RE: Configuring SSL for Jigsaw 2.2.4 from Laird, Brian on 2005-10-31 (www-jigsaw@w3.org from September to October 2005)

From: Laird, Brian <BLaird@perseco.com>
Date: Mon, 31 Oct 2005 08:50:22 -0600
To: "Faisal Javeed" <FJaveed@intechww.com>, <www-jigsaw@w3.org>
Message-ID: <198C7B6593B76E44B30C3AAC456E57A17E6524@electra.Perseco.com>
Faisal, 

 

Absolute paths in the property file should be fine.  The only oddity
that I can see is that all the other paths you have contain double
slashes, but the path to the keystore is just setup with single slashes.
In general, if you are getting the popup window about the certificate
not matching that is correct especially if you did the generation of the
certificate.  The only way to have those popups go away is to either add
the root certificate authority into the browser (which is painful at
best) or purchase one from verisign, thawte, or somewhere like that.

 

The "End of File" errors are pretty common especially if you are behind
a load balancer.  You can turn off tracing in the props file to suppress
those errors.

 

As far as the file missing (the 404 error), I am not sure what to tell
you since I can't see your configuration.  In general make sure that the
root node has a HTTPFrame added to it.  The HTTPFrame should have an
index specified so the server knows what to serve up when someone just
types in the https://www.myserver.com/. 

 

I hope this helps,

Brian

 

________________________________

From: www-jigsaw-request@w3.org [mailto:www-jigsaw-request@w3.org] On
Behalf Of Faisal Javeed
Sent: Sunday, October 30, 2005 10:36 PM
To: www-jigsaw@w3.org
Subject: RE: Configuring SSL for Jigsaw 2.2.4

 


I did use the -keyalg RSA option to generate the certificate. 
Is it neccessary to given relative paths in the prop files, right now i
m using absolute paths. 

This is my https-server file 

#Updated by Install 
#Wed Oct 26 12:21:21 GMT+05:00 2005 
org.w3c.jigsaw.http.socket.SocketClientFactory.maxClients=30 
org.w3c.jigsaw.request.timeout=3000000 
org.w3c.jigsaw.client.bufsize=8192 
org.w3c.jigsaw.serializer=org.w3c.tools.resources.serialization.xml.XMLS
erializer 
org.w3c.jigsaw.port=443 
org.w3c.jigsaw.http.socket.SocketClientFactory.maxThreads=85 
org.w3c.jigsaw.client.priority=5 
org.w3c.jigsaw.trashdir=D\:\\IntechSW_Group\\WES\\Current\\Deployment\\W
ES\\WS\\Jigsaw\\jigsaw\\trash 
org.w3c.jigsaw.root=D\:\\IntechSW_Group\\WES\\Current\\Deployment\\WES\\
WS\\Jigsaw\\jigsaw 
org.w3c.jigsaw.root.name=root 
org.w3c.jigsaw.server=Jigsaw/2.2.4 
org.w3c.jigsaw.docurl=/Doc/Reference 
org.w3c.www.protocol.http.filters= 
org.w3c.jigsaw.root.class=org.w3c.jigsaw.resources.DirectoryResource 
org.w3c.jigsaw.checkpointer=/Admin/Checkpointer 
org.w3c.jigsaw.checkSensitivity=true 
org.w3c.jigsaw.propfile=D\:\\IntechSW_Group\\WES\\Current\\Deployment\\W
ES\\WS\\Jigsaw\\jigsaw\\config\\https-server.props 
org.w3c.jigsaw.space=D\:\\IntechSW_Group\\WES\\Current\\Deployment\\WES\
\WS\\Jigsaw\\jigsaw\\www 
org.w3c.jigsaw.keepAlive=true 
org.w3c.jigsaw.version.counter=4 
org.w3c.jigsaw.http.socket.SocketClientFactory.maxFree=15 
org.w3c.jigsaw.config=D\:\\IntechSW_Group\\WES\\Current\\Deployment\\WES
\\WS\\Jigsaw\\jigsaw\\config 
org.w3c.jigsaw.edit.root=root 
org.w3c.jigsaw.logger=org.w3c.jigsaw.http.CommonLogger 
org.w3c.jigsaw.ssl.enabled=true 
# Points to the key store (cf. 4. above, don't forget to put the full
path to the keystore) 
org.w3c.jigsaw.ssl.keystore.path=D:\IntechSW_Group\WES\Current\Deploymen
t\WES\WS\Jigsaw\jigsaw\keystore\intechww.keystore 
# Supplies the password for accessing the key store ... 
org.w3c.jigsaw.ssl.keystore.password=temppass 
# Finally, the socket client factory has to be set to the SSL factory
... 
org.w3c.jigsaw.http.ClientFactory=org.w3c.jigsaw.https.socket.SSLSocketC
lientFactory 



server-props.file 

org.w3c.jigsaw.daemon.handlers=https-server|admin-server 
https-server.org.w3c.jigsaw.daemon.class=org.w3c.jigsaw.https.httpsd 
admin-server.org.w3c.jigsaw.daemon.class=org.w3c.jigsaw.admin.AdminServe
r 






Regards 
Faisal Javeed 
INTECH Process Automation Pvt. Ltd. 
119-B Tech Society Lahore-54590, Pakistan 
Cell:      03334241582 
Voice:   +92 42 5427001 (3 lines) 
Fax:      +92 42 5411724 
Web:     www.intechww.com 


************************************************************************
This e-mail and any accompanying documents or files contain information that is the 
property of HAVI Global Solutions, that is intended solely for those to whom this e-mail is addressed 
(i.e., those identified in the "To" and "Cc" boxes), and that is confidential, proprietary, 
and/or privileged.  If you are not an intended recipient of this e-mail, you are hereby 
notified that any viewing, use, disclosure, forwarding, copying, or distribution of any of 
this information is strictly prohibited and may be subject to legal sanctions.  If you have 
received this e-mail in error, please notify the sender immediately of any unintended 
recipients, and delete the e-mail, all attachments, and all copies of both from your system.

While we have taken reasonable precautions to ensure that any attachments to this e-mail 
have been swept for viruses, we cannot accept liability for any damage sustained as a 
result of software viruses.
************************************************************************
Received on Monday, 31 October 2005 14:50:37 UTC