Enabling SSL (Windows)

• Shut down Cascade Server
• Create a keystore (from http://tomcat.apache.org/tomcat-6.0-doc/ssl-howto.html) by executing the following command: %JAVA_HOME%\bin\keytool -genkey -alias tomcat -keyalg RSA

Once created, the .keystore file can typically be found in the Documents and Settings folder under the user's sub-folder; eg, C:\Documents and Settings\Administrator)

• Edit the file tomcat\conf\server.xml
  • Uncomment the area for SSL/TLS Connector configuration:

 <!-- Define a SSL HTTP/1.1 Connector on port 8443 
         This connector uses the JSSE configuration, when using APR, the 
         connector should be using the OpenSSL style configuration
         described in the APR documentation -->
         
    <Connector port="8443" protocol="HTTP/1.1" SSLEnabled="true"
    maxThreads="150" scheme="https" secure="true" clientAuth="false"
    sslProtocol="TLS" />

• Add the keystoreFile and keystorePass attributes to the <Connector> element and specify the location of the keystore along with the password. Then, change the protocol from HTTP/1.1 to org.apache.coyote.http11.Http11NioProtocol as seen below:

<!-- Define a SSL HTTP/1.1 Connector on port 8443 
         This connector uses the JSSE configuration, when using APR, the 
         connector should be using the OpenSSL style configuration
         described in the APR documentation -->
         
    <Connector port="8443" protocol="org.apache.coyote.http11.Http11NioProtocol" 
        SSLEnabled="true" maxThreads="150" scheme="https" secure="true" 
        clientAuth="false" sslProtocol="TLS" keystoreFile="\path\to\keystore"
        keystorePass="somePassword" />

• Start Cascade Server

The application should now be accessible through https://{host}:8443.

See this article for instructions on forcing connections to use SSL.