<?xml version="1.0" encoding="UTF-8"?> <!-- Licensed to the Apache Software Foundation (ASF) under one or more contributor license agreements. See the NOTICE file distributed with this work for additional information regarding copyright ownership. The ASF licenses this file to You under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0 Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions and limitations under the License. --> <!DOCTYPE document [ <!ENTITY project SYSTEM "project.xml"> ]> <document url="index.html"> &project; <properties> <author email="jfclere@apache.org">Jean-Frederic Clere</author> <title>Documentation Index</title> </properties> <body> <section name="Introduction"> <p> The Apache Tomcat Native Library is an optional component for use with Apache Tomcat that allows Tomcat to use OpenSSL as a replacement for JSSE to support TLS connections. </p> </section> <section name="Headlines"> <ul> <li><a href="news/2023.html#20230602">2 June 2023 - <b>TC-Native-2.0.4 released</b></a> <p>The Apache Tomcat team is proud to announce the immediate availability of Tomcat Native 2.0.4 Stable.</p> <p> The sources and the binaries for selected platforms are available from the <a href="../download-native.cgi">Download page</a>. </p> <p> Please see the <a href="miscellaneous/changelog.html">Changelog</a> for a full list of changes. </p> </li> </ul> </section> <section name="Building"> <subsection name="Requirements"> <p> Build tc-native requires three components to be installed: </p> <ul> <li>APR library</li> <li>OpenSSL libraries</li> <li>Java SE Development Kit (JDK)</li> </ul> <p> In debian based Linux those dependencies could be installed by something like: </p> <source>apt-get install libapr1.0-dev libssl-dev</source> <p> In rpm based Linux those dependencies could be installed by something like: </p> <source>yum install apr-devel openssl-devel</source> </subsection> <subsection name="UNIX"> <p> On all the POSIX systems (Linux, Solaris, HP-UX, AIX etc...) a well-known configure and make is used to build tc-native.<br/> In the jni/native runs: </p> <source>./configure --help</source> <p>to read the description of all the parameters.</p> <source >./configure --with-apr=$HOME/APR \ --with-java-home=$JAVA_HOME \ --with-ssl=$HOME/OPENSSL \ --prefix=$CATALINA_HOME</source> <p> to create the includes and makefiles to be able to build tc-native.<br/> Where:<br/> <code>$HOME/APR</code> is something like /usr/bin/apr-1-config or the path where apr is installed.<br/> <code>$JAVA_HOME</code> is something like /home/jfclere/JAVA/jdk11 or the path to a JDK installation. Any JDK should work but it is advisable to use the same JVM version the JVM you use with Tomcat.<br/> <code>$HOME/OPENSSL</code> is the path where OpenSSL is installed.<br/> <code>$CATALINA_HOME</code> is the path where the produced libraries will be installed. Something like $HOME/apache-tomcat-10.1.0<br/> <br/> The configure is able to guess most of OpenSSL standard installations. So most of the time the following will be enough: </p> <source >./configure --with-apr=/usr/bin/apr-1-config \ --with-java-home=/home/jfclere/JAVA/jdk11 \ --with-ssl=yes \ --prefix=$CATALINA_HOME</source> <p> To build the libraries and install them: </p> <source>make &amp;&amp; make install</source> <p> The libraries will be found in $CATALINA_HOME/lib </p> </subsection> <subsection name="Windows"> <p> Download the Windows sources of tc-native and extract them. </p> <p> Obtain the Windows sources for <a href="http://apr.apache.org/download.cgi">APR</a> and <a href="https://www.openssl.org/source/">OpenSSL</a>. Apply the patches from native/srclib and build APR and OpenSSL for your platform (X86 or X64). </p> <p> Build with <source >nmake -f NMAKEMakefile WITH_APR=... WITH_OPENSSL=... APR_DECLARE_STATIC=1</source> </p> <p> More detailed instructions including the steps to create a standard release distribution are provided on the <a href="https://cwiki.apache.org/confluence/display/TOMCAT/Building+the+Tomcat+Native+Connector+binaries+for+Windows">Wiki</a>. </p> </subsection> </section> <section name="Install and tests"> <subsection name="Configuring Tomcat"> <p> Apache Tomcat comes with the <code>AprLifecycleListener</code> enabled by default. Still, you should check your <code>conf/server.xml</code> to ensure that something like the following is present, and uncommented: </p> <source wrapped="true" ><![CDATA[<Listener className="org.apache.catalina.core.AprLifecycleListener" SSLEngine="on" />]]></source> <p> Please see the Apache Tomcat documentation for configuration specifics. </p> </subsection> <subsection name="UNIX"> <p> Edit $CATALINA_HOME/bin/setenv.sh (creating the file if necessary) and add the path to the tc-native libraries to LD_LIBRARY_PATH. Something like: </p> <source>LD_LIBRARY_PATH=$LD_LIBRARY_PATH:$CATALINA_HOME/lib export LD_LIBRARY_PATH</source> <p> Start tomcat and check for the messages like these ones: </p> <source wrapped="true" >15-Jun-2022 11:06:23.274 INFO [main] org.apache.catalina.core.AprLifecycleListener.lifecycleEvent Loaded Apache Tomcat Native library [2.0.0-dev] using APR version [1.7.0] 15-Jun-2022 11:06:23.298 INFO [main] org.apache.catalina.core.AprLifecycleListener.initializeSSL OpenSSL successfully initialized [OpenSSL 3.0.4-dev 3 May 2022]</source> <p> Refer to the tomcat documentation to configure the connectors (See <a href="https://tomcat.apache.org/tomcat-10.1-doc/config/http.html">Tomcat 10.1.x</a>, <a href="https://tomcat.apache.org/tomcat-9.0-doc/config/http.html">Tomcat 9.0.x</a> and <a href="https://tomcat.apache.org/tomcat-8.5-doc/config/http.html">Tomcat 8.5.x</a>) </p> </subsection> <subsection name="Windows"> <p> Edit $CATALINA_BASE\bin\setenv.bat (creating the file if necessary) and add the path to the tc-native libraries, apr and OpenSSL to PATH. For example: </p> <source wrapped="true" >set PATH=%PATH;C:\cygwin\home\support\tomcat-native-current-win32-src\jni\native\Debug;C:\cygwin\home\support\tomcat-native-current-win32-src\jni\apr\Debug;C:\OpenSSL\lib\VC</source> <p> Start tomcat and check for the messages like these ones: </p> <source wrapped="true" >15-Jun-2022 11:06:23.274 INFO [main] org.apache.catalina.core.AprLifecycleListener.lifecycleEvent Loaded Apache Tomcat Native library [2.0.0-dev] using APR version [1.7.0] 15-Jun-2022 11:06:23.298 INFO [main] org.apache.catalina.core.AprLifecycleListener.initializeSSL OpenSSL successfully initialized [OpenSSL 3.0.4-dev 3 May 2022]</source> </subsection> </section> </body> </document>