OutOfMemoryError when using embedded tomcat and client-side SSL

[Morten Jorgensen <mo...@vordel.com>]

All,

I am experiencing some problems when enabling client authentication
on an SSL connection. The same problem occurs both when using tomcat 4.0.4
standalone and when using embedded tomcat (same version). The parameters
I set for my SSL connection are these (same settings are used for both
sever.xml for standalone and programatically using embedded tomcat):

  Connector port    = 8081
  Connector secure  = true
  Connector scheme  = https

  SSL keystore file = /usr/java/jre/lib/security/cacerts
  SSL keystore pass = neveryoumind
  SSL keystore type = JKS
  SSL algorithm     = SunX509
  SSL protocol      = TLS
  SSL client auth   = true

The security providers I have set are:

  security.provider.1=com.sun.security.provider.Sun
  security.provider.2=com.baltimore.jcrypto.provider.JCRYPTO
  security.provider.3=com.sun.net.ssl.internal.ssl.Provider
  security.provider.4=com.sun.rsajca.Provider

The server starts without issuing any warnings of any sort, but
throws a java.lang.OutOfMemoryError when I try to connect to it using
any browser. (The error is caught in the HttpProcessor.run() method).
I switched on the javax.net.debug=ssl,handshake flag hoping that I
would get some more information. This showed me that the server did
receive the request from the browser, but that it never even started
to negotiate any chipher suite/encryption, and a "server hello" was
never returned to the client.

All help will be greatly appraciated!

Best regards,
Morten Jorgensen,
Software Engineer,
Vordel ltd, Dublin, Ireland

--
To unsubscribe, e-mail:   <ma...@jakarta.apache.org>
For additional commands, e-mail: <ma...@jakarta.apache.org>