You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@tomcat.apache.org by Mark Whitby <ug...@cs.bham.ac.uk> on 2006/02/08 17:02:24 UTC
Problem with setting up an SSL secure page
Dear all,
I am currently designing a final year project for my University course and I am having problems getting a working SSL connection. I have Tomcat set up and working fine, but when it comes to accessing a page over the https setup, I am having no luck.
Firstly a few technical details. I am using Windows XP Home, with Internet Explorer 6.0.2900.2180. I am using the latest Java installation, jdk 1.5.0_05 and so the JSSE comes installed with that. I'm using Tomcat 5.0, the latest installation available (it's only been installed on my system for the last few weeks). I have McAffe Security Centre installed but the problem occurs even with this turned off.
Now the problem. I have followed word by word the set up instructions in the Tomcat manual. I have created the certificate and verified it using the command line. I have altered the server.xml file to include the path "keystorePath="D:/FYPCode/keystore" "where I have copied the keystore to. I've done everything. Yet when I type https://localhost:8443 in the browser window I get nothing. When using IE it takes ages to search for the page, then eventually I get "This page cannot be displayed" and in Mozilla I get a message after a couple of minutes saying the page has timed out and get left with a blank page. So I can't load the page up at all.
I've tried everything I can think of to get it to work. I have 3 different books on this subject and I've followed the instructions in every one to try and get this to work. Nothing has worked. I did a Google search using as many different combinations of words I can think of but the only help I get is for Tomcat 3 and the old JSSE installation. So I'm lost. I did even think about installing the JSSE 1.3 to see if that had an effect, as I can't find any of the jar files that are mentionned in that area. However, I felt it best to ignore that as it says.
So as you can see I've tried everything I can think of. Nothing as worked. If anyone can help me I would be extremely grateful.
Many thanks
Mark Whitby
ug82msw@cs.bham.ac.uk
Re: Problem with setting up an SSL secure page
Posted by Mike Sabroff <mi...@cygnusb2b.com>.
What firewall are you using..if any? Is it on or off?
Parsons Technical Services wrote:
> What is in the logs?
>
>
>
> ----- Original Message ----- From: "Mark Whitby" <ug...@cs.bham.ac.uk>
> To: <us...@tomcat.apache.org>
> Sent: Wednesday, February 08, 2006 11:02 AM
> Subject: Problem with setting up an SSL secure page
>
>
> Dear all,
>
> I am currently designing a final year project for my University course
> and I am having problems getting a working SSL connection. I have
> Tomcat set up and working fine, but when it comes to accessing a page
> over the https setup, I am having no luck.
>
> Firstly a few technical details. I am using Windows XP Home, with
> Internet Explorer 6.0.2900.2180. I am using the latest Java
> installation, jdk 1.5.0_05 and so the JSSE comes installed with that.
> I'm using Tomcat 5.0, the latest installation available (it's only
> been installed on my system for the last few weeks). I have McAffe
> Security Centre installed but the problem occurs even with this turned
> off.
>
> Now the problem. I have followed word by word the set up instructions
> in the Tomcat manual. I have created the certificate and verified it
> using the command line. I have altered the server.xml file to include
> the path "keystorePath="D:/FYPCode/keystore" "where I have copied the
> keystore to. I've done everything. Yet when I type
> https://localhost:8443 in the browser window I get nothing. When
> using IE it takes ages to search for the page, then eventually I get
> "This page cannot be displayed" and in Mozilla I get a message after a
> couple of minutes saying the page has timed out and get left with a
> blank page. So I can't load the page up at all.
>
> I've tried everything I can think of to get it to work. I have 3
> different books on this subject and I've followed the instructions in
> every one to try and get this to work. Nothing has worked. I did a
> Google search using as many different combinations of words I can
> think of but the only help I get is for Tomcat 3 and the old JSSE
> installation. So I'm lost. I did even think about installing the
> JSSE 1.3 to see if that had an effect, as I can't find any of the jar
> files that are mentionned in that area. However, I felt it best to
> ignore that as it says.
>
> So as you can see I've tried everything I can think of. Nothing as
> worked. If anyone can help me I would be extremely grateful.
>
> Many thanks
>
> Mark Whitby
> ug82msw@cs.bham.ac.uk
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
> For additional commands, e-mail: users-help@tomcat.apache.org
>
--
Mike Sabroff
Web Services
Developer
mike.sabroff@cygnusb2b.com
920-568-8379
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org
Re: Problem with setting up an SSL secure page
Posted by Mark Whitby <ug...@cs.bham.ac.uk>.
Dhavel,
I've deleted the.dll file from the folder and it seems to be working fine
now! If anything changes I'll let you know but for now all is looking good!
Thank you very much indeed for your help!
Mark
----- Original Message -----
From: "Dhaval Patel" <dh...@yahoo.com>
To: "Tomcat Users List" <us...@tomcat.apache.org>
Sent: Wednesday, February 08, 2006 4:43 PM
Subject: Re: Problem with setting up an SSL secure page
> Mark,
>
> I had trouble with verisign. I tried a few things then gave up. The
> instructions works with
> self-signed certificate. Trust me it works.
>
> You can try to follow instructions from scratch with fresh tomcat
> install. One more thing. When
> you use command "keytool genkey -alias localhost -keyalg RSA", you are
> using JSSE and you can not
> use APR. While using JSSE, make sure you delete tcnative-1.dll from tomcat
> bin folder. Also try to
> use the <Connector .../> same as I have written.
>
> See if you get success. These instructions have been tested many times
> and it works with
> self-signed certificates.
>
> Let me know your progress and we will get you going on your project.
>
> Regards,
> D
>
> --- Mark Whitby <ug...@cs.bham.ac.uk> wrote:
>
>> Dhavel,
>>
>> I'm unable to get the certificate signed by someone like Verisign so I've
>> been using self signed certificates. To do this all I've done is follow
>> the
>> advice on the help page, using the command "keytool =genkey -alias
>> localhost -keyalg RSA" Once that's done I've linked from server.xml to
>> the
>> .keystore file created using this.
>>
>> Is this right or am I missing a step?
>>
>> Mark
>>
>> ----- Original Message -----
>> From: "Dhaval Patel" <dh...@yahoo.com>
>> To: "Tomcat Users List" <us...@tomcat.apache.org>
>> Sent: Wednesday, February 08, 2006 4:22 PM
>> Subject: Re: Problem with setting up an SSL secure page
>>
>>
>> > Hi,
>> >
>> > I have setup small guide on SSL with Tomcat 5.5. You can find it at
>> > http://www.mail-archive.com/users%40tomcat.apache.org/msg02500.html
>> >
>> > But that guide is in Tomcat 5.5 with APR (Apache Portable Runtime).
>> > It
>> > works with
>> > self-generated certificates. (I think it does not work with Verisign
>> > certificates but I am not
>> > 100% sure) Try to follow the guide and you will be able to setup SSL.
>> > But
>> > make sure that you use
>> > Tomcat 5.5 because it has APR connector (tcnative-1.dll).
>> >
>> > Once you setup SSL, test it on https://localhost or
>> > https://localhost:port . Then use the
>> > following snippet to enable SSL in your web-app.
>> >
>> > <security-constraint>
>> > <web-resource-collection>
>> > <web-resource-name>Secure</web-resource-name>
>> > <url-pattern>/*</url-pattern>
>> > <http-method>GET</http-method>
>> > <http-method>POST</http-method>
>> > </web-resource-collection>
>> > <user-data-constraint>
>> > <transport-guarantee>CONFIDENTIAL</transport-guarantee>
>> > </user-data-constraint>
>> > </security-constraint>
>> >
>> > For more information, visit:
>> > http://registry.paradigma.net/omar/registry/thin/doc/UsingHTTPS.html
>> >
>> > May be someone help you out with Tomcat 5.0 but since I know things
>> > are
>> > working with Tomcat
>> > 5.5 so I thought above instructions will make you move quickly.
>> >
>> > Let us know your experience.
>> >
>> > Regards,
>> > D
>> >
>> >
>> > --- Parsons Technical Services <pa...@earthlink.net> wrote:
>> >
>> >> What is in the logs?
>> >>
>> >>
>> >>
>> >> ----- Original Message -----
>> >> From: "Mark Whitby" <ug...@cs.bham.ac.uk>
>> >> To: <us...@tomcat.apache.org>
>> >> Sent: Wednesday, February 08, 2006 11:02 AM
>> >> Subject: Problem with setting up an SSL secure page
>> >>
>> >>
>> >> Dear all,
>> >>
>> >> I am currently designing a final year project for my University course
>> >> and I
>> >> am having problems getting a working SSL connection. I have Tomcat
>> >> set
>> >> up
>> >> and working fine, but when it comes to accessing a page over the https
>> >> setup, I am having no luck.
>> >>
>> >> Firstly a few technical details. I am using Windows XP Home, with
>> >> Internet
>> >> Explorer 6.0.2900.2180. I am using the latest Java installation, jdk
>> >> 1.5.0_05 and so the JSSE comes installed with that. I'm using Tomcat
>> >> 5.0,
>> >> the latest installation available (it's only been installed on my
>> >> system
>> >> for
>> >> the last few weeks). I have McAffe Security Centre installed but the
>> >> problem occurs even with this turned off.
>> >>
>> >> Now the problem. I have followed word by word the set up instructions
>> >> in
>> >> the Tomcat manual. I have created the certificate and verified it
>> >> using
>> >> the
>> >> command line. I have altered the server.xml file to include the path
>> >> "keystorePath="D:/FYPCode/keystore" "where I have copied the keystore
>> >> to.
>> >> I've done everything. Yet when I type https://localhost:8443 in the
>> >> browser
>> >> window I get nothing. When using IE it takes ages to search for the
>> >> page,
>> >> then eventually I get "This page cannot be displayed" and in Mozilla I
>> >> get a
>> >> message after a couple of minutes saying the page has timed out and
>> >> get
>> >> left
>> >> with a blank page. So I can't load the page up at all.
>> >>
>> >> I've tried everything I can think of to get it to work. I have 3
>> >> different
>> >> books on this subject and I've followed the instructions in every one
>> >> to
>> >> try
>> >> and get this to work. Nothing has worked. I did a Google search
>> >> using
>> >> as
>> >> many different combinations of words I can think of but the only help
>> >> I
>> >> get
>> >> is for Tomcat 3 and the old JSSE installation. So I'm lost. I did
>> >> even
>> >> think about installing the JSSE 1.3 to see if that had an effect, as I
>> >> can't
>> >> find any of the jar files that are mentionned in that area. However,
>> >> I
>> >> felt
>> >> it best to ignore that as it says.
>> >>
>> >> So as you can see I've tried everything I can think of. Nothing as
>> >> worked.
>> >> If anyone can help me I would be extremely grateful.
>> >>
>> >> Many thanks
>> >>
>> >> Mark Whitby
>> >> ug82msw@cs.bham.ac.uk
>> >>
>> >>
>> >>
>> >> ---------------------------------------------------------------------
>> >> To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
>> >> For additional commands, e-mail: users-help@tomcat.apache.org
>> >>
>> >>
>> >
>> >
>> > __________________________________________________
>> > Do You Yahoo!?
>> > Tired of spam? Yahoo! Mail has the best spam protection around
>> > http://mail.yahoo.com
>> >
>> > ---------------------------------------------------------------------
>> > To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
>> > For additional commands, e-mail: users-help@tomcat.apache.org
>> >
>>
>>
>> ---------------------------------------------------------------------
>> To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
>> For additional commands, e-mail: users-help@tomcat.apache.org
>>
>>
>
>
> __________________________________________________
> Do You Yahoo!?
> Tired of spam? Yahoo! Mail has the best spam protection around
> http://mail.yahoo.com
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
> For additional commands, e-mail: users-help@tomcat.apache.org
>
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org
Re: Problem with setting up an SSL secure page
Posted by Dhaval Patel <dh...@yahoo.com>.
Mark,
I had trouble with verisign. I tried a few things then gave up. The instructions works with
self-signed certificate. Trust me it works.
You can try to follow instructions from scratch with fresh tomcat install. One more thing. When
you use command "keytool genkey -alias localhost -keyalg RSA", you are using JSSE and you can not
use APR. While using JSSE, make sure you delete tcnative-1.dll from tomcat bin folder. Also try to
use the <Connector .../> same as I have written.
See if you get success. These instructions have been tested many times and it works with
self-signed certificates.
Let me know your progress and we will get you going on your project.
Regards,
D
--- Mark Whitby <ug...@cs.bham.ac.uk> wrote:
> Dhavel,
>
> I'm unable to get the certificate signed by someone like Verisign so I've
> been using self signed certificates. To do this all I've done is follow the
> advice on the help page, using the command "keytool =genkey -alias
> localhost -keyalg RSA" Once that's done I've linked from server.xml to the
> .keystore file created using this.
>
> Is this right or am I missing a step?
>
> Mark
>
> ----- Original Message -----
> From: "Dhaval Patel" <dh...@yahoo.com>
> To: "Tomcat Users List" <us...@tomcat.apache.org>
> Sent: Wednesday, February 08, 2006 4:22 PM
> Subject: Re: Problem with setting up an SSL secure page
>
>
> > Hi,
> >
> > I have setup small guide on SSL with Tomcat 5.5. You can find it at
> > http://www.mail-archive.com/users%40tomcat.apache.org/msg02500.html
> >
> > But that guide is in Tomcat 5.5 with APR (Apache Portable Runtime). It
> > works with
> > self-generated certificates. (I think it does not work with Verisign
> > certificates but I am not
> > 100% sure) Try to follow the guide and you will be able to setup SSL. But
> > make sure that you use
> > Tomcat 5.5 because it has APR connector (tcnative-1.dll).
> >
> > Once you setup SSL, test it on https://localhost or
> > https://localhost:port . Then use the
> > following snippet to enable SSL in your web-app.
> >
> > <security-constraint>
> > <web-resource-collection>
> > <web-resource-name>Secure</web-resource-name>
> > <url-pattern>/*</url-pattern>
> > <http-method>GET</http-method>
> > <http-method>POST</http-method>
> > </web-resource-collection>
> > <user-data-constraint>
> > <transport-guarantee>CONFIDENTIAL</transport-guarantee>
> > </user-data-constraint>
> > </security-constraint>
> >
> > For more information, visit:
> > http://registry.paradigma.net/omar/registry/thin/doc/UsingHTTPS.html
> >
> > May be someone help you out with Tomcat 5.0 but since I know things are
> > working with Tomcat
> > 5.5 so I thought above instructions will make you move quickly.
> >
> > Let us know your experience.
> >
> > Regards,
> > D
> >
> >
> > --- Parsons Technical Services <pa...@earthlink.net> wrote:
> >
> >> What is in the logs?
> >>
> >>
> >>
> >> ----- Original Message -----
> >> From: "Mark Whitby" <ug...@cs.bham.ac.uk>
> >> To: <us...@tomcat.apache.org>
> >> Sent: Wednesday, February 08, 2006 11:02 AM
> >> Subject: Problem with setting up an SSL secure page
> >>
> >>
> >> Dear all,
> >>
> >> I am currently designing a final year project for my University course
> >> and I
> >> am having problems getting a working SSL connection. I have Tomcat set
> >> up
> >> and working fine, but when it comes to accessing a page over the https
> >> setup, I am having no luck.
> >>
> >> Firstly a few technical details. I am using Windows XP Home, with
> >> Internet
> >> Explorer 6.0.2900.2180. I am using the latest Java installation, jdk
> >> 1.5.0_05 and so the JSSE comes installed with that. I'm using Tomcat
> >> 5.0,
> >> the latest installation available (it's only been installed on my system
> >> for
> >> the last few weeks). I have McAffe Security Centre installed but the
> >> problem occurs even with this turned off.
> >>
> >> Now the problem. I have followed word by word the set up instructions in
> >> the Tomcat manual. I have created the certificate and verified it using
> >> the
> >> command line. I have altered the server.xml file to include the path
> >> "keystorePath="D:/FYPCode/keystore" "where I have copied the keystore to.
> >> I've done everything. Yet when I type https://localhost:8443 in the
> >> browser
> >> window I get nothing. When using IE it takes ages to search for the
> >> page,
> >> then eventually I get "This page cannot be displayed" and in Mozilla I
> >> get a
> >> message after a couple of minutes saying the page has timed out and get
> >> left
> >> with a blank page. So I can't load the page up at all.
> >>
> >> I've tried everything I can think of to get it to work. I have 3
> >> different
> >> books on this subject and I've followed the instructions in every one to
> >> try
> >> and get this to work. Nothing has worked. I did a Google search using
> >> as
> >> many different combinations of words I can think of but the only help I
> >> get
> >> is for Tomcat 3 and the old JSSE installation. So I'm lost. I did even
> >> think about installing the JSSE 1.3 to see if that had an effect, as I
> >> can't
> >> find any of the jar files that are mentionned in that area. However, I
> >> felt
> >> it best to ignore that as it says.
> >>
> >> So as you can see I've tried everything I can think of. Nothing as
> >> worked.
> >> If anyone can help me I would be extremely grateful.
> >>
> >> Many thanks
> >>
> >> Mark Whitby
> >> ug82msw@cs.bham.ac.uk
> >>
> >>
> >>
> >> ---------------------------------------------------------------------
> >> To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
> >> For additional commands, e-mail: users-help@tomcat.apache.org
> >>
> >>
> >
> >
> > __________________________________________________
> > Do You Yahoo!?
> > Tired of spam? Yahoo! Mail has the best spam protection around
> > http://mail.yahoo.com
> >
> > ---------------------------------------------------------------------
> > To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
> > For additional commands, e-mail: users-help@tomcat.apache.org
> >
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
> For additional commands, e-mail: users-help@tomcat.apache.org
>
>
__________________________________________________
Do You Yahoo!?
Tired of spam? Yahoo! Mail has the best spam protection around
http://mail.yahoo.com
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org
Re: Problem with setting up an SSL secure page
Posted by Mark Whitby <ug...@cs.bham.ac.uk>.
Dhavel,
I'm unable to get the certificate signed by someone like Verisign so I've
been using self signed certificates. To do this all I've done is follow the
advice on the help page, using the command "keytool =genkey -alias
localhost -keyalg RSA" Once that's done I've linked from server.xml to the
.keystore file created using this.
Is this right or am I missing a step?
Mark
----- Original Message -----
From: "Dhaval Patel" <dh...@yahoo.com>
To: "Tomcat Users List" <us...@tomcat.apache.org>
Sent: Wednesday, February 08, 2006 4:22 PM
Subject: Re: Problem with setting up an SSL secure page
> Hi,
>
> I have setup small guide on SSL with Tomcat 5.5. You can find it at
> http://www.mail-archive.com/users%40tomcat.apache.org/msg02500.html
>
> But that guide is in Tomcat 5.5 with APR (Apache Portable Runtime). It
> works with
> self-generated certificates. (I think it does not work with Verisign
> certificates but I am not
> 100% sure) Try to follow the guide and you will be able to setup SSL. But
> make sure that you use
> Tomcat 5.5 because it has APR connector (tcnative-1.dll).
>
> Once you setup SSL, test it on https://localhost or
> https://localhost:port . Then use the
> following snippet to enable SSL in your web-app.
>
> <security-constraint>
> <web-resource-collection>
> <web-resource-name>Secure</web-resource-name>
> <url-pattern>/*</url-pattern>
> <http-method>GET</http-method>
> <http-method>POST</http-method>
> </web-resource-collection>
> <user-data-constraint>
> <transport-guarantee>CONFIDENTIAL</transport-guarantee>
> </user-data-constraint>
> </security-constraint>
>
> For more information, visit:
> http://registry.paradigma.net/omar/registry/thin/doc/UsingHTTPS.html
>
> May be someone help you out with Tomcat 5.0 but since I know things are
> working with Tomcat
> 5.5 so I thought above instructions will make you move quickly.
>
> Let us know your experience.
>
> Regards,
> D
>
>
> --- Parsons Technical Services <pa...@earthlink.net> wrote:
>
>> What is in the logs?
>>
>>
>>
>> ----- Original Message -----
>> From: "Mark Whitby" <ug...@cs.bham.ac.uk>
>> To: <us...@tomcat.apache.org>
>> Sent: Wednesday, February 08, 2006 11:02 AM
>> Subject: Problem with setting up an SSL secure page
>>
>>
>> Dear all,
>>
>> I am currently designing a final year project for my University course
>> and I
>> am having problems getting a working SSL connection. I have Tomcat set
>> up
>> and working fine, but when it comes to accessing a page over the https
>> setup, I am having no luck.
>>
>> Firstly a few technical details. I am using Windows XP Home, with
>> Internet
>> Explorer 6.0.2900.2180. I am using the latest Java installation, jdk
>> 1.5.0_05 and so the JSSE comes installed with that. I'm using Tomcat
>> 5.0,
>> the latest installation available (it's only been installed on my system
>> for
>> the last few weeks). I have McAffe Security Centre installed but the
>> problem occurs even with this turned off.
>>
>> Now the problem. I have followed word by word the set up instructions in
>> the Tomcat manual. I have created the certificate and verified it using
>> the
>> command line. I have altered the server.xml file to include the path
>> "keystorePath="D:/FYPCode/keystore" "where I have copied the keystore to.
>> I've done everything. Yet when I type https://localhost:8443 in the
>> browser
>> window I get nothing. When using IE it takes ages to search for the
>> page,
>> then eventually I get "This page cannot be displayed" and in Mozilla I
>> get a
>> message after a couple of minutes saying the page has timed out and get
>> left
>> with a blank page. So I can't load the page up at all.
>>
>> I've tried everything I can think of to get it to work. I have 3
>> different
>> books on this subject and I've followed the instructions in every one to
>> try
>> and get this to work. Nothing has worked. I did a Google search using
>> as
>> many different combinations of words I can think of but the only help I
>> get
>> is for Tomcat 3 and the old JSSE installation. So I'm lost. I did even
>> think about installing the JSSE 1.3 to see if that had an effect, as I
>> can't
>> find any of the jar files that are mentionned in that area. However, I
>> felt
>> it best to ignore that as it says.
>>
>> So as you can see I've tried everything I can think of. Nothing as
>> worked.
>> If anyone can help me I would be extremely grateful.
>>
>> Many thanks
>>
>> Mark Whitby
>> ug82msw@cs.bham.ac.uk
>>
>>
>>
>> ---------------------------------------------------------------------
>> To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
>> For additional commands, e-mail: users-help@tomcat.apache.org
>>
>>
>
>
> __________________________________________________
> Do You Yahoo!?
> Tired of spam? Yahoo! Mail has the best spam protection around
> http://mail.yahoo.com
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
> For additional commands, e-mail: users-help@tomcat.apache.org
>
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org
Re: Problem with setting up an SSL secure page
Posted by Dhaval Patel <dh...@yahoo.com>.
Hi,
I have setup small guide on SSL with Tomcat 5.5. You can find it at
http://www.mail-archive.com/users%40tomcat.apache.org/msg02500.html
But that guide is in Tomcat 5.5 with APR (Apache Portable Runtime). It works with
self-generated certificates. (I think it does not work with Verisign certificates but I am not
100% sure) Try to follow the guide and you will be able to setup SSL. But make sure that you use
Tomcat 5.5 because it has APR connector (tcnative-1.dll).
Once you setup SSL, test it on https://localhost or https://localhost:port . Then use the
following snippet to enable SSL in your web-app.
<security-constraint>
<web-resource-collection>
<web-resource-name>Secure</web-resource-name>
<url-pattern>/*</url-pattern>
<http-method>GET</http-method>
<http-method>POST</http-method>
</web-resource-collection>
<user-data-constraint>
<transport-guarantee>CONFIDENTIAL</transport-guarantee>
</user-data-constraint>
</security-constraint>
For more information, visit:
http://registry.paradigma.net/omar/registry/thin/doc/UsingHTTPS.html
May be someone help you out with Tomcat 5.0 but since I know things are working with Tomcat
5.5 so I thought above instructions will make you move quickly.
Let us know your experience.
Regards,
D
--- Parsons Technical Services <pa...@earthlink.net> wrote:
> What is in the logs?
>
>
>
> ----- Original Message -----
> From: "Mark Whitby" <ug...@cs.bham.ac.uk>
> To: <us...@tomcat.apache.org>
> Sent: Wednesday, February 08, 2006 11:02 AM
> Subject: Problem with setting up an SSL secure page
>
>
> Dear all,
>
> I am currently designing a final year project for my University course and I
> am having problems getting a working SSL connection. I have Tomcat set up
> and working fine, but when it comes to accessing a page over the https
> setup, I am having no luck.
>
> Firstly a few technical details. I am using Windows XP Home, with Internet
> Explorer 6.0.2900.2180. I am using the latest Java installation, jdk
> 1.5.0_05 and so the JSSE comes installed with that. I'm using Tomcat 5.0,
> the latest installation available (it's only been installed on my system for
> the last few weeks). I have McAffe Security Centre installed but the
> problem occurs even with this turned off.
>
> Now the problem. I have followed word by word the set up instructions in
> the Tomcat manual. I have created the certificate and verified it using the
> command line. I have altered the server.xml file to include the path
> "keystorePath="D:/FYPCode/keystore" "where I have copied the keystore to.
> I've done everything. Yet when I type https://localhost:8443 in the browser
> window I get nothing. When using IE it takes ages to search for the page,
> then eventually I get "This page cannot be displayed" and in Mozilla I get a
> message after a couple of minutes saying the page has timed out and get left
> with a blank page. So I can't load the page up at all.
>
> I've tried everything I can think of to get it to work. I have 3 different
> books on this subject and I've followed the instructions in every one to try
> and get this to work. Nothing has worked. I did a Google search using as
> many different combinations of words I can think of but the only help I get
> is for Tomcat 3 and the old JSSE installation. So I'm lost. I did even
> think about installing the JSSE 1.3 to see if that had an effect, as I can't
> find any of the jar files that are mentionned in that area. However, I felt
> it best to ignore that as it says.
>
> So as you can see I've tried everything I can think of. Nothing as worked.
> If anyone can help me I would be extremely grateful.
>
> Many thanks
>
> Mark Whitby
> ug82msw@cs.bham.ac.uk
>
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
> For additional commands, e-mail: users-help@tomcat.apache.org
>
>
__________________________________________________
Do You Yahoo!?
Tired of spam? Yahoo! Mail has the best spam protection around
http://mail.yahoo.com
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org
Re: Problem with setting up an SSL secure page
Posted by Parsons Technical Services <pa...@earthlink.net>.
What is in the logs?
----- Original Message -----
From: "Mark Whitby" <ug...@cs.bham.ac.uk>
To: <us...@tomcat.apache.org>
Sent: Wednesday, February 08, 2006 11:02 AM
Subject: Problem with setting up an SSL secure page
Dear all,
I am currently designing a final year project for my University course and I
am having problems getting a working SSL connection. I have Tomcat set up
and working fine, but when it comes to accessing a page over the https
setup, I am having no luck.
Firstly a few technical details. I am using Windows XP Home, with Internet
Explorer 6.0.2900.2180. I am using the latest Java installation, jdk
1.5.0_05 and so the JSSE comes installed with that. I'm using Tomcat 5.0,
the latest installation available (it's only been installed on my system for
the last few weeks). I have McAffe Security Centre installed but the
problem occurs even with this turned off.
Now the problem. I have followed word by word the set up instructions in
the Tomcat manual. I have created the certificate and verified it using the
command line. I have altered the server.xml file to include the path
"keystorePath="D:/FYPCode/keystore" "where I have copied the keystore to.
I've done everything. Yet when I type https://localhost:8443 in the browser
window I get nothing. When using IE it takes ages to search for the page,
then eventually I get "This page cannot be displayed" and in Mozilla I get a
message after a couple of minutes saying the page has timed out and get left
with a blank page. So I can't load the page up at all.
I've tried everything I can think of to get it to work. I have 3 different
books on this subject and I've followed the instructions in every one to try
and get this to work. Nothing has worked. I did a Google search using as
many different combinations of words I can think of but the only help I get
is for Tomcat 3 and the old JSSE installation. So I'm lost. I did even
think about installing the JSSE 1.3 to see if that had an effect, as I can't
find any of the jar files that are mentionned in that area. However, I felt
it best to ignore that as it says.
So as you can see I've tried everything I can think of. Nothing as worked.
If anyone can help me I would be extremely grateful.
Many thanks
Mark Whitby
ug82msw@cs.bham.ac.uk
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org
Re: Problem with setting up an SSL secure page
Posted by Mark Whitby <ug...@cs.bham.ac.uk>.
>
> Can you post the config files you consider relevant, in particular the
> server.xml.
>
> Have you enabled access logging in server.xml; if so, can you see it
> receiving the relevant request?
>
> Mike
In reference to the Firewall, I'm using McAfee Security Centre (I have
turned it on and off when trying and had no success with either. I'm also
using Tomcat 5.5.15 so it is the modern one. As for log files, the only
ones available in my log folder don't seem to say much. They're
catalina.2006-02-08, jakarta_service_20060208 and localhost.2006-02-08.
Which bit do I need to uncomment in the server.xml file to include more log
files?
As for the server.xml file, this is the relevant area within the server.xml
file. I've also attached the server.xml file and the keystore file. I've
left out the password though for the server.
Mark
Server.xml relevant code:
<!-- Define a non-SSL HTTP/1.1 Connector on port 8080 -->
<Connector
port="8080" maxHttpHeaderSize="8192"
maxThreads="150" minSpareThreads="25" maxSpareThreads="75"
enableLookups="false" redirectPort="8443" acceptCount="100"
connectionTimeout="20000" disableUploadTimeout="true" />
<!-- Note : To disable connection timeouts, set connectionTimeout value
to 0 -->
<!-- Note : To use gzip compression you could set the following properties
:
compression="on"
compressionMinSize="2048"
noCompressionUserAgents="gozilla, traviata"
compressableMimeType="text/html,text/xml"
-->
<!-- Define a SSL HTTP/1.1 Connector on port 8443 -->
<Connector port="8443" maxHttpHeaderSize="8192"
maxThreads="150" minSpareThreads="25" maxSpareThreads="75"
enableLookups="false" disableUploadTimeout="true"
acceptCount="100" scheme="https" secure="true"
clientAuth="false" sslProtocol="TLS"
keystoreFile="D:\FYPCode\keystore" keystorePass=""/>
Re: Problem with setting up an SSL secure page
Posted by Kenevel <ke...@hotmail.com>.
Mark Whitby wrote:
> I am currently designing a final year project for my University
> course and I am having problems getting a working SSL connection. I
> have Tomcat set up and working fine, but when it comes to accessing a
> page over the https setup, I am having no luck.
> I have altered the server.xml file to include the path
> "keystorePath="D:/FYPCode/keystore" "where I have copied the keystore
> to. I've done everything. Yet when I type https://localhost:8443 in
> the browser window I get nothing. When using IE it takes ages to
> search for the page, then eventually I get "This page cannot be
> displayed" and in Mozilla I get a message after a couple of minutes
> saying the page has timed out and get left with a blank page. So I
> can't load the page up at all.
Can you post the config files you consider relevant, in particular the
server.xml.
Have you enabled access logging in server.xml; if so, can you see it
receiving the relevant request?
Mike
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org