You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@tomcat.apache.org by "Terence M. Bandoian" <te...@tmbsw.com> on 2014/05/01 22:34:57 UTC

RE: Setup Issue tomcat 6 SLES 11 SSL

On 4/30/2014 3:35 PM, Vincent T. DiScipio wrote:
> Terence,
>
> I poked around in the configuration file and knew it was something I did to screw it up.  I just scrapped the install and started from fresh.
>
> Thanks for the reply
>
> Vince DiScipio
> Director of Digital Infrastructure
> The College of Wooster
> P - 330-263-2612
> F - 330-263-2666
>
> -----Original Message-----
> From: Terence M. Bandoian [mailto:terence@tmbsw.com]
> Sent: Wednesday, April 30, 2014 3:01 PM
> To: Tomcat Users List
> Subject: Re: Setup Issue tomcat 6 SLES 11 SSL
>
> On 4/30/2014 9:02 AM, Christopher Schultz wrote:
>> -----BEGIN PGP SIGNED MESSAGE-----
>> Hash: SHA256
>>
>> Vincent,
>>
>> On 4/29/14, 4:24 PM, Vincent T. DiScipio wrote:
>>> I have setup tomcat 6 on SLES 11 and secured the instance with an
>>> external certificate if authority.  The following is occurring from
>>> the same machine using both IE and Firefox:
>>>
>>> http://servername.wooster.edu:8080    works for both IE11 and
>>> Firefox 29 and displays the index.html
>>>
>>> https://servername.wooster.edu:8443  works for Firefox 29 and
>>> displays the index.html
>>>
>>> https://servername.wooster.edu:8443  does not work for IE11v displays
>>> "This page can't be displayed"
>>>
>>> I have changed the logging level to finest and do not see any errors
>>> in the catalina.out.
>>>
>>> Thoughts?  I have the same setup on another server and I believe the
>>> files and permission levels are set the same.
>> What does your SSL configuration look like?
>>
>> You could also use either sslscan from the CLI or go to
>> https://www.ssllabs.com/ssltest/ and use their online tool to examine
>> the site from the outside.
>>
>> Perhaps you have a combination of protocols and ciphers that MSIE
>> can't handle.
>>
>> - -chris
>
> If the option is available, you might also try disabling the IE "friendly" error messages.  I'm not sure about IE 11, but it seems like previous versions displayed an error message with a reddish background if they were unable to authenticate a server with a given SSL certificate.  Was a certificate authority bundle supplied with the SSL certificate?  If so, is it installed and configured?  Were the SSL certificates on the both servers issued by the same company?
>
> -Terence Bandoian


Smart.  Thanks for the update.

-Terence Bandoian


---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org