Hi,
Looks like you have a typo. secure="true" ="false"
<Connector port="443" protocol="org.apache.coyote.http11.Http11NioProtocol"
maxThreads="150" SSLEnabled="true" secure="true" ="false"
keystoreFile="conf/filenamegoeshere.jks" keystorePass="passwordgoeshere"/>
If possible please change the connector protocol to "HTTP/1.1" .
Please find working example of HTTPS connector that i have on my system.
<Connector port="443" protocol="HTTP/1.1" SSLEnabled="true"
maxThreads="150" scheme="https" secure="true"
clientAuth="false" sslProtocol="TLS"
keystoreFile="/home/admin/.keystore" keystorePass="somepassword" />
Regards,
Tzachi Shaiovitch,
Remedy Solution Architect
Matrix - Designated Solutions and Public Sector Division
Cellular: +972-52-2328283 | Email:
[email protected]<mailto:[email protected]>
[cid:3a2466f9-bb1d-475b-b00e-c07730b53a49]
?<http://www.matrix.co.il/en/Pages/default.aspx>
________________________________
From: Action Request System discussion list(ARSList) <[email protected]> on
behalf of Pierson, Shawn <[email protected]>
Sent: Wednesday, September 2, 2015 21:14
To: [email protected]
Subject: Struggling with SSL and Mid Tier
**
Good afternoon,
This isn't specifically a Remedy issue but it's something many of you have done
so I thought I'd ask here. I'm in the process of setting up SSL with Tomcat
7.0.53 on Windows so we can better secure the Mid Tier. According to the logs,
it looks like Remedy is able to connect back to the server, but I can't
actually connect to Tomcat. Ignoring Remedy for a moment, I have an index.html
in the root folder that should work. Let's say my server's DNS alias is
remedy.example.com in this case. Tomcat ran fine on port 8080 (including the
Mid Tier) without any certificate set up.
However, I implemented this as the connector in the server.xml file:
<Connector port="443" protocol="org.apache.coyote.http11.Http11NioProtocol"
maxThreads="150" SSLEnabled="true" secure="true" ="false"
keystoreFile="conf/filenamegoeshere.jks" keystorePass="passwordgoeshere"/>
This *should* work, but doesn't seem to allow me to connect. I've tried using
port 8443 to no avail, I've tried different protocols but settled on this one
since it's used by other apps in my organization. I was also suggested to put
the keystore file in the conf directory and to reference it the way I did
above. There are other options that I will add to this connector when we have
it all up and running but for now that's it.
In terms of the keystore file, if I run keytool -list -keystore
filenamegoeshere.jks and enter the correct password, I can see the valid
certificate fingerprint information, and if I add a -v to it, I can see that it
is a certificate for remedy.example.com specifically.
Now, the final thing that is odd is that if the alias for my certificate is
"server" for example, and I go into my Tomcat connector and add
keyAlias="server" and restart Tomcat, I get these types of errors and the whole
thing bombs out:
SEVERE: Failed to initialize end point associated with ProtocolHandler
["http-nio-443"]
java.io.IOException: Alias name server does not identify a key entry
Does anyone have any suggestions of what I might be able to do to resolve this?
I've been stuck on it since last week and tried everything I can come up with.
Setting up SSL on Tomcat isn't my area of expertise and there's too much
information available on Google and not enough on BMC's sites to help me figure
out what options I have to resolve this.
Thanks,
Shawn Pierson
Remedy Developer | Energy Transfer
Private and confidential as detailed
here<http://www.energytransfer.com/mail_disclaimer.aspx>. If you cannot access
hyperlink, please e-mail sender.
This mail was received and tested using PineApp
_ARSlist: "Where the Answers Are" and have been for 20 years_
_______________________________________________________________________________
UNSUBSCRIBE or access ARSlist Archives at www.arslist.org
"Where the Answers Are, and have been for 20 years"
