This will show if the connector is coming up. If it is, then I'd need to know the exact error message you get when issuing an https request to the server. Also any differences you might get between issuing the request on the server machine versus what you get when issuing the request on some other machine.
There's no "even" to opening port 8443 on iptables, though. If you don't do it, external clients cannot use it.
And on opening the 8443, i made the Iptable to accept 8443 and open for outside world. I am not sure where i can capture the error log. As mine is a deployed VM i don't have UI to Hit the https locally, but when i try hitting the https externally from my machine then it is not responding. where as for the same IP i am able to access 8080 - http
In my firewall, I keep a "-j LOG" rule right before the final (DROP) rule so I can see who is offending me.
There are several ways to check a webserver locally on a machine with no GUI interface. You can use the "links" (or "lynx") character-mode browser, if it is installed. You can use wget. You can use curl. For simple plain-text protocols such as http, you can even use telnet.
Joined: Jul 24, 2013
I tried hitting the https external URL, it is getting timed out.
1. Your remote client isn't actually talking to the machine you think it is (wrong IP address)
2. Your firewall isn't really open for port 8443
3. Your client is making an IPV4 request, but Tomcat is only listening to IPV6 traffic (some JVMs would do this by default).
4. Your client is making an IPV6 request, but you have only opened the IPV4 firewall for 8443.
In theory, netstat would show if condition 3 is the problem, but on my CentOS server, it's a little ambiguous these days.
Joined: Jul 24, 2013
Thanks for the response. In the below mentioned point we can remove point 1, as i tried the IP with 8080 (Http) on wget, i am getting the response. On other three i guess the machine is using iptables not ip6tables. Just to calrify about the iptables and ip6tables, i see only iptables inside systemconfig where i can add port exception script or even driectly run iptable accept command . Then is that means that my server is using Iptables not ip6tables right. Sorry to ask the basic questions, i am pretty new to Linux world.
Sometimes people are talking to a Tomcat, but not the Tomcat they think they're talking to, which is why I listed point #1.
The presence or absence of ip6tables has nothing to do with whether any given server on the machine is listening on IPV6. Also, IPV6 and IPV4 are not mutually exclusive. A server can listen to both. Which is why I couldn't be certain of what I saw on my own netstat listing.
However, if your client is making an IPV6 request and the ip6tables firewall blocks it or the server isn't listening on IPV6, it will fail.
Likewise, if your client makes an IPV4 request and the server is only listening on IPV6, it will fail. This is a common case, since, as I said, some JVM versions would only listen to IPV6 by default and had to be conditioned via a command-line option to listen on IPV4.
You might try installing an Oracle Java 7 release and setting your Tomcat's JAVA_HOME to reference it. I haven't noticed any problems there.