You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@tomcat.apache.org by David Ethell <de...@sscdinc.com> on 2002/03/25 17:18:33 UTC

TC4.0.2, ssl certificate problems?

We previosly had SSL working under stand-alone Tomcat 4.0.1 with JDK1.3 and 
JSSE. Since testing SSL successfully we've moved to Tomcat 4.0.2 and JDK1.4. We 
finally received our Thawte certificate so now I'm trying to install it and get 
SSL working again.

I can import our key into the keystore with no problems. Upon starting Tomcat I 
get this in the catalina output:

Finalizer, SEND SSL v3.1 ALERT:  warning, description = close_notify
Finalizer, WRITE:  SSL v3.1 Alert, length = 2

When issuing requests to the https url at our server ROOT I just get the usual 
blank page in IE saying the page can't be displayed. Turning jsse debugging on 
(javax.net.debug=all) I get this in the catalina output:

[read] MD5 and SHA1 hashes:  len = 3
0000: 01 03 00                                           ...
[read] MD5 and SHA1 hashes:  len = 73
0000: 00 33 00 00 00 10 00 00   04 00 00 05 00 00 0A 01  .3..............
0010: 00 80 07 00 C0 03 00 80   00 00 09 06 00 40 00 00  .............@..
0020: 64 00 00 62 00 00 03 00   00 06 02 00 80 04 00 80  d..b............
0030: 00 00 13 00 00 12 00 00   63 28 12 E3 E6 39 A2 26  ........c(...9.&
0040: A8 27 A2 4B 0F 04 34 2F   5E                       .'.K..4/^
HttpProcessor[443][4], READ:  SSL v2, contentType = 22, translated length = 65
*** ClientHello, v3.0
RandomCookie:  GMT: 0 bytes = { 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 40, 18, 227,
 230, 57, 162, 38, 168, 39, 162, 75, 15, 4, 52, 47, 94 }
Session ID:  {}
Cipher Suites:  { 0, 4, 0, 5, 0, 10, 0, 9, 0, 100, 0, 98, 0, 3, 0, 6, 0, 19, 0,
18, 0, 99 }
Compression Methods:  { 0 }
***
%% Created:  [Session-2, SSL_NULL_WITH_NULL_NULL]
HttpProcessor[443][4], SEND SSL v3.0 ALERT:  fatal, description = handshake_fail
ure
HttpProcessor[443][4], WRITE:  SSL v3.0 Alert, length = 2
HttpProcessor[443][4], SEND SSL v3.1 ALERT:  warning, description = close_notify
HttpProcessor[443][4], WRITE:  SSL v3.1 Alert, length = 2

I am completely stumped. I've reinstalled the certificate a dozen times, 
checked that the Thawte CA is correctly installed in the cacerts file and 
checked all my classpath stuff and jre/lib/ext place to make sure the old JSSE 
libraries aren't still being referenced. All that seems clear and still no clue.

Any ideas?
David

-------------------------------------------------
This mail sent through IMP: http://horde.org/imp/

--
To unsubscribe:   <ma...@jakarta.apache.org>
For additional commands: <ma...@jakarta.apache.org>
Troubles with the list: <ma...@jakarta.apache.org>