User Tools

Site Tools


tomcat

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

tomcat [2018/01/22 14:08] (current)
k2patel created
Line 1: Line 1:
 +====== Tomcat ======
 +==== Tomcat SSL ====
 +Setting up tomcat with HTTP Native library.
 +<code | server.xml>​
 +<​Connector port="​8443"​ protocol="​org.apache.coyote.http11.Http11AprProtocol"​ scheme="​https"​ maxThreads="​200"​ secure="​true"​ SSLEnabled="​true"​ SSLCertificateFile="/​etc/​pki/​tls/​certs/​k2patel.in.crt"​ SSLCertificateKeyFile="/​etc/​pki/​tls/​private/​k2patel.in.key"​ SSLCACertificateFile="/​etc/​pki/​tls/​certs/​k2patel.in.int.ca"​ sslEnabledProtocols="​TLSv1.1,​TLSv1.2"​ SSLHonorCipherOrder="​true"​ SSLCipherSuite="​ECDHE-ECDSA-CHACHA20-POLY1305:​ECDHE-RSA-CHACHA20-POLY1305:​ECDHE-ECDSA-AES128-GCM-SHA256:​ECDHE-RSA-AES128-GCM-SHA256:​ECDHE-ECDSA-AES256-GCM-SHA384:​ECDHE-RSA-AES256-GCM-SHA384:​DHE-RSA-AES128-GCM-SHA256:​DHE-RSA-AES256-GCM-SHA384:​ECDHE-ECDSA-AES128-SHA256:​ECDHE-RSA-AES128-SHA256:​ECDHE-ECDSA-AES128-SHA:​ECDHE-RSA-AES256-SHA384:​ECDHE-RSA-AES128-SHA:​ECDHE-ECDSA-AES256-SHA384:​ECDHE-ECDSA-AES256-SHA:​ECDHE-RSA-AES256-SHA:​DHE-RSA-AES128-SHA256:​DHE-RSA-AES128-SHA:​DHE-RSA-AES256-SHA256:​DHE-RSA-AES256-SHA:​ECDHE-ECDSA-DES-CBC3-SHA:​ECDHE-RSA-DES-CBC3-SHA:​EDH-RSA-DES-CBC3-SHA:​AES128-GCM-SHA256:​AES256-GCM-SHA384:​AES128-SHA256:​AES256-SHA256:​AES128-SHA:​AES256-SHA:​DES-CBC3-SHA:​!DSS"></​Connector>​
 +</​code>​
  
 +Setting up HSTS with HTTP Native Library.
 +<code | web.xml>
 +    <​filter>​
 +        <​filter-name>​httpHeaderSecurity</​filter-name>​
 +        <​filter-class>​org.apache.catalina.filters.HttpHeaderSecurityFilter</​filter-class>​
 +        <​init-param>​
 +           <​param-name>​hstsMaxAgeSeconds</​param-name>​
 +           <​param-value>​31536000</​param-value>​
 +        </​init-param>​
 +        <​init-param>​
 +           <​param-name>​antiClickJackingEnabled</​param-name>​
 +           <​param-value>​false</​param-value>​
 +        </​init-param>​
 +        <​init-param>​
 +           <​param-name>​hstsIncludeSubDomains</​param-name>​
 +           <​param-value>​true</​param-value>​
 +        </​init-param>​
 +        <​async-supported>​true</​async-supported>​
 +    </​filter>​
 +
 +    <​filter-mapping>​
 +        <​filter-name>​httpHeaderSecurity</​filter-name>​
 +        <​url-pattern>/​*</​url-pattern>​
 +    </​filter-mapping>​
 +</​code>​
tomcat.txt ยท Last modified: 2018/01/22 14:08 by k2patel