• Post Reply Bookmark Topic Watch Topic
  • New Topic
programming forums Java Mobile Certification Databases Caching Books Engineering Micro Controllers OS Languages Paradigms IDEs Build Tools Frameworks Application Servers Open Source This Site Careers Other Pie Elite all forums
this forum made possible by our volunteer staff, including ...
Marshals:
  • Campbell Ritchie
  • Jeanne Boyarsky
  • Ron McLeod
  • Paul Clapham
  • Liutauras Vilda
Sheriffs:
  • paul wheaton
  • Rob Spoor
  • Devaka Cooray
Saloon Keepers:
  • Stephan van Hulst
  • Tim Holloway
  • Carey Brown
  • Frits Walraven
  • Tim Moores
Bartenders:
  • Mikalai Zaikin

Using SSL

 
Ranch Hand
Posts: 106
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Hi
I am trying to use SSL protocol for accessing my jsp page.I have configured the following as per the tomcat docs:-
1 Create a certificate keystore by executing the following command:
Windows:
%JAVA_HOME%\bin\keytool -genkey -alias tomcat -keyalg RSA
2 Uncomment the "SSL HTTP/1.1 Connector" entry in $CATALINA_HOME/conf/server.xml and tweak as necessary
After that restart the server

I have a normal jsp page called homepage.jsp & i want to access this one using https protocol.So i want to know whether i do need to make any changes in this jsp. Because this homepage.jsp is accessible using http protocol but when i use https it gives can not find server.
Please help me in this
 
venkatesh pendharkar
Ranch Hand
Posts: 106
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
someone please help
 
Rancher
Posts: 43081
77
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
You do not need to change the JSP. Can you access https://localhost:8443/ (or are you using a different port?)
 
venkatesh pendharkar
Ranch Hand
Posts: 106
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Thanks Ulf for the reply.
I have already tried it by using port 8443 but still it doesnt work i.e. page doesnt open.Any other suggestions?
 
Sheriff
Posts: 67746
173
Mac Mac OS X IntelliJ IDE jQuery TypeScript Java iOS
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
I've moved this off to the Tomcat forum where proper setup for SSL can be discussed.
 
Sheriff
Posts: 13411
Firefox Browser VI Editor Redhat
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator

Originally posted by venkatesh pendharkar:
Hi
...and tweak as necessary...



Maybe you could tell us, exactly, what tweaking you've done?
Better yet, can you post the <Connector ../> entry for your secure connector from your server.xml (minus your keystorePass value, of course)?
 
venkatesh pendharkar
Ranch Hand
Posts: 106
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
this is the part of my server.xml where i have defined SSL:

<Connector className="org.apache.coyote.tomcat4.CoyoteConnector"
port="8080"
enableLookups="true" redirectPort="8443"
acceptCount="100" connectionTimeout="20000"
useURIValidationHack="false" disableUploadTimeout="true" />
<!-- Note : To disable connection timeouts, set connectionTimeout value to 0 -->
Define a SSL Coyote HTTP/1.1 Connector on port 8443
<!-- <Connector className="org.apache.coyote.tomcat4.CoyoteConnector"
port="8443" enableLookups="true" scheme="https" secure="true"
acceptCount="100"
useURIValidationHack="false" disableUploadTimeout="true"
clientAuth="false" sslProtocol="TLS" />-->

I just uncommented the line;-Define a SSL Coyote HTTP/1.1 Connector on port 8443 & after that i created the certificate using keytool in jdk.
 
Ben Souther
Sheriff
Posts: 13411
Firefox Browser VI Editor Redhat
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
You need to tell Tomcat where your keystore is and what the password for it is:

 
venkatesh pendharkar
Ranch Hand
Posts: 106
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
thanks Ben for reply
Can you tell me whether keystoreFile= attribute should point to the path where keystore file is placed??Becuase i dont know where this file is stored.I searched my entire c: for *.kdb file but couldnt find anything.
So i thought of creating another certificate by keytool but now its not taking the password that I had set.it gives the error as "keytool error: java.io.IOException: Keystore was tampered with, or password was
incorrect" .I dont know why this is happening beacuase i very well remember that password that i had set was "123456".But now its not taking that password.Can you tell me if there is any way by which i can reset the password.I have reinstalled jdk as well,still it doesnt work.
 
Ben Souther
Sheriff
Posts: 13411
Firefox Browser VI Editor Redhat
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
You can specify the path and filename when you run keytool.

Example:


In that example, I'm creating a keystore in the current directory with
filename: 'keystore.kdb'.
 
venkatesh pendharkar
Ranch Hand
Posts: 106
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
HI
I created keystore.kdb in "C:\jdk1.5.0_0\bin\" so in my server.xml i have added the following :-
keystoreFile="C:\jdk1.5.0_0\bin\keystore.kdb"
keystorePass="changeit"

Buts still it doesnt work i.e. when i try to access a jsp by https then it shows as Can not find server,but the same page is displayed when using http protocol.
Is there anything else left to be done.
I also restarted server couple of times.
 
Greenhorn
Posts: 2
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Hi
Me too have the same problem while setup SSL on tomcat. The port 8080(http) is working correctly, but 8443(https) shown error page. Any other Solution.
I am using Suse10.1(SLED) JDK1.4 and tomcat4.1........

Thanks in advance
siva
[ February 11, 2007: Message edited by: smiley_siva ]
 
With a little knowledge, a cast iron skillet is non-stick and lasts a lifetime.
reply
    Bookmark Topic Watch Topic
  • New Topic