Version 7 (modified by Fredrik Levander, 10 years ago) (diff)


Configuring the Proteios server to access remote files via https

To allow Proteios to use a certificate when accessing remote files over https, it needs to be configured with the location of the certificate files, and a file with th epassword to the certificate. For security reason it could be good to set permissions to the certificate and password files so that they are only readable by the tomcat user. Note that the certificate file need to be configured with an alias (name) for the certificate to use.

Alternative 1: Settings in properties file (Proteios SE 2.20.0 and higher)

The preferred method is to set the connection parameter values in properties file Copy template file client/servlet/conf/ to a file and add the settings to the latter:

  • cert.alias = ALIAS (This is the name of the certificate to look for in the P12 file)
  • = PATH_TO_P12_FILE (This is the path to the certificate to use for remote connections)
  • = PATH_TO_JKS_FILE (This is the path to the JKS format file with host certificates to trust)

And the password to the P12 certificate specified either as:



  • cert.passFile = PATH_TO_P12_PASSWORD_FILE

If keyStorePassword is missing, an attempt is made to read it from cert.passFile.

The file should be readable for the tomcat user, and preferably not readable for other users if it contains passwords. The same goes for the separate password file.

Alternative 2: settings as jvm parameters


The following jvm parameters need to be set for tomcat:

  • -Dcert.passFile=PATH_TO_P12_PASSWORD_FILE (or
  • -Dcert.alias=ALIAS

This can be done by configuring your tomcat.conf file. However, if a property (like alias) contains a space character, instead write to
(for example cert.alias=my name)

FTP server

If the connection parameters are set in a properties file (alternative 2 above), no specific changes should be needed for the ftp server. Otherwise, make the following additions:

For the ftp server, currently the startup script has to be edited: Add a line in the beginning:
PROP=" -Dcert.passFile=PATH_TO_P12_PASSWORD_FILE -Dcert.alias=\"my name\""

And change the two lines with 'su':
su - tomcat -c "nohup java -server $PROP -Xmx$MEMORY -cp $CLASSPATH -t\"$temp_dir\" -start $PORT&"