| <?xml version="1.0" encoding="UTF-8"?> |
| <!-- |
| Licensed to the Apache Software Foundation (ASF) under one or more |
| contributor license agreements. See the NOTICE file distributed with |
| this work for additional information regarding copyright ownership. |
| The ASF licenses this file to You under the Apache License, Version 2.0 |
| (the "License"); you may not use this file except in compliance with |
| the License. You may obtain a copy of the License at |
| |
| http://www.apache.org/licenses/LICENSE-2.0 |
| |
| Unless required by applicable law or agreed to in writing, software |
| distributed under the License is distributed on an "AS IS" BASIS, |
| WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. |
| See the License for the specific language governing permissions and |
| limitations under the License. |
| --> |
| <!DOCTYPE document [ |
| <!ENTITY project SYSTEM "project.xml"> |
| ]> |
| <document url="index.html"> |
| |
| &project; |
| |
| <properties> |
| <author email="jfclere@apache.org">Jean-Frederic Clere</author> |
| <title>Documentation Index</title> |
| </properties> |
| |
| <body> |
| |
| <section name="Introduction"> |
| |
| <p> |
| The Apache Tomcat Native Library is an optional component for use with |
| Apache Tomcat that allows Tomcat to use OpenSSL as a replacement for JSSE |
| to support TLS connections. |
| </p> |
| |
| </section> |
| |
| <section name="Headlines"> |
| <ul> |
| |
| <li><a href="news/2023.html#20230213">13 February 2023 - <b>TC-Native-2.0.3 |
| released</b></a> |
| <p>The Apache Tomcat team is proud to announce the immediate availability of |
| Tomcat Native 2.0.3 Stable.</p> |
| <p> |
| The sources and the binaries for selected platforms are available from the |
| <a href="../download-native.cgi">Download page</a>. |
| </p> |
| <p> |
| Please see the <a href="miscellaneous/changelog.html">Changelog</a> for a full |
| list of changes. |
| </p> |
| </li> |
| </ul> |
| </section> |
| |
| <section name="Building"> |
| <subsection name="Requirements"> |
| <p> |
| Build tc-native requires three components to be installed: |
| </p> |
| <ul> |
| <li>APR library</li> |
| <li>OpenSSL libraries</li> |
| <li>Java SE Development Kit (JDK)</li> |
| </ul> |
| |
| <p> |
| In debian based Linux those dependencies could be installed by something like: |
| </p> |
| <source>apt-get install libapr1.0-dev libssl-dev</source> |
| <p> |
| In rpm based Linux those dependencies could be installed by something like: |
| </p> |
| <source>yum install apr-devel openssl-devel</source> |
| </subsection> |
| |
| <subsection name="UNIX"> |
| <p> |
| On all the POSIX systems (Linux, Solaris, HP-UX, AIX etc...) a well-known |
| configure and make is used to build tc-native.<br/> |
| In the jni/native runs: |
| </p> |
| <source>./configure --help</source> |
| <p>to read the description of all the parameters.</p> |
| <source |
| >./configure --with-apr=$HOME/APR \ |
| --with-java-home=$JAVA_HOME \ |
| --with-ssl=$HOME/OPENSSL \ |
| --prefix=$CATALINA_HOME</source> |
| <p> |
| to create the includes and makefiles to be able to build tc-native.<br/> |
| Where:<br/> |
| <code>$HOME/APR</code> is something like /usr/bin/apr-1-config or the path |
| where apr is installed.<br/> |
| <code>$JAVA_HOME</code> is something like /home/jfclere/JAVA/jdk11 or the |
| path to a JDK installation. Any JDK should work but it is advisable to use |
| the same JVM version the JVM you use with Tomcat.<br/> |
| <code>$HOME/OPENSSL</code> is the path where OpenSSL is installed.<br/> |
| <code>$CATALINA_HOME</code> is the path where the produced libraries will be |
| installed. Something like $HOME/apache-tomcat-10.1.0<br/> |
| <br/> |
| The configure is able to guess most of OpenSSL standard installations. |
| So most of the time the following will be enough: |
| </p> |
| <source |
| >./configure --with-apr=/usr/bin/apr-1-config \ |
| --with-java-home=/home/jfclere/JAVA/jdk11 \ |
| --with-ssl=yes \ |
| --prefix=$CATALINA_HOME</source> |
| <p> |
| To build the libraries and install them: |
| </p> |
| <source>make && make install</source> |
| <p> |
| The libraries will be found in $CATALINA_HOME/lib |
| </p> |
| </subsection> |
| |
| <subsection name="Windows"> |
| <p> |
| Download the Windows sources of tc-native and extract them. |
| </p> |
| <p> |
| Obtain the Windows sources for |
| <a href="http://apr.apache.org/download.cgi">APR</a> and |
| <a href="https://www.openssl.org/source/">OpenSSL</a>. Apply the patches from |
| native/srclib and build APR and OpenSSL for your platform (X86 or X64). |
| </p> |
| <p> |
| Build with <source |
| >nmake -f NMAKEMakefile WITH_APR=... WITH_OPENSSL=... APR_DECLARE_STATIC=1</source> |
| </p> |
| <p> |
| More detailed instructions including the steps to create a standard release |
| distribution are provided on the <a |
| href="https://cwiki.apache.org/confluence/display/TOMCAT/Building+the+Tomcat+Native+Connector+binaries+for+Windows">Wiki</a>. |
| </p> |
| </subsection> |
| |
| </section> |
| |
| <section name="Install and tests"> |
| <subsection name="Configuring Tomcat"> |
| <p> |
| Apache Tomcat comes with the <code>AprLifecycleListener</code> enabled |
| by default. Still, you should check your <code>conf/server.xml</code> |
| to ensure that something like the following is present, and uncommented: |
| </p> |
| |
| <source wrapped="true" |
| ><![CDATA[<Listener className="org.apache.catalina.core.AprLifecycleListener" SSLEngine="on" />]]></source> |
| <p> |
| Please see the Apache Tomcat documentation for configuration specifics. |
| </p> |
| |
| </subsection> |
| |
| <subsection name="UNIX"> |
| <p> |
| Edit $CATALINA_HOME/bin/setenv.sh (creating the file if necessary) and add |
| the path to the tc-native libraries to LD_LIBRARY_PATH. Something like: |
| </p> |
| <source>LD_LIBRARY_PATH=$LD_LIBRARY_PATH:$CATALINA_HOME/lib |
| export LD_LIBRARY_PATH</source> |
| <p> |
| Start tomcat and check for the messages like these ones: |
| </p> |
| <source wrapped="true" |
| >15-Jun-2022 11:06:23.274 INFO [main] org.apache.catalina.core.AprLifecycleListener.lifecycleEvent Loaded Apache Tomcat Native library [2.0.0-dev] using APR version [1.7.0] |
| 15-Jun-2022 11:06:23.298 INFO [main] org.apache.catalina.core.AprLifecycleListener.initializeSSL OpenSSL successfully initialized [OpenSSL 3.0.4-dev 3 May 2022]</source> |
| |
| <p> |
| Refer to the tomcat documentation to configure the connectors (See |
| <a href="https://tomcat.apache.org/tomcat-10.1-doc/config/http.html">Tomcat 10.1.x</a>, |
| <a href="https://tomcat.apache.org/tomcat-9.0-doc/config/http.html">Tomcat 9.0.x</a> and |
| <a href="https://tomcat.apache.org/tomcat-8.5-doc/config/http.html">Tomcat 8.5.x</a>) |
| </p> |
| </subsection> |
| |
| <subsection name="Windows"> |
| <p> |
| Edit $CATALINA_BASE\bin\setenv.bat (creating the file if necessary) and add |
| the path to the tc-native libraries, apr and OpenSSL to PATH. For example: |
| </p> |
| |
| <source wrapped="true" |
| >set PATH=%PATH;C:\cygwin\home\support\tomcat-native-current-win32-src\jni\native\Debug;C:\cygwin\home\support\tomcat-native-current-win32-src\jni\apr\Debug;C:\OpenSSL\lib\VC</source> |
| <p> |
| Start tomcat and check for the messages like these ones: |
| </p> |
| <source wrapped="true" |
| >15-Jun-2022 11:06:23.274 INFO [main] org.apache.catalina.core.AprLifecycleListener.lifecycleEvent Loaded Apache Tomcat Native library [2.0.0-dev] using APR version [1.7.0] |
| 15-Jun-2022 11:06:23.298 INFO [main] org.apache.catalina.core.AprLifecycleListener.initializeSSL OpenSSL successfully initialized [OpenSSL 3.0.4-dev 3 May 2022]</source> |
| |
| </subsection> |
| |
| </section> |
| |
| </body> |
| </document> |