This README describes how to compete by the hand the
configuration of the glite-security-trustmanager rpm.
In order for security-trustmanager to be enabled within tomcat
the /etc/tomcat5/server.xml. The following block must be added
added another Connector within the <Service name="Catalina"> </Service>
tags along side the other connectors.
<Connector port="8443"
sSLImplementation="org.glite.security.trustmanager.tomcat.TMSSLImplementation"
maxThreads="150" minSpareThreads="25" maxSpareThreads="75"
enableLookups="false" disableUploadTimeout="true"
acceptCount="100" debug="0" scheme="https" secure="true"
sslCertFile="/etc/grid-security/glite-security-trustmanager/hostcert.pem"
sslKey="/etc/grid-security/glite-security-trustmanager/hostcert.pem"
log4jConfFile="/etc/glite-security-trustmanager/trustmanager-log4j.properties"
clientAuth="true" sslProtocol="TLS"
trustStoreDir="/etc/grid-security/certificates"
crlUpdateInterval="12h"
SSLEnabled="true"
/>
A minimal complete server.xml file would thus be:
<Server port="8005" shutdown="SHUTDOWN">
<Service name="Catalina">
<Connector port="8443"
maxThreads="150" minSpareThreads="25" maxSpareThreads="75"
enableLookups="false" disableUploadTimeout="true"
acceptCount="100" debug="0" scheme="https" secure="true"
sSLImplementation="org.glite.security.trustmanager.tomcat.TMSSLImplementation"
sslCertFile="/etc/grid-security/glite-security-trustmanager/hostcert.pem"
sslKey="/etc/grid-security/glite-security-trustmanager/hostcert.pem"
log4jConfFile="/etc/glite-security-trustmanager/trustmanager-log4j.properties"
clientAuth="true" sslProtocol="TLS"
trustStoreDir="/etc/grid-security/certificates"
crlUpdateInterval="12h"
SSLEnabled="true"
/>
<Engine name="Catalina" defaultHost="localhost">
<Host name="localhost" appBase="webapps" />
</Engine>
</Service>
</Server>
.
