You are viewing a plain text version of this content. The canonical link for it is here.

Posted to users@tomcat.apache.org by Paul Morrow <pa...@morrow.net> on 2002/02/07 01:03:39 UTC

Please Help - Tomcat serves HTTPS with self-signed cert, but not Thawte cert!

This is a rather strange problem that I'm hoping someone can assist with.
In a nutshell, Tomcat serves HTTPS pages when a self-signed cert is
installed, but not when a Thawte cert is installed.

I'm running Tomcat 4.0.1 on Solaris 8.  I used keytool to create a
self-signed cert, i.e.

    ./keytool -genkey -alias tomcat -keyalg RSA

I restarted Tomcat and could then access my pages via https as expected.  I
ordered and received a cert from Thawte which I used keytool to install
(after deleting the self-signed cert), i.e.

    ./keytool -import -alias foo -file baz

I restarted Tomcat, but now HTTPS no longer works (however, the pages are
still available via HTTP).

openssl reports the following

    CONNECTED(00000004)
    3824:error:14077410:SSL routines:SSL23_GET_SERVER_HELLO:sslv3 alert
handshake failure:s23_clnt.c:455:
    ---
    no peer certificate available
    ---
    No client certificate CA names sent
    ---
    SSL handshake has read 7 bytes and written 130 bytes
    ---
    New, (NONE), Cipher is (NONE)
    ---

Does anyone have any ideas why this might be the case?

Thanks in advance for any help you can provide.

Paul Morrow
MMS Incentives, Inc.



--
To unsubscribe:   <ma...@jakarta.apache.org>
For additional commands: <ma...@jakarta.apache.org>
Troubles with the list: <ma...@jakarta.apache.org>