File APIs for Java Developers
Manipulate DOC, XLS, PPT, PDF and many others from your application.
The moose likes Security and the fly likes SSL V3 with Tomcat Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login
JavaRanch » Java Forums » Engineering » Security
Bookmark "SSL V3 with Tomcat" Watch "SSL V3 with Tomcat" New topic

SSL V3 with Tomcat


Joined: Aug 20, 2003
Posts: 3
Hi all,
I have a Tomcat server with SSL enabled. My tomcat version in 1.4.27 and JDK is 1.4.2_03. HTTPS has been working fine with my self generated certificate [I used keytool to generate certificate and import it to keystore file].
I have replaced this self generated certificate with a signed certificate. After this, I get a 'page not found' whenever I access my server through HTTPS.

The noticable difference between the unsigned and signed certifictes is that the former cert version was V1 and signature algorithm was md5RSA. Now with the CA signed certificate the version is V3 and signature algorithm is sha1RSA.

I ran the following command to check the handshake :-
openssl s_client -connect <myServer>:8443 -ssl3 -debug

I get this error :
5364:error:14094410:SSL routines:SSL3_READ_BYTES:sslv3 alert handshake failure:s
3_pkt.c:1052:SSL alert number 40
5364:error:1409E0E5:SSL routines:SSL3_WRITE_BYTES:ssl handshake failure:s3_pkt.c

I have the same version of tomcat running on another server but when I run the openssl command on this other server, the handshake is successful.

Any help on why I am seeing the handshake failure for ssl3 is much appretiated.

Thanks a ton !

wood burning stoves
subject: SSL V3 with Tomcat
It's not a secret anymore!