This week's book giveaway is in the Servlets forum.
We're giving away four copies of Murach's Java Servlets and JSP and have Joel Murach on-line!
See this thread for details.
The moose likes Tomcat and the fly likes Tomcat only accepting http and not https on port 8443 Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login


Win a copy of Murach's Java Servlets and JSP this week in the Servlets forum!
JavaRanch » Java Forums » Products » Tomcat
Bookmark "Tomcat only accepting http and not https on port 8443" Watch "Tomcat only accepting http and not https on port 8443" New topic
Author

Tomcat only accepting http and not https on port 8443

Jean Marc Strydom
Greenhorn

Joined: Jan 12, 2012
Posts: 2
Hi

I have attempted to setup a server to use SSL on port 8443 using a certificate provided by StartCom, based on a step-by-step process I have developed over time and have succesfully implemented on a number of other servers in the past.

On this particular server, even though it is seemingly correctly setup with an SSL connector on port 8443, it will only accept http request on port 8443 and not https requests.

Testing using curl, any request using http (eg http://127.0.0.1:8443) result in the tomcat home page's html being returned but any request on https (eg https:127.0.0.1:8443) results in an "curl: (35) Unknown SSL protocol error in connection to 127.0.0.1:8443".

Testing using a browser results in the Tomcat home page being returned for http://127.0.0.1:8443 ("If you're seeing this page via a web browser, it means you've setup Tomcat successfully. Congratulations!") and for htts://127.0.0.1:8443 I get the interupted error ("The connection to 128.0.0.1:8443 was interrupted while the page was loading. ...").

I can't see what the problem might be and I must admit that I am at my wits end.

If anyone can point me in the right direction, I would be most grateful.

Here are the relevant snippets from the config and log files (names and places changed to protect the innocent).

****** server.xml ******
<!-- Define a non-SSL HTTP/1.1 Connector on port 8080 -->
<Connector port="8080"
maxHttpHeaderSize="8192"
maxThreads="150"
minSpareThreads="25" maxSpareThreads="75"
enableLookups="false"
redirectPort="8443"
acceptCount="100"
connectionTimeout="20000"
disableUploadTimeout="true" />

<!-- SSL Port 8443 -->
<Connector port="8443"
maxThreads="150"
scheme="https"
secure="true"
SSLEnabled="true"
keystoreFile="/usr/share/tomcat5/.keystore"
keystorePass="mypassword"
keyAlias="myserver.mydomain"
clientAuth="false"
sslProtocol="TLS"/>
****** end of server.xml ******

****** catalina.out ******
Using CATALINA_BASE: /usr/share/tomcat5
Using CATALINA_HOME: /usr/share/tomcat5
Using CATALINA_TMPDIR: /usr/share/tomcat5/temp
Using JRE_HOME:
MySystemDate 3:34:37 PM org.apache.coyote.http11.Http11AprProtocol init
INFO: Initializing Coyote HTTP/1.1 on http-8080
MySystemDate 3:34:37 PM org.apache.coyote.http11.Http11AprProtocol init
INFO: Initializing Coyote HTTP/1.1 on http-8443
MySystemDate 3:34:37 PM org.apache.coyote.ajp.AjpAprProtocol init
INFO: Initializing Coyote AJP/1.3 on ajp-8009
MySystemDate 3:34:37 PM org.apache.catalina.startup.Catalina load
INFO: Initialization processed in 399 ms
MySystemDate 3:34:38 PM org.apache.catalina.core.StandardService start
INFO: Starting service Catalina
MySystemDate 3:34:38 PM org.apache.catalina.core.StandardEngine start
INFO: Starting Servlet Engine: Apache Tomcat/5.5.23
MySystemDate 3:34:38 PM org.apache.catalina.core.StandardHost start
INFO: XML validation disabled
[INFO] Initializing, config='org.apache.struts.util.LocalStrings', returnNull=true
[INFO] Initializing, config='org.apache.struts.action.ActionResources', returnNull=true
[INFO] Initializing, config='resources.application', returnNull=true
....
....
MySystemDate 3:34:39 PM org.apache.catalina.startup.Catalina start
INFO: Server startup in 1574 ms
****** end of catalina.out ******

****** container information ******
catalina.base: /usr/share/tomcat5
catalina.ext.dirs: /usr/share/tomcat5/shared/lib:/usr/share/tomcat5/common/lib
catalina.home: /usr/share/tomcat5
catalina.useNaming: true
com.sun.management.jmxremote:
com.sun.media.jai.disableMediaLib: true
common.loader: ${catalina.home}/common/classes,${catalina.home}/common/i18n/*.jar,${catalina.home}/common/endorsed/*.jar,${catalina.home}/common/lib/*.jar
file.encoding: UTF-8
file.encoding.pkg: sun.io
file.separator: /
java.awt.graphicsenv: sun.awt.X11GraphicsEnvironment
java.awt.printerjob: sun.print.PSPrinterJob
java.class.path: /usr/lib/jvm/java/lib/tools.jar:/usr/share/tomcat5/bin/bootstrap.jar:/usr/share/tomcat5/bin/commons-logging-api.jar:/usr/share/java/mx4j/mx4j-impl.jar:/usr/share/java/mx4j/mx4j-jmx.jar
java.class.version: 50.0
java.endorsed.dirs: /usr/share/tomcat5/common/endorsed
java.ext.dirs: /usr/lib/jvm/java-1.6.0-openjdk-1.6.0.0/jre/lib/ext:/usr/java/packages/lib/ext
java.home: /usr/lib/jvm/java-1.6.0-openjdk-1.6.0.0/jre
java.io.tmpdir: /usr/share/tomcat5/temp
java.library.path: /usr/lib/jvm/java-1.6.0-openjdk-1.6.0.0/jre/lib/i386/server:/usr/lib/jvm/java-1.6.0-openjdk-1.6.0.0/jre/lib/i386:/usr/lib/jvm/java-1.6.0-openjdk-1.6.0.0/jre/../lib/i386:/usr/java/packages/lib/i386:/lib:/usr/lib
java.naming.factory.initial: org.apache.naming.java.javaURLContextFactory
java.naming.factory.url.pkgs: org.apache.naming
java.rmi.server.randomIDs: true
java.runtime.name: OpenJDK Runtime Environment
java.runtime.version: 1.6.0_20-b20
java.specification.name: Java Platform API Specification
java.specification.vendor: Sun Microsystems Inc.
java.specification.version: 1.6
java.vendor: Sun Microsystems Inc.
java.vendor.url: http://java.sun.com/
java.vendor.url.bug: http://java.sun.com/cgi-bin/bugreport.cgi
java.version: 1.6.0_20
java.vm.info: mixed mode
java.vm.name: OpenJDK Server VM
java.vm.specification.name: Java Virtual Machine Specification
java.vm.specification.vendor: Sun Microsystems Inc.
java.vm.specification.version: 1.0
java.vm.vendor: Sun Microsystems Inc.
java.vm.version: 19.0-b09
javax.accessibility.assistive_technologies: org.GNOME.Accessibility.JavaBridge
javax.sql.DataSource.Factory: org.apache.commons.dbcp.BasicDataSourceFactory
line.separator:
mail.smtp.auth: true
mail.smtp.host:
mail.smtp.localhost: 192.168.0.51
os.arch: i386
os.name: Linux
os.version: 2.6.18-194.26.1.el5.centos.plusPAE
package.access: sun.,org.apache.catalina.,org.apache.coyote.,org.apache.tomcat.,org.apache.jasper.,sun.beans.
package.definition: sun.,java.,org.apache.catalina.,org.apache.coyote.,org.apache.tomcat.,org.apache.jasper.
path.separator: :
server.loader: ${catalina.home}/server/classes,${catalina.home}/server/lib/*.jar
shared.loader: ${catalina.base}/shared/classes,${catalina.base}/shared/lib/*.jar
sun.arch.data.model: 32
sun.boot.class.path: /usr/share/tomcat5/common/endorsed/[jaxp_parser_impl].jar:/usr/share/tomcat5/common/endorsed/[xml-commons-apis].jar:/usr/lib/jvm/java-1.6.0-openjdk-1.6.0.0/jre/lib/resources.jar:/usr/lib/jvm/java-1.6.0-openjdk-1.6.0.0/jre/lib/rt.jar:/usr/lib/jvm/java-1.6.0-openjdk-1.6.0.0/jre/lib/sunrsasign.jar:/usr/lib/jvm/java-1.6.0-openjdk-1.6.0.0/jre/lib/jsse.jar:/usr/lib/jvm/java-1.6.0-openjdk-1.6.0.0/jre/lib/jce.jar:/usr/lib/jvm/java-1.6.0-openjdk-1.6.0.0/jre/lib/charsets.jar:/usr/lib/jvm/java-1.6.0-openjdk-1.6.0.0/jre/lib/netx.jar:/usr/lib/jvm/java-1.6.0-openjdk-1.6.0.0/jre/lib/plugin.jar:/usr/lib/jvm/java-1.6.0-openjdk-1.6.0.0/jre/lib/rhino.jar:/usr/lib/jvm/java-1.6.0-openjdk-1.6.0.0/jre/lib/modules/jdk.boot.jar:/usr/lib/jvm/java-1.6.0-openjdk-1.6.0.0/jre/classes
sun.boot.library.path: /usr/lib/jvm/java-1.6.0-openjdk-1.6.0.0/jre/lib/i386
sun.cpu.endian: little
sun.cpu.isalist:
sun.io.unicode.encoding: UnicodeLittle
sun.java.launcher: SUN_STANDARD
sun.jnu.encoding: UTF-8
sun.management.compiler: HotSpot Tiered Compilers
sun.os.patch.level: unknown
tomcat.util.buf.StringCache.byte.enabled: true
user.country: US
user.dir: /usr/share/tomcat5
user.home: /usr/share/tomcat5
user.language: en
user.name: tomcat
user.timezone: Africa/Johannesburg****** end of container information ******
Jean Marc Strydom
Greenhorn

Joined: Jan 12, 2012
Posts: 2
OK, I feel like an idiot. I was using the connection definition for non-APR. Changed to the following and it works.

<!-- SSL Port 8443 -->
<Connector port="8443"
maxThreads="150" scheme="https" secure="true"
SSLEngine="on"
SSLCertificateFile="mycert.crt"
SSLCertificateKeyFile="mykey.pem"
SSLPassword="....."
clientAuth="false" sslProtocol="TLS"/>
 
I agree. Here's the link: http://aspose.com/file-tools
 
subject: Tomcat only accepting http and not https on port 8443
 
Similar Threads
Getting Java running on RHEL 5
probleam in run eclipse on fedora 12
Tomcat startup configuration question
Server starts but page can't display (JBoss AS 5.1.0.GA)
Two instances of Tomcat on the same OS