DeaconFrost
[H]F Junkie
- Joined
- Sep 6, 2007
- Messages
- 11,582
I've inherited a problem that I'm trying to make less of a problem. We have a site that runs on Apache Tomcat 7 running on a Windows Server 2016. *insert groans here*.
So, we mandated that all of our websites use 443/HTTPS. I was able to hack my way through getting the server.xml updated with our cert and password for the cert. It is no longer using a Java keystore.
Anyway, is there a good tip or trick on securing the server.xml file? It has our cert password in plain text....and I'm not crazy about that.
So, we mandated that all of our websites use 443/HTTPS. I was able to hack my way through getting the server.xml updated with our cert and password for the cert. It is no longer using a Java keystore.
Anyway, is there a good tip or trick on securing the server.xml file? It has our cert password in plain text....and I'm not crazy about that.