aspose file tools*
The moose likes Tomcat and the fly likes Tomcat SSL/TLS Problem Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login
JavaRanch » Java Forums » Products » Tomcat
Bookmark "Tomcat SSL/TLS Problem" Watch "Tomcat SSL/TLS Problem" New topic
Author

Tomcat SSL/TLS Problem

Abhimanyu Rathore
Ranch Hand

Joined: Jan 23, 2010
Posts: 32

Hi There

I am trying to "https" to localhost, i.e to myapp
Details are as follows

tomcat-users.xml

web.xml


After using the $JAVA_HOME/bin/keytool, like following


and providing all the necessary password and details in tomcat/conf/server.xml


Now, when i try to access my app in FireFox(same in chrome), i can see the url-redirecting to https and its specific port no.8443
BUT it throws error as "Firefox/Chrome can't establish a connection to the server at localhost:8443"

Please, Any help will be appropriated..
Tim Holloway
Saloon Keeper

Joined: Jun 25, 2001
Posts: 16065
    
  21

Normally the first question we ask is whether there's a firewall allowance for port 8443. In the case of localhost access, however, that's usually not a problem.

The next thing to check is the Tomcat logs, especially the catalina.out file. If the SSL Connector failed to configure, there is usually information there.


Customer surveys are for companies who didn't pay proper attention to begin with.
Abhimanyu Rathore
Ranch Hand

Joined: Jan 23, 2010
Posts: 32

Tim Holloway wrote:Normally the first question we ask is whether there's a firewall allowance for port 8443. In the case of localhost access, however, that's usually not a problem.

The next thing to check is the Tomcat logs, especially the catalina.out file. If the SSL Connector failed to configure, there is usually information there.



Hi Tim, thanks for replying..
catalina.out didnt help at all. i couldnt find any reasonable information from this logfile.
I don't think there is any firewall issue either, cos its a ubuntu machine and i never installed any external firewall on it.
i have tried on chrome too, in that case, error message is as follows


thanks in return
Tim Holloway
Saloon Keeper

Joined: Jun 25, 2001
Posts: 16065
    
  21

Abhimanyu Rathore
Ranch Hand

Joined: Jan 23, 2010
Posts: 32

i tried the following script , it seems port 8443 isn't active..
Abhimanyu Rathore
Ranch Hand

Joined: Jan 23, 2010
Posts: 32

Any idea Tim what should i do, in order make it work..
Tim Holloway
Saloon Keeper

Joined: Jun 25, 2001
Posts: 16065
    
  21

If there port 8443 is not listening and there aren't any errors in the log files, then about all I can think of is that you should make sure your Connector element in server.xml is not commented out.

Just about anything other than that that you can do wrong with the Connector gets some sort of error message. Speaking from experience, alas!
Carles Gasques
Ranch Hand

Joined: Apr 19, 2013
Posts: 199
    
    1
Something is preventing to start the connector at 8433
random thought try instead of


Abhimanyu Rathore
Ranch Hand

Joined: Jan 23, 2010
Posts: 32

No Tim, the error persist..
One more thing, i want to bring into your notice is,
i tried changing <connector> redirectPort attribute and SSL HTTP/1.1 Connector port to 4321, just in case if it works on different port
The thing that i noticed was, it still forwards to default SSL port "8443", i don't know why this happens..
Tim Holloway
Saloon Keeper

Joined: Jun 25, 2001
Posts: 16065
    
  21

Are you trying to run Tomcat inside Eclipse?
Abhimanyu Rathore
Ranch Hand

Joined: Jan 23, 2010
Posts: 32

Yeah Tim, i am running tomcat in eclipse
Am i doing something wrong..
Carles Gasques
Ranch Hand

Joined: Apr 19, 2013
Posts: 199
    
    1
This behaviour not seems quite reasonable :-)

Your ssl connector has to be commented out and should not have any redirectPort informed.
Are you editing the running server.xml?

Abhimanyu Rathore wrote:No Tim, the error persist..
One more thing, i want to bring into your notice is,
i tried changing <connector> redirectPort attribute and SSL HTTP/1.1 Connector port to 4321, just in case if it works on different port
The thing that i noticed was, it still forwards to default SSL port "8443", i don't know why this happens..
Tim Holloway
Saloon Keeper

Joined: Jun 25, 2001
Posts: 16065
    
  21

Abhimanyu Rathore wrote:Yeah Tim, i am running tomcat in eclipse
Am i doing something wrong..


You are probably using WTP, the abominable plugin that comes with J2EE Eclipse. The reason why I call it abominable is precisely because it does things like this.

WTP isn't using your edited server.xml, it's using an imperfect copy made of selected files in the Tomcat conf directory and it's not very clever about detecting when you have made changes to the originals. Which is why I install the sysdeo Tomcat plugin and use it instead of the WTP extensions.

Assuming, however, that you won't be installing sysdeo just to fix your SSL problem, you're going to have to give the Eclipse tomcat setting a good swift kick in order to get WTP to pull in your server.xml mods for SSL.

The best place to get help on that is probably the Eclipse forum.
Abhimanyu Rathore
Ranch Hand

Joined: Jan 23, 2010
Posts: 32

Thanks a lot Tim, for this piece of information.. I'll try asking the same on eclipse forum..
.. Thanks
Abhimanyu Rathore
Ranch Hand

Joined: Jan 23, 2010
Posts: 32

Tim Holloway wrote:
Abhimanyu Rathore wrote:Yeah Tim, i am running tomcat in eclipse
Am i doing something wrong..


You are probably using WTP, the abominable plugin that comes with J2EE Eclipse. The reason why I call it abominable is precisely because it does things like this.

WTP isn't using your edited server.xml, it's using an imperfect copy made of selected files in the Tomcat conf directory and it's not very clever about detecting when you have made changes to the originals. Which is why I install the sysdeo Tomcat plugin and use it instead of the WTP extensions.

Assuming, however, that you won't be installing sysdeo just to fix your SSL problem, you're going to have to give the Eclipse tomcat setting a good swift kick in order to get WTP to pull in your server.xml mods for SSL.

The best place to get help on that is probably the Eclipse forum.


Thanks a Lot Tim..
I did what you suggested, problem was with WTP plugin itself. Its working now..
Thanks a lot friend, for replying so fast and being so accurate on the subject matter..
..








 
I agree. Here's the link: http://aspose.com/file-tools
 
subject: Tomcat SSL/TLS Problem