Browser connects via SSL to Tomcat/Yanel

Binary Version

Within the file TOMCAT/webapps/yanel/WEB-INF/web.xml one can set

<init-param xmlns:webApp="">

Restart Tomcat (please make sure that Tomcat has SSL turned on, see "conf/serverl.xml")

Source Version

Within the file src/build/(local.) one can set the parameters tomcat1.ssl.port=8443 and tomcat2.ssl.port=8443. Then re-configure Tomcat (run "configure" to turn on SSL for Tomcat resp. patch "conf/server.xml") resp. re-build (run "build" to patch the "web.xml" file) Yanel

Please note that the keystore file local/apache-tomcat-7.0.25/yanel.keystore is generated by src/build/targets/webapp/webapp.xml (and src/build/targets/webapp/cluster.xml), whereas the configiration parameters are taken from src/build/(local.) (See properties 'certificate.*').

Yanel connects via SSL to third-party server

In some cases Yanel might has to access third-party servers which are only accessible via SSL (e.g. ActiveMQ). In order to do so one can configure a trust-store inside Yanel as described in the following paragraphs:

Creating a trust-store file called 'truststore.jks'

Assuming that you have a certificate (named 'CA_CERTIFICATE') from the CA that signed the third-party server's certificate. One can create a trust-store file (named 'truststore.jks') by executing the following command:

keytool -importcert -v -alias MY_ALIAS -file CA_CERTIFICATE -storepass MY_PASSWORD -keystore truststore.jks

Check whether the certificate has been added correctly by running (use password MY_PASSWORD)

keytool -v -list -keystore truststore.jks

In order to delete a certificate from the truststore use

keytool -delete -alias MY_ALIAS -keystore truststore.jks

Configuring the location of the trust-store

One can configure the location of the trust-store file and its password inside yanel.xml. Yanel is reading this configuration at startup and will set the java system properties '' and '' accordingly.

Using the trust-store configuration

Your custom Yanel code (e.g. to init[] ...) might access the trust-store configuration by using



Your comments are much appreciated

Is the content of this page unclear or you think it could be improved? Please add a comment and we will try to improve it accordingly.