SSL Setup

Kwok runs on Tomcat servers, and SSL is supported by Tomcat. Refers to http://tomcat.apache.org/.

Based on our experience, OpenSSL/Apache Portable Runtime (APR) combination is easier to setup.

Some guidelines:

- Use OpenSSL to generate a certificate request, make sure to keep the private key file

- Purchase an SSL certificate or generate a self-sign one

- Download the version of tcnative-1.dll that is compatible with your tomcat/operating system, and store it under Tomcat/bin directory. They have 32-bit and 64-bit versions. If you're not sure which one to use, try one at a time by starting up Tomcat.

If you see "Loaded APR based Apache Tomcat Native library ..." in the server log, the tcnative-1.dll/APR is loaded correctly

- Update server.xml and restart Tomcat again