You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@tomcat.apache.org by Alex Perez <al...@telecom1.com> on 2002/02/06 15:02:12 UTC
Tomcat +JSSE problem
Hello!
I'm having a nightmare trying to get Tomcat v:3.3 working properly with JSSE.
So far, this is what I've done:
--------------------------------------------------------------
[System]: Win2K Server + Apache + Tomcat 3.3 + jdk1.3.1 + JSSE1.0.2
Installed JSSE on $JAVA_HOME\jre\lib\ext
Created keystore (as indicated in the tomcat SSL howto) with keytool for testing purposes.
modified the java.security to include the sun provider in
$JAVA_HOME\jre\lib\security and in
D:\Program Files\JavaSoft\JRE\1.3.1\lib\security
modified Server.xml to work in port 443 (also tried 8443), set the path to the key, etc.
to be on the safe side, i used:
System.setProperty("java.protocol.handler.pkgs","com.sun.net.ssl.internal.www.protocol");
Security.addProvider(new com.sun.net.ssl.internal.ssl.Provider());
NOW:
Tomcat starts OK (Keystore found, ports 443, 8007 & 8009 up, etc).
Servlets are executed OK in http
When trying to access a https page (ex: https://localhost/sslexample/servlet/test)
The following happens:
- A box appears on the browser indicating a security alert with the
certificate created before (i can view all the values) .
- an exception is thrown in the tomcat terminal window:
2002-02-06 12:25:34 - Ctx() : IOException in R( /) - java.net.SocketException: Socket closed
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.a([DashoPro-V1.2-120198])
at com.sun.net.ssl.internal.ssl.AppOutputStream.write([DashoPro-V1.2-120198])
... (rest of trace omitted)
- If you click on [yes] on the previous message, The padlock appears in the browser
window and I CAN VIEW THE PAGE (which in this case just shows me a version number)
This is true for both IE and Netscape. And for JSSE installed or built as part of tomcat.
-------------------------------------------------------------
[System]: Win2k + IIS + Tomcat 3.3 + jdk1.4.0-rc
- Keystore regenerated and placed in the right place for the servlet to find it
- Server.xml modified, etc, etc.
NOW:
Again tomcat works with http but there is a problem with https. In this case, and due to the
different jdk, the exception is:
2002-02-06 12:44:03 - Ctx() : IOException in R( /) - javax.net.ssl.SSLException: error while writing to socket
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.b(DashoA6275)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.a(DashoA6275)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.a(DashoA6275)
... Rest of trace ommited.
- Again I CAN VIEW THE PAGE
My guess is that there may be something wrong with the keystore, but then why the SocketException??
Any ideas???
Thanx in advance.
Alex
--
To unsubscribe: <ma...@jakarta.apache.org>
For additional commands: <ma...@jakarta.apache.org>
Troubles with the list: <ma...@jakarta.apache.org>
Re: JSSE
Posted by masanori hashimoto <ha...@yahoo.co.jp>.
ARIGATOH!!(Thank you).
I lacked proper understanding.
>http://java.sun.com/products/jsse
>
>Please note that JSSE comes bundled with Java 1.4, so there is no need
>for a separate download if you are using 1.4.
>
>
>
>>
>>Where can JSSE be downloaded?
>>
--
To unsubscribe: <ma...@jakarta.apache.org>
For additional commands: <ma...@jakarta.apache.org>
Troubles with the list: <ma...@jakarta.apache.org>
Re: JSSE
Posted by Pascal Forget <to...@ubeans.com>.
http://java.sun.com/products/jsse
Please note that JSSE comes bundled with Java 1.4, so there is no need
for a separate download if you are using 1.4.
>
>Where can JSSE be downloaded?
>
--
To unsubscribe: <ma...@jakarta.apache.org>
For additional commands: <ma...@jakarta.apache.org>
Troubles with the list: <ma...@jakarta.apache.org>
JSSE
Posted by masanori hashimoto <ha...@yahoo.co.jp>.
Hello!
Where can JSSE be downloaded?
--
To unsubscribe: <ma...@jakarta.apache.org>
For additional commands: <ma...@jakarta.apache.org>
Troubles with the list: <ma...@jakarta.apache.org>