Author: jfrederic.clere(a)jboss.com
Date: 2008-03-17 05:51:55 -0400 (Mon, 17 Mar 2008)
New Revision: 508
Modified:
trunk/webapps/docs/ssl-howto.xml
Log:
Add SSLRandomSeed explainations.
Modified: trunk/webapps/docs/ssl-howto.xml
===================================================================
--- trunk/webapps/docs/ssl-howto.xml 2008-03-15 19:20:09 UTC (rev 507)
+++ trunk/webapps/docs/ssl-howto.xml 2008-03-17 09:51:55 UTC (rev 508)
@@ -268,11 +268,11 @@
<subsection name="Edit the JBoss Web Configuration File">
<p>If you are using APR, you have the option of configuring an alternative engine
to openSSL.
<source>
-<Listener className="org.apache.catalina.core.AprLifecycleListener"
SSLEngine="someengine" />
+<Listener className="org.apache.catalina.core.AprLifecycleListener"
SSLEngine="someengine" SSLRandomSeed="somedevice" />
</source>
The default value is
<source>
-<Listener className="org.apache.catalina.core.AprLifecycleListener"
SSLEngine="on" />
+<Listener className="org.apache.catalina.core.AprLifecycleListener"
SSLEngine="on" SSLRandomSeed="builtin" />
</source>
So to use SSL under APR, make sure the SSLEngine attribute is set to something other than
<code>off</code>.
The default value is <code>on</code> and if you specify another value, it has
to be a valid engine name.
@@ -281,6 +281,9 @@
<source>
<Listener className="org.apache.catalina.core.AprLifecycleListener"
SSLEngine="off" />
</source>
+SSLRandomSeed allows to specify a source of entropy. Productive system needs a reliable
source of entropy
+but entropy may need a lot of time to be collected therefore test systems could use no
blocking entropy
+sources like "/dev/urandom" that will allow quickier starts of JBoss Web.
</p>
Show replies by date