SSL issue on 4.1.24 (urgent)

[Mike <mi...@liquidplanet.com>]

Hello all,

I apologize in advance for this email not having sufficient supporting information, but I imagine others have come across this issue in the past:


I have two boxes, each running 4.1.24.  I've configured them the same, and on one of them SSL works (for a self-signed certificate generated by keytool according to the how-to) and on the other, it does not.  I get no response on the configured SSL port when I try to access any site.  There are no error messages, no indications in the log files that there is a problem.  It just appears that the Connector for SSL isn't actually listening for connections.  Also, when I attempt to shutdown the server, I get a CouldNotConnectException that prevents shutdown.

I know I should include the actual error message for shutdown but I thought I'd throw this out there and see if anyone has any good ideas of where to start.  A few more details:

1.  I have configured the other machine in the same way, using the default keystore, generating the self-signed certificate, leaving the default changeit password.  All of this means that I don't need to tailor the Factory element in server.xml in any particular way (though I have tried creating a new keystore, generating the tomcat aliased key in that, specifying in the Factory, etc as well).

2.  Apache is also running on this box on port 80.  It's front-ending Websphere which has a bunch of apps running.  I am trying to set up SSL on a wholly different port (8443) so I don't imagine there should be any conflicts.  On the other hand, I have vague suspicions that Websphere might somehow be part of the problem.  I did shut down Websphere at one point and try to access the SSL configured connector to no avail.  I have not, on the other hand, checked to see if there is some older copy of the security jarfiles (which I have placed in jre/lib/ext) in the classpath.

3.  I'm pretty sure I'm using all of the keytool stuff correctly, as things are working on the second machine, which I also configured.

So.. if anyone has any clues about how to see what's really going on with port 8443 not being available (or any other port for that matter), I'd appreciate a head's up.  We're supposed to go live with this app in the next few days and the problem is rapidly becoming urgent.

Thanks in advance,

Mike

P.S.  When you try to access the configured SSL port via an HTTP only request, I get about 5 I-don't-know-how-to-read-this-character boxes on the screen, so it does seem like SOMETHING is going on, but when I try to access via https, nada.. server could not be found...