Win a copy of Re-engineering Legacy Software this week in the Refactoring forum
or Docker in Action in the Cloud/Virtualization forum!
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic

Tomcat SSL problem

 
Lu�s Matos
Greenhorn
Posts: 12
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Hi

I've configured my tomcat server to use SSL with the explanation in tomcat site. After this configuration when I try https://localhost:8443 the page try to open for a long time and then I get The page cannot be displayed error.

I'm using Tomcat 5.5.12 and JRE 1.5.0_06-b05 and I have the .keystore in the default directory. I didn't install the JSSE because I have the last version of JRE and as I read isn't necessary.

Anyone know if is needed more configuration to use ssl?

Thanks
Lu�s Matos
 
Ben Souther
Sheriff
Posts: 13411
Firefox Browser Redhat VI Editor
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Can you post the <Connector ... /> entry for your SSL connector (from tomcat/conf/server.xml?

Be sure not to post your actual password.
 
Lu�s Matos
Greenhorn
Posts: 12
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Hi Ben Souther

Thanks for the reply.

Here my connector:



I already try with the example in the tomcat web site but is the same.



If I try http://localhost:8443/ it works but https://localhost:8443/ don't open.

Thanks
Lu�s Matos
 
Lu�s Matos
Greenhorn
Posts: 12
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Hi

Anyone know what can be the problem?
Anyone can help?

Thanks
Lu�s Matos
 
Udayakumar Reddy
Greenhorn
Posts: 7
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Hi,

I have one solution for ur problem. Its very simple to do that.Try the following

If the keystore is avilable just delete it and try the following


Goto the $JAVA_HOME/bin

Type the following
keytool -genkey -alias tomcat -keyalg RSA

Give the inputs accordingly



Then uncomment the follwing code in server.xml

<Connector port="8443"
maxThreads="150" minSpareThreads="25" maxSpareThreads="75"
enableLookups="false" disableUploadTimeout="true"
acceptCount="100" debug="0" scheme="https" secure="true"
clientAuth="false" sslProtocol="TLS" />

Restart ur Tomcat.

Then try

http://localhost:8443
Then I guess u wont get any problem.

Reddy
 
Lu�s Matos
Greenhorn
Posts: 12
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Hi Udayakumar Reddy

Thanks for the reply.
I try what you said but just work in http://localhost:8443 not in https://localhost:8443. When I try https://localhost:8443 the page try to open for a long time and then I got the error: The page cannot be displayed.

Thanks
Lu�s Matos
 
Udayakumar Reddy
Greenhorn
Posts: 7
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Hi,

Generally http port is 8080 and https port is 8443.
I have done the above configuration and its working fine.
Why dont u try once again.

When u try the link http://localhost:8443
definetly it will display some junk not the actual data.
https://localhost:8443 is the cirrect one.

Just try it once and let me know.


Regards

Reddy
 
Lu�s Matos
Greenhorn
Posts: 12
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Hi

In http://localhost:8443 I have exactly the same that I have in http://localhost.

I have the .keystore file in C:\Documents and Settings\myname\ directory

I did what is in the apache site:
http://tomcat.apache.org/tomcat-4.0-doc/ssl-howto.html

Here my server.xml configuration:
Is something wrong?



Thanks for the help.
Lu�s Matos
[ April 03, 2006: Message edited by: Lu�s Matos ]
 
Sachin Naik
Greenhorn
Posts: 1
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
I was trying this out myself, and had the same problem. It wasn't until I read the "IMPORTANT NOTE" at the top of the 'SSL Configuration HOW-TO' at the tomcat website, that I figured out the problem.

I had checked the option during tomcat installation to install the Tomcat Native dll. The important note says "This howto refers to usage of JSSE. When using APR, Tomcat will use OpenSSL, which uses a different configuration". APR is the Apache Portable Runtime.

I tried to figure out the OpenSSL stuff, but I think I need to download more pieces to create the certificate.

Rather than do that, I just uninstalled/reinstalled tomcat without the 'Tomcat native' option. Now it works after I set up server.xml and create the certificate. I did specify the keystoreFile and keystorePass attributes for the connector, since I was getting errors in my tomcat logs.

Hope this works for you too.
Sachin
 
Ashok Donepudi
Greenhorn
Posts: 2
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Steps to follow to fix tomcat 7 migration from tomcat 6 caused due to SSL Exception.


1. Commented ServerLifeCycleListener in server.xml as Tomcat7 has removed that class from the jar file.
2. Download the “tcnative-1.dll” and keep place it under bin folder of tomcat.(URL: http://archive.apache.org/dist/tomcat/tomcat-connectors/native/1.1.27/binaries/)
3. Change the server setting to fix the SSL Security exception in tomcat.
<Connector port="8443" maxHttpHeaderSize="8192"maxThreads="150" enableLookups="false" disableUploadTimeout="true" acceptCount="100" scheme="https" secure="true"
SSLEnabled="true" SSLCertificateFile="${catalina.base}/.keystore" SSLCertificateKeyFile="${catalina.base}/.keystore" />


Thanks
Ashok
 
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic