wood burning stoves 2.0*
The moose likes Tomcat and the fly likes Tomcat  SSL problem Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login


Win a copy of The Java EE 7 Tutorial Volume 1 or Volume 2 this week in the Java EE forum
or jQuery UI in Action in the JavaScript forum!
JavaRanch » Java Forums » Products » Tomcat
Bookmark "Tomcat  SSL problem" Watch "Tomcat  SSL problem" New topic
Author

Tomcat SSL problem

Lu�s Matos
Greenhorn

Joined: Nov 09, 2005
Posts: 12
Hi

I've configured my tomcat server to use SSL with the explanation in tomcat site. After this configuration when I try https://localhost:8443 the page try to open for a long time and then I get The page cannot be displayed error.

I'm using Tomcat 5.5.12 and JRE 1.5.0_06-b05 and I have the .keystore in the default directory. I didn't install the JSSE because I have the last version of JRE and as I read isn't necessary.

Anyone know if is needed more configuration to use ssl?

Thanks
Lu�s Matos
Ben Souther
Sheriff

Joined: Dec 11, 2004
Posts: 13410

Can you post the <Connector ... /> entry for your SSL connector (from tomcat/conf/server.xml?

Be sure not to post your actual password.


Java API J2EE API Servlet Spec JSP Spec How to ask a question... Simple Servlet Examples jsonf
Lu�s Matos
Greenhorn

Joined: Nov 09, 2005
Posts: 12
Hi Ben Souther

Thanks for the reply.

Here my connector:



I already try with the example in the tomcat web site but is the same.



If I try http://localhost:8443/ it works but https://localhost:8443/ don't open.

Thanks
Lu�s Matos
Lu�s Matos
Greenhorn

Joined: Nov 09, 2005
Posts: 12
Hi

Anyone know what can be the problem?
Anyone can help?

Thanks
Lu�s Matos
Udayakumar Reddy
Greenhorn

Joined: Mar 24, 2006
Posts: 7
Hi,

I have one solution for ur problem. Its very simple to do that.Try the following

If the keystore is avilable just delete it and try the following


Goto the $JAVA_HOME/bin

Type the following
keytool -genkey -alias tomcat -keyalg RSA

Give the inputs accordingly



Then uncomment the follwing code in server.xml

<Connector port="8443"
maxThreads="150" minSpareThreads="25" maxSpareThreads="75"
enableLookups="false" disableUploadTimeout="true"
acceptCount="100" debug="0" scheme="https" secure="true"
clientAuth="false" sslProtocol="TLS" />

Restart ur Tomcat.

Then try

http://localhost:8443
Then I guess u wont get any problem.

Reddy
Lu�s Matos
Greenhorn

Joined: Nov 09, 2005
Posts: 12
Hi Udayakumar Reddy

Thanks for the reply.
I try what you said but just work in http://localhost:8443 not in https://localhost:8443. When I try https://localhost:8443 the page try to open for a long time and then I got the error: The page cannot be displayed.

Thanks
Lu�s Matos
Udayakumar Reddy
Greenhorn

Joined: Mar 24, 2006
Posts: 7
Hi,

Generally http port is 8080 and https port is 8443.
I have done the above configuration and its working fine.
Why dont u try once again.

When u try the link http://localhost:8443
definetly it will display some junk not the actual data.
https://localhost:8443 is the cirrect one.

Just try it once and let me know.


Regards

Reddy
Lu�s Matos
Greenhorn

Joined: Nov 09, 2005
Posts: 12
Hi

In http://localhost:8443 I have exactly the same that I have in http://localhost.

I have the .keystore file in C:\Documents and Settings\myname\ directory

I did what is in the apache site:
http://tomcat.apache.org/tomcat-4.0-doc/ssl-howto.html

Here my server.xml configuration:
Is something wrong?



Thanks for the help.
Lu�s Matos
[ April 03, 2006: Message edited by: Lu�s Matos ]
Sachin Naik
Greenhorn

Joined: Apr 03, 2006
Posts: 1
I was trying this out myself, and had the same problem. It wasn't until I read the "IMPORTANT NOTE" at the top of the 'SSL Configuration HOW-TO' at the tomcat website, that I figured out the problem.

I had checked the option during tomcat installation to install the Tomcat Native dll. The important note says "This howto refers to usage of JSSE. When using APR, Tomcat will use OpenSSL, which uses a different configuration". APR is the Apache Portable Runtime.

I tried to figure out the OpenSSL stuff, but I think I need to download more pieces to create the certificate.

Rather than do that, I just uninstalled/reinstalled tomcat without the 'Tomcat native' option. Now it works after I set up server.xml and create the certificate. I did specify the keystoreFile and keystorePass attributes for the connector, since I was getting errors in my tomcat logs.

Hope this works for you too.
Sachin
Ashok Donepudi
Greenhorn

Joined: Jul 05, 2013
Posts: 2
Steps to follow to fix tomcat 7 migration from tomcat 6 caused due to SSL Exception.


1. Commented ServerLifeCycleListener in server.xml as Tomcat7 has removed that class from the jar file.
2. Download the “tcnative-1.dll” and keep place it under bin folder of tomcat.(URL: http://archive.apache.org/dist/tomcat/tomcat-connectors/native/1.1.27/binaries/)
3. Change the server setting to fix the SSL Security exception in tomcat.
<Connector port="8443" maxHttpHeaderSize="8192"maxThreads="150" enableLookups="false" disableUploadTimeout="true" acceptCount="100" scheme="https" secure="true"
SSLEnabled="true" SSLCertificateFile="${catalina.base}/.keystore" SSLCertificateKeyFile="${catalina.base}/.keystore" />


Thanks
Ashok




Cheers
Ashok
 
Consider Paul's rocket mass heater.
 
subject: Tomcat SSL problem