Questions regarding SSL

[Bryant McClellan <Br...@SIRVA.com>]

I've tried to do my homework but I'm still having trouble with getting HTTPS to work.

For starters:

Server is Windows 2003 Standard Server, SP1. 

Java version is jdk1.5.0_04 plus update 11. 

Tomcat version is 5.5.20. Tomcat is set up to run as a service using the native dlls.

I've built a keystore, created a CSR, gotten a cert from InstantSSL and loaded the 3 certificates from InstantSSL into the keystore.

Next I modified server.xml to enable 8443, refer to the location of the keystore and provide the password. Then I restarted Tomcat

HTTP works fine with either 8080 or 8443, returning the splash page. If I use HTTPS, IE eventually times out with the generic DNS error page. It is consistent in this whether I use localhost, the ip address or the eventual domain name (presently set up in the hosts file for testing).

I've reinstalled Java and Tomcat thinking I missed something. I got a replacement cert and built a new keystore. Same results.

There are no errors logged relative to this in either the windows logs or the Tomcat logs.

I'm new at Java and Tomcat so I'd appreciate a pointer or two on where to look next.

G Bryant McClellan
SIRVA
Data Management Project Lead
T 260.429.3299
F 260.429.1762
E bryant.mcclellan@sirva.com
www.sirva.com
5001 US Highway 30 West
Fort Wayne, IN  46818  USA


CONFIDENTIALITY NOTICE: The information contained in this e-mail message, including any attachments, is for the sole use of the intended recipient(s) and may be privileged and confidential. Any unauthorized review, use, disclosure or distribution is prohibited.  If you are not the intended recipient, please notify the sender by reply e-mail and delete the original message and all copies from your computer.

RE: Questions regarding SSL

["Caldarale, Charles R" <Ch...@unisys.com>]

> From: Bryant McClellan [mailto:Bryant.McClellan@SIRVA.com] 
> Subject: Questions regarding SSL
> 
> Server is Windows 2003 Standard Server, SP1. 
> Java version is jdk1.5.0_04 plus update 11. 
> Tomcat version is 5.5.20. Tomcat is set up to run as a 
> service using the native dlls.
> 
> I'm new at Java and Tomcat so I'd appreciate a pointer or two 
> on where to look next.

The docs are always a good place.  Note the following at the top of the
Tomcat SSL how-to:
http://tomcat.apache.org/tomcat-5.5-doc/ssl-howto.html

IMPORTANT NOTE: This Howto refers to usage of JSSE. When using APR,
Tomcat will use OpenSSL, which uses a different configuration.

Since you say you're using the native dlls, you probably need to look
here:
http://tomcat.apache.org/tomcat-5.5-doc/apr.html

 - Chuck


THIS COMMUNICATION MAY CONTAIN CONFIDENTIAL AND/OR OTHERWISE PROPRIETARY
MATERIAL and is thus for use only by the intended recipient. If you
received this in error, please contact the sender and delete the e-mail
and its attachments from all computers.

---------------------------------------------------------------------
To start a new topic, e-mail: users@tomcat.apache.org
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org

Re: Questions regarding SSL

[Pulkit Singhal <pu...@gmail.com>]

Can we have a look at the connectors chunk of your server.xml file?

On 2/14/07, Bryant McClellan <Br...@sirva.com> wrote:
>
> I've tried to do my homework but I'm still having trouble with getting
> HTTPS to work.
>
> For starters:
>
> Server is Windows 2003 Standard Server, SP1.
>
> Java version is jdk1.5.0_04 plus update 11.
>
> Tomcat version is 5.5.20. Tomcat is set up to run as a service using the
> native dlls.
>
> I've built a keystore, created a CSR, gotten a cert from InstantSSL and
> loaded the 3 certificates from InstantSSL into the keystore.
>
> Next I modified server.xml to enable 8443, refer to the location of the
> keystore and provide the password. Then I restarted Tomcat
>
> HTTP works fine with either 8080 or 8443, returning the splash page. If I
> use HTTPS, IE eventually times out with the generic DNS error page. It is
> consistent in this whether I use localhost, the ip address or the eventual
> domain name (presently set up in the hosts file for testing).
>
> I've reinstalled Java and Tomcat thinking I missed something. I got a
> replacement cert and built a new keystore. Same results.
>
> There are no errors logged relative to this in either the windows logs or
> the Tomcat logs.
>
> I'm new at Java and Tomcat so I'd appreciate a pointer or two on where to
> look next.
>
> G Bryant McClellan
> SIRVA
> Data Management Project Lead
> T 260.429.3299
> F 260.429.1762
> E bryant.mcclellan@sirva.com
> www.sirva.com
> 5001 US Highway 30 West
> Fort Wayne, IN  46818  USA
>
>
> CONFIDENTIALITY NOTICE: The information contained in this e-mail message,
> including any attachments, is for the sole use of the intended recipient(s)
> and may be privileged and confidential. Any unauthorized review, use,
> disclosure or distribution is prohibited.  If you are not the intended
> recipient, please notify the sender by reply e-mail and delete the original
> message and all copies from your computer.