File APIs for Java Developers
Manipulate DOC, XLS, PPT, PDF and many others from your application.
The moose likes Tomcat and the fly likes Tomcat only accepting http and not https on port 8443 Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login
JavaRanch » Java Forums » Products » Tomcat
Bookmark "Tomcat only accepting http and not https on port 8443" Watch "Tomcat only accepting http and not https on port 8443" New topic

Tomcat only accepting http and not https on port 8443

Jean Marc Strydom

Joined: Jan 12, 2012
Posts: 2

I have attempted to setup a server to use SSL on port 8443 using a certificate provided by StartCom, based on a step-by-step process I have developed over time and have succesfully implemented on a number of other servers in the past.

On this particular server, even though it is seemingly correctly setup with an SSL connector on port 8443, it will only accept http request on port 8443 and not https requests.

Testing using curl, any request using http (eg result in the tomcat home page's html being returned but any request on https (eg https: results in an "curl: (35) Unknown SSL protocol error in connection to".

Testing using a browser results in the Tomcat home page being returned for ("If you're seeing this page via a web browser, it means you've setup Tomcat successfully. Congratulations!") and for htts:// I get the interupted error ("The connection to was interrupted while the page was loading. ...").

I can't see what the problem might be and I must admit that I am at my wits end.

If anyone can point me in the right direction, I would be most grateful.

Here are the relevant snippets from the config and log files (names and places changed to protect the innocent).

****** server.xml ******
<!-- Define a non-SSL HTTP/1.1 Connector on port 8080 -->
<Connector port="8080"
minSpareThreads="25" maxSpareThreads="75"
disableUploadTimeout="true" />

<!-- SSL Port 8443 -->
<Connector port="8443"
****** end of server.xml ******

****** catalina.out ******
Using CATALINA_BASE: /usr/share/tomcat5
Using CATALINA_HOME: /usr/share/tomcat5
Using CATALINA_TMPDIR: /usr/share/tomcat5/temp
MySystemDate 3:34:37 PM org.apache.coyote.http11.Http11AprProtocol init
INFO: Initializing Coyote HTTP/1.1 on http-8080
MySystemDate 3:34:37 PM org.apache.coyote.http11.Http11AprProtocol init
INFO: Initializing Coyote HTTP/1.1 on http-8443
MySystemDate 3:34:37 PM org.apache.coyote.ajp.AjpAprProtocol init
INFO: Initializing Coyote AJP/1.3 on ajp-8009
MySystemDate 3:34:37 PM org.apache.catalina.startup.Catalina load
INFO: Initialization processed in 399 ms
MySystemDate 3:34:38 PM org.apache.catalina.core.StandardService start
INFO: Starting service Catalina
MySystemDate 3:34:38 PM org.apache.catalina.core.StandardEngine start
INFO: Starting Servlet Engine: Apache Tomcat/5.5.23
MySystemDate 3:34:38 PM org.apache.catalina.core.StandardHost start
INFO: XML validation disabled
[INFO] Initializing, config='org.apache.struts.util.LocalStrings', returnNull=true
[INFO] Initializing, config='org.apache.struts.action.ActionResources', returnNull=true
[INFO] Initializing, config='resources.application', returnNull=true
MySystemDate 3:34:39 PM org.apache.catalina.startup.Catalina start
INFO: Server startup in 1574 ms
****** end of catalina.out ******

****** container information ******
catalina.base: /usr/share/tomcat5
catalina.ext.dirs: /usr/share/tomcat5/shared/lib:/usr/share/tomcat5/common/lib
catalina.home: /usr/share/tomcat5
catalina.useNaming: true true
common.loader: ${catalina.home}/common/classes,${catalina.home}/common/i18n/*.jar,${catalina.home}/common/endorsed/*.jar,${catalina.home}/common/lib/*.jar
file.encoding: UTF-8
file.separator: /
java.awt.graphicsenv: sun.awt.X11GraphicsEnvironment
java.awt.printerjob: sun.print.PSPrinterJob
java.class.path: /usr/lib/jvm/java/lib/tools.jar:/usr/share/tomcat5/bin/bootstrap.jar:/usr/share/tomcat5/bin/commons-logging-api.jar:/usr/share/java/mx4j/mx4j-impl.jar:/usr/share/java/mx4j/mx4j-jmx.jar
java.class.version: 50.0
java.endorsed.dirs: /usr/share/tomcat5/common/endorsed
java.ext.dirs: /usr/lib/jvm/java-1.6.0-openjdk-
java.home: /usr/lib/jvm/java-1.6.0-openjdk- /usr/share/tomcat5/temp
java.library.path: /usr/lib/jvm/java-1.6.0-openjdk-
java.naming.factory.url.pkgs: org.apache.naming
java.rmi.server.randomIDs: true OpenJDK Runtime Environment
java.runtime.version: 1.6.0_20-b20 Java Platform API Specification
java.specification.vendor: Sun Microsystems Inc.
java.specification.version: 1.6
java.vendor: Sun Microsystems Inc.
java.version: 1.6.0_20 mixed mode OpenJDK Server VM Java Virtual Machine Specification
java.vm.specification.vendor: Sun Microsystems Inc.
java.vm.specification.version: 1.0
java.vm.vendor: Sun Microsystems Inc.
java.vm.version: 19.0-b09
javax.accessibility.assistive_technologies: org.GNOME.Accessibility.JavaBridge
javax.sql.DataSource.Factory: org.apache.commons.dbcp.BasicDataSourceFactory
mail.smtp.auth: true
os.arch: i386 Linux
os.version: 2.6.18-194.26.1.el5.centos.plusPAE
package.access: sun.,org.apache.catalina.,org.apache.coyote.,org.apache.tomcat.,org.apache.jasper.,sun.beans.
package.definition: sun.,java.,org.apache.catalina.,org.apache.coyote.,org.apache.tomcat.,org.apache.jasper.
path.separator: :
server.loader: ${catalina.home}/server/classes,${catalina.home}/server/lib/*.jar
shared.loader: ${catalina.base}/shared/classes,${catalina.base}/shared/lib/*.jar 32
sun.boot.class.path: /usr/share/tomcat5/common/endorsed/[jaxp_parser_impl].jar:/usr/share/tomcat5/common/endorsed/[xml-commons-apis].jar:/usr/lib/jvm/java-1.6.0-openjdk-
sun.boot.library.path: /usr/lib/jvm/java-1.6.0-openjdk-
sun.cpu.endian: little
sun.cpu.isalist: UnicodeLittle SUN_STANDARD
sun.jnu.encoding: UTF-8 HotSpot Tiered Compilers
sun.os.patch.level: unknown
tomcat.util.buf.StringCache.byte.enabled: true US
user.dir: /usr/share/tomcat5
user.home: /usr/share/tomcat5
user.language: en tomcat
user.timezone: Africa/Johannesburg****** end of container information ******
Jean Marc Strydom

Joined: Jan 12, 2012
Posts: 2
OK, I feel like an idiot. I was using the connection definition for non-APR. Changed to the following and it works.

<!-- SSL Port 8443 -->
<Connector port="8443"
maxThreads="150" scheme="https" secure="true"
clientAuth="false" sslProtocol="TLS"/>
I agree. Here's the link:
subject: Tomcat only accepting http and not https on port 8443
It's not a secret anymore!