Fabien COMBERNOUS
Tue, 09 Feb 2010 05:22:56 -0800
Hi there, I'm trying to use tomcat with URL https.My application is running well and i can use it via http. Now i trying to configure tomcat to use https. I'm running 6.0.20 (debian package revision -dfsg1-1). Il the server.xml i have the following connectors.
My first connector (http) :
<Connector port="8080"
maxThreads="150" minSpareThreads="25"
maxSpareThreads="75"
enableLookups="false"
redirectPort="8443"
acceptCount="100"
URIEncoding="UTF-8" />
My second connector (https) :
<Connector port="8443" protocol="HTTP/1.1" SSLEnabled="true"
maxThreads="150" scheme="https" secure="true"
keystoreFile="conf/keystore" keystorePass="changeit"
clientAuth="false"
sslProtocol="TLS" />
About tomcat i'm a realy newbie, so i read severals documents from
tomcat website. I understood that tomcat can be connected to apache. My
Debian host looks to use Coyotte and not apache.
My host already use a self signed certificate with apache. So i used
this certificate named myserver.pem in the command :
$> keytool -import -noprompt -v -storepass changeit -keystore
$CATALINA_BASE/conf/keystore -alias tomcat -file myserver.pem
But when i restart tomcat, i get the following message in tomcat logs : 09-Feb-2010 11:00:03 org.apache.coyote.http11.Http11Protocol start SEVERE: Error starting endpoint java.io.IOException: jsse.invalid_ssl_conf ...Caused by: javax.net.ssl.SSLException: No available certificate or key corresponds to the SSL cipher suites which are enabled.
I don't unerstand what i did wrong. -- *Fabien COMBERNOUS* /unix system engineer/ www.kezia.com <http://www.kezia.com/> *Tel: +33 (0) 467 992 986* Kezia Group --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org