RE: Configuring SSL for Jigsaw 2.2.4 from Laird, Brian on 2005-10-27 (www-jigsaw@w3.org from September to October 2005)

From: Laird, Brian <BLaird@perseco.com>
Date: Thu, 27 Oct 2005 11:39:12 -0500
To: <Reiner.Kraus@kgs-software.com>, <www-jigsaw@w3.org>
Message-ID: <198C7B6593B76E44B30C3AAC456E57A17E6514@electra.Perseco.com>
Here is a proper SSL configured properties file for the server.  Right after this file is the server.props file and what it should look like.  Please note this won't work for the 2.2.5 version because they changed the configuration parameter names around slightly.  I put the important lines in bold so it would be easier to find.  It is important to understand that the server.props file is read first.  The daemon handlers line is read which prompts jigsaw to build a new handler base on the type listed (see the bold line in the server.props).  That new handler type then tries to load its properties by tacking a .props on the end of its name.

 

Hope this helps,

Brian

 

 

https-myserver.props

 

#Jigsaw written

#Wed Jun 22 10:20:59 CDT 2005

org.w3c.jigsaw.http.socket.SocketClientFactory.bindAddress=192.99.99.99

org.w3c.jigsaw.serializer=org.w3c.tools.resources.serialization.xml.XMLSerializer

org.w3c.jigsaw.servlet.servlet-log-file=/opt/jigsaw_2_1/Jigsaw/logs/ws_servletlog.txt

org.w3c.jigsaw.logger.logname=/opt/jigsaw_2_1/Jigsaw/logs/ws_log.txt

org.w3c.jigsaw.checkSensitivity=true

org.w3c.jigsaw.server=Jigsaw/2.2.4p

org.w3c.jigsaw.root=/opt/jigsaw_2_1/Jigsaw

org.w3c.jigsaw.config=/opt/jigsaw_2_1/Jigsaw/config_ws

org.w3c.jigsaw.root.name=root

org.w3c.jigsaw.logger.tracelogname=/opt/jigsaw_2_1/Jigsaw/logs/ws_tracelog.txt

org.w3c.jigsaw.version.counter=4

org.w3c.jigsaw.trace=true

org.w3c.jigsaw.ssl.keystore.password=123456789

org.w3c.jigsaw.port=443

org.w3c.jigsaw.http.socket.SocketClientFactory.maxIdle=80

org.w3c.jigsaw.http.socket.SocketClientFactory.maxClients=150

org.w3c.jigsaw.docurl=/Doc/Reference

org.w3c.jigsaw.propfile=/opt/jigsaw_2_1/Jigsaw/config/https-ws.props

org.w3c.jigsaw.keepAlive=true

org.w3c.www.protocol.http.filters=

org.w3c.jigsaw.client.priority=5

org.w3c.jigsaw.ssl.enabled=true

org.w3c.jigsaw.request.timeout=3000000

org.w3c.jigsaw.client.debug=true

org.w3c.jigsaw.client.bufsize=8192

org.w3c.jigsaw.root.class=org.w3c.jigsaw.resources.DirectoryResource

org.w3c.jigsaw.http.socket.SocketClientFactory.maxThreads=100

org.w3c.jigsaw.space=/opt/jigsaw_2_1/Jigsaw/WWW

org.w3c.jigsaw.logger.errlogname=/opt/jigsaw_2_1/Jigsaw/logs/ws_errlog.txt

org.w3c.jigsaw.host=myhost.perseco.com

org.w3c.jigsaw.checkpointer=/Admin/Checkpointer

org.w3c.jigsaw.http.socket.SocketClientFactory.maxFree=15

org.w3c.www.protocol.http.connections.timeout=840000

org.w3c.jigsaw.trashdir=/opt/jigsaw_2_1/Jigsaw/trash

org.w3c.jigsaw.http.ClientFactory=org.w3c.jigsaw.https.socket.SSLSocketClientFactory

org.w3c.jigsaw.edit.root=root

org.w3c.jigsaw.logger.bufferSize=1024

org.w3c.jigsaw.logger=org.w3c.jigsaw.http.CommonLogger

org.w3c.jigsaw.ssl.keystore.path=/opt/jigsaw_2_1/Jigsaw/keystore/mysite.keystore

 

server.props

 

org.w3c.jigsaw.daemon.handlers=https-myserver| admin-server

https-myserver.org.w3c.jigsaw.daemon.class=org.w3c.jigsaw.https.httpsd

admin-server.org.w3c.jigsaw.daemon.class=org.w3c.jigsaw.admin.AdminServer

 

 

________________________________

From: Reiner Kraus [mailto:Reiner.Kraus@kgs-software.com] 
Sent: Thursday, October 27, 2005 11:26 AM
To: Laird, Brian
Subject: AW: Configuring SSL for Jigsaw 2.2.4

 

Hi,

 

I am also very interested in the solution. Could you please forward a valid config file to me, since the documentation is not very precise with that.

 

Thanks.

 


Mit freundlichen Grüßen / Kind Regards 

Reiner Kraus
_________________________________________
KGS Software GmbH
Frankenbachstrasse 110
D-53498 Bad Breisig
Phone : +49 26 33 47 10 34
Fax:      +49 26 33 47 10 35
E-Mail: Reiner.Kraus@kgs-software.com
http://www.kgs-software.com


 

________________________________

Von: www-jigsaw-request@w3.org [mailto:www-jigsaw-request@w3.org] Im Auftrag von Laird, Brian
Gesendet: Donnerstag, 27. Oktober 2005 15:29
An: Faisal Javeed; www-jigsaw@w3.org
Betreff: RE: Configuring SSL for Jigsaw 2.2.4

 

Faisal,

 

Can you send me your configuration file?  I have setup a number of jigsaw servers with SSL.  The other key item is that you have to specify RSA as the encryption algorithm when you create the keystore.

 

Brian

________________________________

From: www-jigsaw-request@w3.org [mailto:www-jigsaw-request@w3.org] On Behalf Of Faisal Javeed
Sent: Wednesday, October 26, 2005 5:52 AM
To: www-jigsaw@w3.org
Subject: Configuring SSL for Jigsaw 2.2.4

 


Hi 
 I am trying to configure ssl on jigsaw 2.2.4 using the document at http://www.w3.org/Jigsaw/Doc/User/ssl.html. 
I folllowed the steps in this help doc (used the keyalg RSA option) but when i run the web server it shows the following message. 

loading properties from: D:\IntechSW_Group\WES\Current\Deployment\WES\WS\Jigsaw\jigsaw\config\server.props 
Unable to launch https-server: Unable to create server socket on port 443: No cipher suites supported by this SSL socket factory. 
Please check your factory, key store, store password and cerificates. 
*** Warning : JigAdmin[2.2.4]: no logger specified, not logging. 
JigAdmin[2.2.4]: serving at http://lhe1-wes-pc-017:8009/ 

Can anyone help me out in this regard. 

Regards
Faisal Javeed
INTECH Process Automation Pvt. Ltd.
119-B Tech Society Lahore-54590, Pakistan
Cell:      03334241582
Voice:   +92 42 5427001 (3 lines)
Fax:      +92 42 5411724
Web:     www.intechww.com

 



************************************************************************
This e-mail and any accompanying documents or files contain information that is the 
property of HAVI Global Solutions, that is intended solely for those to whom this e-mail is addressed 
(i.e., those identified in the "To" and "Cc" boxes), and that is confidential, proprietary, 
and/or privileged.  If you are not an intended recipient of this e-mail, you are hereby 
notified that any viewing, use, disclosure, forwarding, copying, or distribution of any of 
this information is strictly prohibited and may be subject to legal sanctions.  If you have 
received this e-mail in error, please notify the sender immediately of any unintended 
recipients, and delete the e-mail, all attachments, and all copies of both from your system.

While we have taken reasonable precautions to ensure that any attachments to this e-mail 
have been swept for viruses, we cannot accept liability for any damage sustained as a 
result of software viruses.
************************************************************************

 


************************************************************************
This e-mail and any accompanying documents or files contain information that is the 
property of HAVI Global Solutions, that is intended solely for those to whom this e-mail is addressed 
(i.e., those identified in the "To" and "Cc" boxes), and that is confidential, proprietary, 
and/or privileged.  If you are not an intended recipient of this e-mail, you are hereby 
notified that any viewing, use, disclosure, forwarding, copying, or distribution of any of 
this information is strictly prohibited and may be subject to legal sanctions.  If you have 
received this e-mail in error, please notify the sender immediately of any unintended 
recipients, and delete the e-mail, all attachments, and all copies of both from your system.

While we have taken reasonable precautions to ensure that any attachments to this e-mail 
have been swept for viruses, we cannot accept liability for any damage sustained as a 
result of software viruses.
************************************************************************
Received on Thursday, 27 October 2005 16:39:31 UTC