File APIs for Java Developers
Manipulate DOC, XLS, PPT, PDF and many others from your application.
http://aspose.com/file-tools
The moose likes Security and the fly likes Unable to turn on SSL(https) on the remote server Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login


Win a copy of OCM Java EE 6 Enterprise Architect Exam Guide this week in the OCMJEA forum!
JavaRanch » Java Forums » Engineering » Security
Bookmark "Unable to turn on SSL(https) on the remote server" Watch "Unable to turn on SSL(https) on the remote server" New topic
Author

Unable to turn on SSL(https) on the remote server

Kacem Bel
Ranch Hand

Joined: Jan 26, 2011
Posts: 30

Hi

I have a strange problem to make up the SSL work, here is the situation:

1- I have a Tomcat with SSL enabled on my local machine(windows xp) and it works juste fine.



2- I uploaded a .war file of my project and publish it on a remote machine(linux CentOs)

3- The site works fine when there is no SSL enabled on the web.xml of my project

2- I tried to use just the same keystore and same configuration that I have been using in my local machine Tomcat server.xml

4- The problem is the SSL is working in local but not on the remote server


have I missed something? isnt it supposed to work because I'm really using the same configuration on both machines? or maybe something else on the remote machine is intercepting the https request who knews...


Thank you for clarifying for me


regards


OCP-JP 6 - OCE-JPAD - OCE-EJBD
Koen Aerts
Ranch Hand

Joined: Feb 07, 2012
Posts: 344

"not working" is vague... what happens when you connect to port 8444 on the remote server? Any error messages on the screen and in the remote server tomcat log files? Is port 8444 open on the remote server (i.e. netstat command; or telnet to that port, ...). What if you change the backslash to a forward slash in keystoreFile="webapps/keystore2.bin"?
Kacem Bel
Ranch Hand

Joined: Jan 26, 2011
Posts: 30

Hi Koen ,

Thanks for replaying, sorry for not providing much details, well there is absolutely no error message or exception on calatina.out, I have made some log message on my main Filter and I see that the page has been requested actually, the page take some while loading and at the end the browser says that the page is unreachable the server did not respond in time....

for the backslash thing I have already fixed it or else I would get an exception at deployement time , I will check the port if it is open it looks like that the problem was there, I will tell you the result anyways


regards

Tim McGuire
Ranch Hand

Joined: Apr 30, 2003
Posts: 820

sorry to ask silly questions, but might as well make sure:

1. do you have openSSL on your remote server?
2. where did you put the certificate and the key on your remote server (what directory?)
3. when you used the keytool command on your windows XP, what exact command did you use and what, exactly did you upload to your remote server?
Koen Aerts
Ranch Hand

Joined: Feb 07, 2012
Posts: 344

Based on the description of the issue it seems more of a connectivity related problem rather than Tomcat related.
Kacem Bel
Ranch Hand

Joined: Jan 26, 2011
Posts: 30

Hi everyone


Responding to Tim's questions :

1- no I dont , I did create the keystore file on my locale machine with the keytool,
2- I did put the keystore file that contains the certificate in the webapps file in Tomcat base directory (I know i should change the localtion but now it's just for testing purpose)
3- I did use that guide : SSL Guide, and used my own informations to create the certificate (does it matter what informations did I put ?), and just uploaded the keystore file to the remote server

I hope that I answer your questions correctly, now I have to make sure about the port and connectevity I will check that in a moment and be right back, Thanks
Kacem Bel
Ranch Hand

Joined: Jan 26, 2011
Posts: 30

Hi again

In fact it was the port 8444 that is not open on the remote server I just opened it and now it works like a charme ,
many thanks to Koen Aerts and Tim too, you made my day

Have a nice day


best regards
 
I agree. Here's the link: http://aspose.com/file-tools
 
subject: Unable to turn on SSL(https) on the remote server