It's not a secret anymore!
The moose likes Tomcat and the fly likes Cannot connect to https://localhost:8443 Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login
JavaRanch » Java Forums » Products » Tomcat
Bookmark "Cannot connect to https://localhost:8443" Watch "Cannot connect to https://localhost:8443" New topic

Cannot connect to https://localhost:8443

Ravinderjit Singh
Ranch Hand

Joined: Jan 13, 2010
Posts: 78
Hello All,

I am working with tomcat-5-5.5.33

here is the server.xml for connector https

But when I try to open the url https://localhost:8443, Firefox shows the below error.

SSL received a record that exceeded the maximum permissible length.

(Error code: ssl_error_rx_record_too_long)

I have noticed that this version of tomcat binds to IPv6, due to which I can't open link http://locahost:8080 as well

But its working fine after adding 'address' attribute to http connector like.

Unfortunately this workaround is not working for https connector.

The same thing is working fine in tomcat-5-5.5.28.

Can you please let me know what could be the possible cause for this issue and why its working in tomcat-5-5.5.28 but not in tomcat-5-5.5.33?
Tim Holloway
Saloon Keeper

Joined: Jun 25, 2001
Posts: 17417

You will get that message if you don't specify the right protocol on the URL.

HTTP and HTTPS are more than just a matter of port 80 versus port 443 (or in Tomcat's normal case, 8080 and 8443). The actual data stream sent to the server is radically different as well.

HTTP is a plain-text protocol. You can (and people often do) use a telnet program to talk to an HTTP server. Telnet won't format web pages, but it will allow a diagnostician to verify that basic functioning is happening, Most of the core Internet protocols are text-based, in fact, in large part because the original Internet was specifically designed to link machines speaking ASCII with machines speaking EBCDIC or even stranger character sets/binary representations.

HTTPS is different in that the data streams are encrypted by the client and decrypted by the server going in and vice versa. So if you send plain text to the encryption listener it gets all unhappy because it can't decrypt what was never encrypted in the first place.

An IDE is no substitute for an Intelligent Developer.
Ravinderjit Singh
Ranch Hand

Joined: Jan 13, 2010
Posts: 78
Thanks for the reply.

I do not think I am doing anything wrong here. As the same practice is working fine for tomcat-5-5.5.28

Do you have any idea why its behaving differently in tomcat-5-5.5.33?
Ravinderjit Singh
Ranch Hand

Joined: Jan 13, 2010
Posts: 78
I got it.

Just have to define the protocol attribute explicitly like:

I agree. Here's the link:
subject: Cannot connect to https://localhost:8443
It's not a secret anymore!