid-security/certificates" crlUpdateInterval="12h" SSLEnabled="true" /> A minimal complete server.xml file would thus be: <Server port="8005" shutdown="SHUTDOWN"> <Service name="Catalina"> <Connector port="8443" maxThreads="150" minSpareThreads="25" maxSpareThreads="75" enableLookups="false" disableUploadTimeout="true" acceptCount="100" debug="0" scheme="https" secure="true" sSLImplementation="org.glite.security.trustmanager.tomcat.TMSSLImplementation" sslCertFile="/etc/grid-security/glite-security-trustmanager/hostcert.pem" sslKey="/etc/grid-security/glite-security-trustmanager/hostcert.pem" log4jConfFile="/etc/glite-security-trustmanager/trustmanager-log4j.properties" clientAuth="true" sslProtocol="TLS" trustStoreDir="/etc/grid-security/certificates" crlUpdateInterval="12h" SSLEnabled="true" /> <Engine name="Catalina" defaultHost="localhost"> <Host name="localhost" appBase="webapps" /> </Engine> </Service> </Server> .