Re: [OT] Tomcat 9.0.83 - SSL handshake stops working for Google API calls after a while

Marcos, On 4/11/24 09:52, Marcos Peña wrote: Thanks for your replies. My bad assuming the connector configuration applied to all connections but it makes total sense that applies to incoming connections. That helps a lot. I have been trying to solve this problem for several days and I was a

Re: [OT] Tomcat 9.0.83 - SSL handshake stops working for Google API calls after a while

Thanks for your replies. My bad assuming the connector configuration applied to all connections but it makes total sense that applies to incoming connections. That helps a lot. I have been trying to solve this problem for several days and I was a bit desperate. I could not find anything in the

Re: [OT] Tomcat 9.0.83 - SSL handshake stops working for Google API calls after a while

> On Apr 11, 2024, at 07:28, Marcos Peña wrote: > > I am looking for help with a strange issue we are experiencing when trying to > use Google APIs from a web application that is deployed on Tomcat 9.0.83. As Chris noted, this has nothing to do with Tomcat. The stack trace shows that the

Re: [OT] Tomcat 9.0.83 - SSL handshake stops working for Google API calls after a while

Marcos, Marking as "off topic" because this is not Tomcat-related. Please see below... On 4/11/24 08:28, Marcos Peña wrote: Hi, I am looking for help with a strange issue we are experiencing when trying to use Google APIs from a web application that is deployed on Tomcat 9.0.83. After a

Re: Tomcat 9.0.83 - SSL handshake stops working for Google API calls after a while

Hi, > Hi, > > I am looking for help with a strange issue we are experiencing when trying > to use Google APIs from a web application that is deployed on Tomcat > 9.0.83. > > After a few hours of the server being up and running, all calls to the > Google APIs fail because of SSL handshake errors.

Tomcat 9.0.83 - SSL handshake stops working for Google API calls after a while

Hi, I am looking for help with a strange issue we are experiencing when trying to use Google APIs from a web application that is deployed on Tomcat 9.0.83. After a few hours of the server being up and running, all calls to the Google APIs fail because of SSL handshake errors. Attaching the SSL

Re: tomcat and ssl

On Tue, Apr 28, 2020 at 10:42 PM Naga Ramesh wrote: > Can you check the below link.. > > https://mkyong.com/webservices/jax-ws/suncertpathbuilderexception-unable-to-find-valid-certification-path-to-requested-target/ I think you intended to reply to the mailing list (users at tomcat dot apache

Re: tomcat and ssl

On Mon, Apr 27, 2020 at 3:31 PM calder wrote: > > On Mon, Apr 27, 2020 at 11:22 AM Beard, Shawn M. wrote: > > > I have an app running in tomcat 9 that makes an ssl call to an external > > webservice. > > > > It fails with these errors in the logs: > > > > ERROR

Re: tomcat and ssl

On Mon, Apr 27, 2020, 16:30 calder wrote: > > > On Mon, Apr 27, 2020 at 11:22 AM Beard, Shawn M. > wrote: > >> I have an app running in tomcat 9 that makes an ssl call to an external >> webservice. >> >> >> >> It fails with these errors in the logs: >> >> ERROR

Re: tomcat and ssl

On Mon, Apr 27, 2020 at 11:22 AM Beard, Shawn M. wrote: > I have an app running in tomcat 9 that makes an ssl call to an external > webservice. > > > > It fails with these errors in the logs: > > ERROR javax.net.ssl.SSLHandshakeException: PKIX path building failed: >

RE: tomcat and ssl [EXTERNAL]

cooperation. -Original Message- From: Beard, Shawn M. Sent: Monday, April 27, 2020 11:47 AM To: Tomcat Users List Subject: RE: tomcat and ssl [EXTERNAL] Adding this to the JVM options worked: -Djavax.net.ssl.trustStore=/usr/apache/tomcat/ssl/TomcatTrustStore.p12

RE: tomcat and ssl [EXTERNAL]

Adding this to the JVM options worked: -Djavax.net.ssl.trustStore=/usr/apache/tomcat/ssl/TomcatTrustStore.p12 -Djavax.net.ssl.trustStorePassword= Shawn Beard Sr. Systems Engineer BTS +1-515-564-2528 -Original Message- From: Mark Thomas Sent: Monday, April 27, 2020 11:34 AM

RE: tomcat and ssl [EXTERNAL]

Adding this to JVM options worked -Djavax.net.ssl.trustStore=/usr/apache/tomcat/ssl/TomcatTrustStore.p12 -Djavax.net.ssl.trustStorePassword=XXX Shawn Beard Sr. Systems Engineer BTS +1-515-564-2528 -Original Message- From: js84 Sent: Monday, April 27, 2020 11:33 AM To: Tomcat

Re: tomcat and ssl [EXTERNAL]

system properties for configuration can be fragile). Mark > > > > Shawn Beard > Sr. Systems Engineer > BTS > +1-515-564-2528 > > -Original Message- > From: Mark Thomas > Sent: Monday, April 27, 2020 11:26 AM > To: users@tomcat.apache.o

AW: tomcat and ssl

unable to find > valid certification path to requested target > I have this in the connectors in the server.xml. >  keystoreFile="/usr/apache/tomcat/ssl/TomcatTrustStore.p12" >       truststoreFile="/usr/apache/tomcat/ssl/TomcatTrustStore.p

AW: tomcat and ssl

unable to find > valid certification path to requested target > I have this in the connectors in the server.xml. >  keystoreFile="/usr/apache/tomcat/ssl/TomcatTrustStore.p12" >       truststoreFile="/usr/apache/tomcat/ssl/TomcatTrustStore.p

RE: tomcat and ssl [EXTERNAL]

@tomcat.apache.org Subject: Re: tomcat and ssl [EXTERNAL] ** CAUTION: External message On 27/04/2020 17:21, Beard, Shawn M. wrote: > I have an app running in tomcat 9 that makes an ssl call to an > external webservice. > > > > It fails with these errors in t

Re: tomcat and ssl

KIX path building failed: > sun.security.provider.certpath.SunCertPathBuilderException: unable to > find valid certification path to requested target > >   > > I have this in the connectors in the server.xml. > >   keystoreFile="/usr/apache/tomcat/ssl/TomcatTrustStore.p12"

tomcat and ssl

to requested target I have this in the connectors in the server.xml. keystoreFile="/usr/apache/tomcat/ssl/TomcatTrustStore.p12" truststoreFile="/usr/apache/tomcat/ssl/TomcatTrustStore.p12" keystorePass=""

Re: current best practices for Tomcat with SSL on port 443

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Garret, On 2/8/19 08:27, Garret Wilson wrote: > On 2/7/2019 9:54 PM, Christopher Schultz wrote: >> … I would argue that adding Apache httpd into the mix (where is >> it not already there) is more complicated than using Let's >> Encrypt with Tomcat.

Re: current best practices for Tomcat with SSL on port 443

On 2/7/2019 9:54 PM, Christopher Schultz wrote: … I would argue that adding Apache httpd into the mix (where is it not already there) is more complicated than using Let's Encrypt with Tomcat. OK, I guess I didn't figure in the part about adding/configuring the connector. But still there are

Re: current best practices for Tomcat with SSL on port 443

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Garret, On 2/7/19 12:22, Garret Wilson wrote: > On 2/7/2019 3:13 PM, Christopher Schultz wrote: >> … Have a look at this presentation: >> https://people.apache.org/~schultz/ApacheCon%20NA%202018/Let's%20Encr ypt >> >> %20Apache%20Tomcat.pdf > >

Re: current best practices for Tomcat with SSL on port 443

On 2/7/2019 3:13 PM, Christopher Schultz wrote: … Have a look at this presentation: https://people.apache.org/~schultz/ApacheCon%20NA%202018/Let's%20Encrypt %20Apache%20Tomcat.pdf The presentation gets two thumbs up, specifically: * Great corny grammar ambiguity joke on the title page. *

Re: current best practices for Tomcat with SSL on port 443

se Let's Encrypt in whatever solution I > prescribe to the students. > > So what is the best practice, straightforward, and simple setup > for Tomcat with SSL on port 443 (preferably using Let's Encrypt) > with HTTP port 80 forwarding to HTTPS port 443? Do I still need to > stick Apache

Re: current best practices for Tomcat with SSL on port 443

e to the students. > > So what is the best practice, straightforward, and simple setup for > Tomcat with SSL on port 443 (preferably using Let's Encrypt) with HTTP > port 80 forwarding to HTTPS port 443? Do I still need to stick Apache > (or Nginx?) in front of it? (The last I check

current best practices for Tomcat with SSL on port 443

Encrypt (once I figured out what I should be doing) for SSL was a breeze. It's working nicely. So I assume I'd want to use Let's Encrypt in whatever solution I prescribe to the students. So what is the best practice, straightforward, and simple setup for Tomcat with SSL on port 443 (preferably

Re: Java 11 - Tomcat 8 - SSL

On 05/12/2018 21:30, Justin Wilke wrote: > Hello, > > Hitting kind of a dead end on my attempt to upgrade to java 11, it was > suggested to me to reach out to this group. > > We are currently running on Java 8, Tomcat 8.5.3 in prod. We are looking to > upgrade to java 11. 8.5.3 is over 2

Java 11 - Tomcat 8 - SSL

Hello, Hitting kind of a dead end on my attempt to upgrade to java 11, it was suggested to me to reach out to this group. We are currently running on Java 8, Tomcat 8.5.3 in prod. We are looking to upgrade to java 11. Looking at http://tomcat.apache.org/whichversion.html - it seems like

Re: Tomcat 8.5.28 SSL - Cannot store non-PrivateKeys

Hello On 1 March 2018 at 23:31, George S. wrote: > I'm hitting the error: > > SEVERE: Failed to initialize connector [Connector[HTTP/1.1-8443]] > org.apache.catalina.LifecycleException: Failed to initialize component > [Connector[HTTP/1.1-8443]] > Caused by:

Re: Tomcat 8.5.28 SSL - Cannot store non-PrivateKeys

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 George, On 3/1/18 6:31 PM, George S. wrote: > I'm hitting the error: > > SEVERE: Failed to initialize connector [Connector[HTTP/1.1-8443]] > org.apache.catalina.LifecycleException: Failed to initialize > component [Connector[HTTP/1.1-8443]]

Tomcat 8.5.28 SSL - Cannot store non-PrivateKeys

I'm hitting the error: SEVERE: Failed to initialize connector [Connector[HTTP/1.1-8443]] org.apache.catalina.LifecycleException: Failed to initialize component [Connector[HTTP/1.1-8443]] Caused by: org.apache.catalina.LifecycleException: Protocol handler initialization failed Caused by:

Re: Apache Tomcat 8.5.24 SSL Configuration

penssl x509 -in conf/CA_server_bundle.crt -text You might try running Tomcat with: |-Djavax.net.debug=ssl | |to enable SSL Debugging. I'm not going to lie though, it can be pretty difficult to weed through the tons of content generated.| || On Thu, Dec 21, 2017 at 2:31 PM, Chri

Re: Apache Tomcat 8.5.24 SSL Configuration

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Thomas, On 12/21/17 5:24 PM, Thomas Delaney wrote: > Thank you for the input so far! > > I have used both java versions jdk 1.7.0_79 and jdk1.8.0_152 and > still receive the same result > > when running the openssl s_client command I recieved

Re: Apache Tomcat 8.5.24 SSL Configuration

Thomas, > Am 22.12.2017 um 15:38 schrieb Thomas Delaney : > > I apologize for the poor grammar in my last response and extra email. The > site I have setup is internal only. I will not be able to test the site > using SSL Labs. > You may try https://testssl.sh and

Re: Apache Tomcat 8.5.24 SSL Configuration

I apologize for the poor grammar in my last response and extra email. The site I have setup is internal only. I will not be able to test the site using SSL Labs. On Fri, Dec 22, 2017 at 9:37 AM, Thomas Delaney wrote: > The site is internal so I won't not be able to check

Re: Apache Tomcat 8.5.24 SSL Configuration

The site is internal so I won't not be able to check via ssllabs On Thu, Dec 21, 2017 at 5:36 PM, George S. wrote: > On 12/21/2017 3:24 PM, Thomas Delaney wrote: > >> Thank you for the input so far! >> >> I have used both java versions jdk 1.7.0_79 and jdk1.8.0_152 and

Re: Apache Tomcat 8.5.24 SSL Configuration

On 12/21/2017 3:24 PM, Thomas Delaney wrote: Thank you for the input so far! I have used both java versions jdk 1.7.0_79 and jdk1.8.0_152 and still receive the same result when running the openssl s_client command I recieved this as the Cipher and SSL version Protocol : TLSv1.2 Cipher:

Re: Apache Tomcat 8.5.24 SSL Configuration

- Original Message - From: Thomas Delaney <tdelaney@gmail.com> To: Tomcat Users List <users@tomcat.apache.org> Sent: Thu, 21 Dec 2017 17:24:06 -0500 (EST) Subject: Re: Apache Tomcat 8.5.24 SSL Configuration Thank you for the input so far! I have used both java versions

Re: Apache Tomcat 8.5.24 SSL Configuration

Thank you for the input so far! I have used both java versions jdk 1.7.0_79 and jdk1.8.0_152 and still receive the same result when running the openssl s_client command I recieved this as the Cipher and SSL version Protocol : TLSv1.2 Cipher: DHE-RSA-AES256-GCM-SHA384 I also get a message

Re: Apache Tomcat 8.5.24 SSL Configuration

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Peter, On 12/21/17 2:38 AM, l...@kreuser.name wrote: > > Hi Thomas, > >> Am 21.12.2017 um 00:56 schrieb Thomas Delaney >> : >> >> Greetings, >> >> I am having trouble regarding google chrome's behavior to Apache >>

Re: Apache Tomcat 8.5.24 SSL Configuration

Hi Thomas, > Am 21.12.2017 um 00:56 schrieb Thomas Delaney : > > Greetings, > > I am having trouble regarding google chrome's behavior to Apache Tomcat's > SSL setup. I have been successful getting an ssl website to work with > Apache HTTP web server, but not Apache

Apache Tomcat 8.5.24 SSL Configuration

Greetings, I am having trouble regarding google chrome's behavior to Apache Tomcat's SSL setup. I have been successful getting an ssl website to work with Apache HTTP web server, but not Apache Tomcat 8.5.24 on google chrome. Mozilla Firefox brings me to my site with no problem. When going to

Re: tomcat with ssl not loading

On 15/03/17 12:15, Olayemi Olatunji wrote: > Hello Guys, > > I just applied a ssl certificate (godaddy) to my tomcat 9.0.0 M 18 > instance, on windows server 2012. > > When I attempt to launch the site at port 8443, it just keeps rolling > without launching the page. > > Kindly see the tomcat

tomcat with ssl not loading

Hello Guys, I just applied a ssl certificate (godaddy) to my tomcat 9.0.0 M 18 instance, on windows server 2012. When I attempt to launch the site at port 8443, it just keeps rolling without launching the page. Kindly see the tomcat log below ( and advise what could be wrong

Re: Tomcat with ssl not starting

Hello Andre, See log below: 2017-03-15 08:58:30 Commons Daemon procrun stderr initialized 15-Mar-2017 08:58:31.425 SEVERE [main] org.apache.catalina.connector.Connector. Protocol handler instantiation failed java.lang.ClassNotFoundException: org.apache.coyote.http11.Http11Protocol at

Re: Tomcat with ssl not starting

2017-03-15 11:27 GMT+03:00 Olayemi Olatunji : > > Hello Guys, > > I just applied a ssl certificate (godaddy) to my tomcat instance. > > When I attempt to launch the site at port 8443, it just keeps rolling without > launching the page. > > Kindly see the tomcat

Re: Tomcat with ssl not starting

Hi. There is no attachment. This lis strips most attachments. If it is text, then better to paste the relevant part directly into your message. On 15.03.2017 09:27, Olayemi Olatunji wrote: Hello Guys, I just applied a ssl certificate (godaddy) to my tomcat instance. When I attempt to launch

Tomcat with ssl not starting

Hello Guys, I just applied a ssl certificate (godaddy) to my tomcat instance. When I attempt to launch the site at port 8443, it just keeps rolling without launching the page. Kindly see the tomcat error attached and advise what could be wrong *Best Regards,* *Olayemi Olatunji* *Learning

RE: Need Help on Tomcat 8.0.14.0 SSL Public Facing URL !!

Hi Violeta, Currently the existing configuration is as follows : 1) Server version: Apache Tomcat/8.0.14 Server built: Sep 24 2014 09:01:51 Server number: 8.0.14.0 OS Name:Linux OS Version: 3.10.0-229.el7.x86_64 JVM Version:1.8.0_51-b16 2)Tomcat is enabled with SSL and able

Re: Need Help on Tomcat 8.1.1 SSL Public Facing URL !!

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Ramagopala, On 11/17/16 12:51 AM, ramagopala.chaturved...@wipro.com wrote: > Please help in resolving the issue with Public Facing URL of > Tomcat server. Currently the existing configuration is as follows > : > > > 1) Tomcat 8.1.1 is

Re: Need Help on Tomcat 8.1.1 SSL Public Facing URL !!

Hi, 2016-11-17 7:51 GMT+02:00 : > > Hi Group, > > Please help in resolving the issue with Public Facing URL of Tomcat server. Currently the existing configuration is as follows : > > > 1) Tomcat 8.1.1 is installed on Red-Hat Linux OS along with Jdk1.7

Need Help on Tomcat 8.1.1 SSL Public Facing URL !!

Hi Group, Please help in resolving the issue with Public Facing URL of Tomcat server. Currently the existing configuration is as follows : 1) Tomcat 8.1.1 is installed on Red-Hat Linux OS along with Jdk1.7 2) Tomcat is enabled with SSL and able to access with https with the IP

Re: Tomcat v8.5.3 SSL Configuration?

esn't work, either something else is wrong (wrong ? undisclosed reverse proxy?) or there is a bug in Tomcat. - -chris > From: Christopher Schultz > <ch...@christopherschultz.net> Sent: Wednesday, August 10, 2016 > 4:55:18 PM To: Tomcat User

Re: Tomcat v8.5.3 SSL Configuration?

oint.bind(NioEndpoint.java:245) at org.apache.tomcat.util.net.AbstractEndpoint.init(AbstractEndpoint.java:839) Thanks, Venkat From: Christopher Schultz <ch...@christopherschultz.net> Sent: Wednesday, August 10, 2016 4:55:18 PM To: Tomcat Users List Subject: Re: Tomcat v8.5.3 SSL C

Re: Tomcat v8.5.3 SSL Configuration?

machine with same JDK > > -- - > > maxThreads="150" scheme="https" secure="true" > sslEnabledProtocols="TLSv1.2,TLSv1.1" clientAuth="false" > sslPro

Re: Tomcat v8.5.3 SSL Configuration?

Hi, I am trying to configure Tomcat v8.5.3 with TLSv1.1 and TLSv1.2, but it is not working on AIX. It is only supporting TLSv1. I have added the -Dcom.ibm.jsse2.overrideDefaultTLS=true as well. Java version 1.7.0 IBM J9 VM SR1. Tomcat 8.5.3 SSL Configuration

Re: Tomcat 7 ssl by default

On 18 December 2014 at 14:06, Christopher Schultz ch...@christopherschultz.net wrote: -BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Duncan, On 12/18/14 4:18 AM, Lyallex wrote: On 17 December 2014 at 22:37, Christopher Schultz ch...@christopherschultz.net wrote: Duncan, On 12/17/14

Re: Tomcat 7 ssl by default

On 17 December 2014 at 22:37, Christopher Schultz ch...@christopherschultz.net wrote: -BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Duncan, On 12/17/14 12:32 PM, Lyallex wrote: Yea I thought of this, the problem is I currently have a user area that requires a login and all this is

Re: Tomcat 7 ssl by default

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Duncan, On 12/18/14 4:18 AM, Lyallex wrote: On 17 December 2014 at 22:37, Christopher Schultz ch...@christopherschultz.net wrote: Duncan, On 12/17/14 12:32 PM, Lyallex wrote: Yea I thought of this, the problem is I currently have a user

Tomcat 7 ssl by default

Tomcat 7.0.42 jdk1.7.0_51 Ubuntu 12.04/CentOS dev/deploy I have been reading more and more about Google and the like prioritising sites that employ https/ssl by default. Currently my site does not use https but delegates payment to a secure payment provider who does, thusly I have avoided going

Re: Tomcat 7 ssl by default

On 17/12/2014 17:10, Lyallex wrote: Tomcat 7.0.42 jdk1.7.0_51 Ubuntu 12.04/CentOS dev/deploy I have been reading more and more about Google and the like prioritising sites that employ https/ssl by default. Currently my site does not use https but delegates payment to a secure payment

Re: Tomcat 7 ssl by default

Yea I thought of this, the problem is I currently have a user area that requires a login and all this is currently configured in web.xml and I'm not sure how all this will fit together. I'll try a few things out and see what happens. Thanks for taking the time to respond Duncan On 17 December

Re: Tomcat 7 ssl by default

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Duncan, On 12/17/14 12:32 PM, Lyallex wrote: Yea I thought of this, the problem is I currently have a user area that requires a login and all this is currently configured in web.xml and I'm not sure how all this will fit together. I'll try a

Re: Help with Apache Tomcat/7.0.53 SSL issue

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Edward, On 10/7/14 2:35 PM, Brewer, Edward L wrote: Oh... Here is the entry in our server.xml (probably the most important part) Connector port=Omitted address=Omitted protocol=HTTP/1.1 SSLEnabled=true maxThreads=150 scheme=https

RE: Help with Apache Tomcat/7.0.53 SSL issue

-Original Message- From: Brewer, Edward L [mailto:lee.bre...@vanderbilt.edu] Sent: Tuesday, October 07, 2014 1:36 PM To: Tomcat Users List Subject: RE: Help with Apache Tomcat/7.0.53 SSL issue To all, Oh... Here is the entry in our server.xml (probably the most important

RE: Help with Apache Tomcat/7.0.53 SSL issue

From: Jeffrey Janner [mailto:jeffrey.jan...@polydyne.com] Subject: RE: Help with Apache Tomcat/7.0.53 SSL issue Is 2g a valid value for -Xmx? Yes, at least with the Sun/Oracle JVM. However, on 32-bit systems, that large a heap size will usually fail. - Chuck THIS COMMUNICATION MAY

Re: Tomcat 6 SSL issue

Thanks for prompt response. I simply missed your mail. I did the new CSR with the new private key. You could also add protocol attribute to force JSSE connector (BIO or NIO), to prevent connector auto-selection. 1) What is the protocol attribute and where to add it? 2) I think those old cer and

Re: Tomcat 6 SSL issue

Baran, On 16.10.2014 19:20, Baran Topal wrote: I did the new CSR with the new private key. Ok. You could also add protocol attribute to force JSSE connector (BIO or NIO), to prevent connector auto-selection. 1) What is the protocol attribute and where to add it? To your Connector

Re: Tomcat 6 SSL issue

Baran, On 10.10.2014 21:06, Baran Topal wrote: Then I received 2 files from the certificate authority, abc.com.cer and abc.om.p7b What certificates do those files contain? Connector port=443 maxHttpHeaderSize=8192 maxThreads=150 minSpareThreads=25 maxSpareThreads=75 enableLookups=false

Tomcat 6 SSL issue

done, i couldn't make the SSL work on my Tomcat 6. I followed the steps under, http://tomcat.apache.org/tomcat-6.0-doc/ssl-howto.html but I failed to import p7b so I convert it crt file and successfully import it. My application for http, is using 55012 and I want to use the port 443 for https

Help with Apache Tomcat/7.0.53 SSL issue

To all, I am using Apache Tomcat 7.0.53 and I am having an intermittent issue with SSL. I am currently running three environments (Dev, UAT, and Prod. Prod comprises 4 VMs (uname states version as 2.6.32-431.11.2.el6.x86_x86_64 GNU/Linux ) with each containing a local version of Java [

RE: Help with Apache Tomcat/7.0.53 SSL issue

. Thanks, Lee From: Brewer, Edward L [mailto:lee.bre...@vanderbilt.edu] Sent: Tuesday, October 07, 2014 1:31 PM To: users@tomcat.apache.org Subject: Help with Apache Tomcat/7.0.53 SSL issue To all, I am using Apache Tomcat 7.0.53 and I am having an intermittent issue with SSL. I am currently

Tomcat 6 SSL CA Certificate does not work, but Self signed Certificate does

I am trying to set up SSL on tomcat with a CA certificate from goDaddy. I am unable to load the Web Page using HTTPS. When I try to use a self signed certificate, everything works as expected, but when I change the keystore to point to the one with the CA certificate in it, I get nothing

Re: Tomcat 6 SSL CA Certificate does not work, but Self signed Certificate does

On Apr 4, 2014, at 1:24 PM, Mark Murphy jmarkmur...@gmail.com wrote: I am trying to set up SSL on tomcat with a CA certificate from goDaddy. I am unable to load the Web Page using HTTPS. What exactly happens when you try to access it? Please include browser behavior and any errors

Re: Tomcat 6 SSL CA Certificate does not work, but Self signed Certificate does

Created my keystore according to the directions here: http://support.godaddy.com/help/article/5239/generating-a-csr-and-installing-an-ssl-certificate-in-tomcat-4x5x6x7x This is what I see in Chrome: SSL Connection Error Unable to make a secure connection to the server. This may be a problem

Re: Tomcat 6 SSL CA Certificate does not work, but Self signed Certificate does

On Apr 4, 2014, at 2:52 PM, Mark Murphy jmarkmur...@gmail.com wrote: Created my keystore according to the directions here: http://support.godaddy.com/help/article/5239/generating-a-csr-and-installing-an-ssl-certificate-in-tomcat-4x5x6x7x Ok. Good start. This is what I see in Chrome: SSL

Re: Tomcat 6 SSL CA Certificate does not work, but Self signed Certificate does

: ERR_SSL_PROTOCOL_ERROR Here is a non-SSL URL: http://www.myerstorquetracker.com With SSL: https://www.myerstorquetracker.com Interesting. What JVM (java -version) are you using? Dan I am trying to set up SSL on tomcat with a CA certificate from goDaddy. I am unable to load the Web Page using

Re: Tomcat 6 SSL CA Certificate does not work, but Self signed Certificate does

...@gmail.com wrote: Created my keystore according to the directions here: http://support.godaddy.com/help/article/5239/generating-a-csr-and-installing-an-ssl-certificate-in-tomcat-4x5x6x7x Ok. Good start. This is what I see in Chrome: SSL Connection Error Unable to make a secure

Re: Tomcat 6 SSL CA Certificate does not work, but Self signed Certificate does

Murphy jmarkmur...@gmail.com wrote: Created my keystore according to the directions here: http://support.godaddy.com/help/article/5239/generating-a-csr-and-installing-an-ssl-certificate-in-tomcat-4x5x6x7x Ok. Good start. This is what I see in Chrome: SSL Connection Error Unable to make

Re: Tomcat 6 SSL CA Certificate does not work, but Self signed Certificate does

On 04/04/2014 21:42, Mark Murphy wrote: I saw something on StackOverflow that said the key type in the keystore needs to be PrivateKeyEntry and not trustedCertEntry. Is this true? When I look at my keystore, it is trustedCertEntry for all the certs. But when I look at the type for the self

Re: Tomcat 6 SSL CA Certificate does not work, but Self signed Certificate does

jmarkmur...@gmail.com wrote: Created my keystore according to the directions here: http://support.godaddy.com/help/article/5239/generating-a-csr-and-installing-an-ssl-certificate-in-tomcat-4x5x6x7x Ok. Good start. This is what I see in Chrome: SSL Connection Error Unable to make

Re: Tomcat 6 SSL CA Certificate does not work, but Self signed Certificate does

So let me try to understand what is going on here. I generate a keystore using keytool, that contains a key. At this point it is equal to a self signed certificate, and it works, but the browser complains that there is no CA. I then need to create a certificate request ad send that off to goDaddy.

Re: Tomcat 6 SSL CA Certificate does not work, but Self signed Certificate does

Sorry for the dumb questions, I am new to SSL, and want to understand what I am doing, not just run these instructions, and it should work. On Fri, Apr 4, 2014 at 5:00 PM, Mark Murphy jmarkmur...@gmail.com wrote: So let me try to understand what is going on here. I generate a keystore using

Re: Tomcat 6 SSL CA Certificate does not work, but Self signed Certificate does

Another option I normally use that may work for you (just confirmed it for myself with tomcat): 1. Copy your private key and signed public certificate in PEM format into a single file looking like this: -BEGIN RSA PRIVATE KEY- Proc-Type: 4,ENCRYPTED DEK-Info:

Re: Tomcat 6 SSL CA Certificate does not work, but Self signed Certificate does

On 04/04/2014 22:00, Mark Murphy wrote: So let me try to understand what is going on here. I generate a keystore using keytool, that contains a key. At this point it is equal to a self signed certificate, and it works, but the browser complains that there is no CA. I then need to create a

Re: Tomcat 6 SSL CA Certificate does not work, but Self signed Certificate does

Mark, On 4.4.2014 23:00, Mark Murphy wrote: So let me try to understand what is going on here. I generate a keystore using keytool, that contains a key. At this point it is equal to a self signed certificate, and it works, but the browser complains that there is no CA. (Standard on this list

Re: Tomcat 6 SSL CA Certificate does not work, but Self signed Certificate does

Mark, On 4.4.2014 23:54, Mark Thomas wrote: The CA that signed your certificate might not be one of the root CAs trusted by the user agent. Most likely it is an intermediate CA. The root CA will have signed the intermediate CA's certificate and the intermediate CA will have signed your

Re: Tomcat 6 SSL CA Certificate does not work, but Self signed Certificate does

Thanks everyone, this has been very informative.

Re: Configuring Embedded Tomcat for SSL

2013/11/1 Matthew Westwood-Hill matthew.westwood-h...@nuix.com Tomcat version: 7.0.47 OS: Windows 7 (x64) JDK: 1.7 I am attempting to start an embedded instance of Tomcat, which is configured for SSL only, on port 443. The code I am using is as follows: *public* *static*

Configuring Embedded Tomcat for SSL

Tomcat version: 7.0.47 OS: Windows 7 (x64) JDK: 1.7 I am attempting to start an embedded instance of Tomcat, which is configured for SSL only, on port 443. The code I am using is as follows: *public* *static* *void* *main*(String[] args) *throws*UnknownHostException,

Re: Secure Tomcat With SSL

Chris, Thank you for taking the time to help me in securing tomcat. I called godaddy and they instructed me to download the tomcat cert, which i did, and follow their provided instructions: http://support.godaddy.com/help/article/5239/generating-a-csr-and-installing-an-ssl-certificate-in-tomcat

RE: Secure Tomcat With SSL

-Original Message- From: Chris Arnold [mailto:carn...@electrichendrix.com] Sent: Wednesday, October 30, 2013 9:43 AM To: Tomcat Users List Subject: Re: Secure Tomcat With SSL Chris, Thank you for taking the time to help me in securing tomcat. I called godaddy

Re: Secure Tomcat With SSL

On 30.10.2013 18:41, Jeffrey Janner wrote: Not sure where to go from here! Can anyone help? I just want to do something basic and that issecure tomcat with a godaddy SSL cert. First, go back and re-read the last wonderful response you received from Ognjen. He is right on the money for how

Re: Secure Tomcat With SSL

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Ognjen, On 10/26/13, 6:47 PM, Ognjen Blagojevic wrote: Chris, On 26.10.2013 23:39, Chris Arnold wrote: Tomcat 7.0.42 on SLES11. I am following http://tomcat.apache.org/tomcat-7.0-doc/ssl-howto.html#Configuration to secure tomcat. I have

RE: Secure Tomcat With SSL

-Original Message- From: Christopher Schultz [mailto:ch...@christopherschultz.net] Subject: Re: Secure Tomcat With SSL I've been having some trouble lately converting keys and certs from OpenSSL format into Java's JKS format. I follow all of the magical incantations I can find online

RE: Secure Tomcat With SSL

-Original Message- From: Chris Arnold [mailto:carn...@electrichendrix.com] Sent: Saturday, October 26, 2013 7:47 PM To: Tomcat Users List Subject: Re: Secure Tomcat With SSL Chris, On 26.10.2013 23:39, Chris Arnold wrote: Tomcat 7.0.42 on SLES11. I am following http

Re: Secure Tomcat With SSL

Chris, Leo, On 28.10.2013 18:23, Leo Donahue - OETX wrote: I've been having some trouble lately converting keys and certs from OpenSSL format into Java's JKS format. I follow all of the magical incantations I can find online to convert key+cert into a Java keystore but I get no love. Is there

Re: Secure Tomcat With SSL

This tool has saved me a few times over: http://sourceforge.net/projects/portecle/ On Mon, Oct 28, 2013 at 4:41 PM, Ognjen Blagojevic ognjen.d.blagoje...@gmail.com wrote: Chris, Leo, On 28.10.2013 18:23, Leo Donahue - OETX wrote: I've been having some trouble lately converting keys and

Re: Secure Tomcat With SSL

Let us first determine which connector do you have configured (BIO, NIO or APR), because HTTPS configuration depends on connector type. Could you send your server.xml with comments and sensitive information removed? ?xml version='1.0' encoding='utf-8'? !-- Licensed to the Apache Software

Re: Secure Tomcat With SSL

Chris, On 28.10.2013 21:45, Chris Arnold wrote: Let us first determine which connector do you have configured (BIO, NIO or APR), because HTTPS configuration depends on connector type. Could you send your server.xml with comments and sensitive information removed? ?xml version='1.0'

  1   2   3   4   >