Hello, I am trying to set up a secure connection between two instances of tomcat. I need to ensure that the "back" instance will only take connections from the "front" instance. This needs to be done over a SSL. So far I have created a separate certificate for each instance and exported the public part of it to the other instance. I have also set a separate keystore for each instance and modified the server.xml file accordingly. What I would like to know is how do I tell the back tomcat to authenticate the server its passing data to (the front tomcat). I’ve tried to use client authentication but this simply prompts the user to submit a certificate. I’m guessing it’s a setting in a security file somewhere but I’ve yet to find it! Thanks Ian Anderson
That's ambitious! If the two Tomcats are on the same server or operating totally withing a trusted environment (same LAN, firewalls) I'd only worry about SSL if I was doing something where security was REALLY tight like nuclear missles, New York Stock Exchange, etc. The simplest way to do it should be to set up the "server" server to handle SSL in the normal way and have the "client" server issue a request via an https URLConnection. If there's a lot of traffic, you may prefer to run daemon threads in the servers and use SSL socket connections to avoid the overhead of setting up and tearing down the SSL sockets for each request.
When it comes to destroying a civilization, gas chambers cannot hold a candle to echo chambers.