You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@tomcat.apache.org by Dave Smith <sa...@home.com> on 2000/10/15 18:40:23 UTC

Re: Tomcat 3.2 SSL error:Error reading request

Hi Robert,

I can tell you keystores for 1.2 and 1.3 are not compatible
(at least in my experience). 

I ignored the note about compiling tomcat and was
able to get SSL working in tomcat standalone
configuration. See the Dasho-Pro reference? That's
a tag from deep in the Cipher suite. I'm almost
certain you need to backtrack and generate a fresh
keystore. import your RSA cert into that and make sure 
it is for "tomcat" with a password of "changeit". 

Verify that the keystore was generated with the same 
JDK that is used by tomcat. You mention using
different JDK's. I think this is where the problem is.

Good Luck,

Dave
  ----- Original Message ----- 
  From: Robert Oschwald 
  To: tomcat-user@jakarta.apache.org 
  Cc: roos@symentis.com 
  Sent: Friday, December 15, 2000 11:28 AM
  Subject: Tomcat 3.2 SSL error:Error reading request


  Hi,

  I'm currently stuck with my SSL enabling of tomcat 3.2 with a weird error message.
  As soon as I try to access SSL secured content, the following error occurs:

  2000-12-15 05:23:51 - ContextManager: Error reading request R( /) 400
  2000-12-15 05:23:51 - Ctx(  ): 400 R( /) null
  2000-12-15 05:23:51 - Ctx(  ): Handler null null
  2000-12-15 05:23:51 - Ctx(  ): IOException in: R( /) Socket closed
  2000-12-15 05:10:57 - Ctx(  ): IOException in: R( /) Socket closed

  After a while, the following exception is thrown:

          at java.io.IOException.<init>(IOException.java:49)
          at javax.net.ssl.SSLException.<init>([DashoPro-V1.2-120198])
          at java.io.BufferedInputStream.fill(BufferedInputStream.java:192)
          at javax.servlet.ServletInputStream.readLine(ServletInputStream.java:138)
          at org.apache.tomcat.service.http.HttpRequestAdapter.readNextRequest(HttpR
  equestAdapter.java:129)
          at org.apache.tomcat.service.http.HttpConnectionHandler.processConnection(
  HttpConnectionHandler.java:195)
          at org.apache.tomcat.service.TcpWorkerThread.runIt(PoolTcpEndpoint.java:41
  6)
          at org.apache.tomcat.util.ThreadPool$ControlRunnable.run(ThreadPool.java:4
  98)
          at java.lang.Thread.run(Thread.java:498)

  I've compiled tomcat 3.2 with SSL support (SSLSocketFactory was compiled successfully)
  as described in the Tomcal-SSL-Howto document.

  ALso, I've changed my jdk-1.3 (IBM) jre java.security file as described.

  I had a problem adding my CERT to the keystore, where keytool always complained that the 
  public keys are different between the stored and given key.
  I worked that around by deleting the keystore and let keytool create it during the CERT import.
  That worked.

  I will now try it again with the SUN JDK 1.3, maybe the IBM jdk doesn't work.

  Has anyone an idea what the problem is? Is this caused by a keystore problem reading my CERT
  or is there any hint you can give me?



  Thanks in advance!


  Robert