date:20220617

AW: AW: SSL issue with Tomcat 6.0.45 and JRE 1.8.0

2022-06-17 Thread Thomas Hoffmann (Speed4Trade GmbH)



> -Ursprüngliche Nachricht-
> Von: Peter Chamberlain 
> Gesendet: Freitag, 17. Juni 2022 15:36
> An: Tomcat Users List 
> Betreff: Re: AW: SSL issue with Tomcat 6.0.45 and JRE 1.8.0
> 
> On Thu, 16 Jun 2022 at 04:42, Christopher Schultz <
> ch...@christopherschultz.net> wrote:
> 
> > Thomas,
> >
> > On 6/15/22 03:08, Thomas Hoffmann (Speed4Trade GmbH) wrote:
> > > Hello,
> > >
> > >> -Ursprüngliche Nachricht-
> > >> Von: Pavan Kumar Tiruvaipati 
> > >> Gesendet: Mittwoch, 15. Juni 2022 08:59
> > >> An: Christopher Schultz 
> > >> Cc: Tomcat Users List 
> > >> Betreff: Re: SSL issue with Tomcat 6.0.45 and JRE 1.8.0
> > >>
> > >> Hi,
> > >>
> > >> Tomcat server started successfully.
> > >>
> > >> I'm seeing the following error in the tomcat logs when SSL is
> > >> enabled in server.xml
> > >>
> > >> Application is not able to run on https://localhost:8080.
> > >>
> > >> 2022-06-15 12:02:43,923 [http-3003-1] DEBUG
> > >> *org.apache.tomcat.util.net.JIoEndpoint
> > >> - Handshake failed*
> > >>
> > >> *javax.net.ssl.SSLHandshakeException: no cipher suites in common at
> > >> sun.security.ssl.Alert.createSSLException(Unknown Source) *
> > >>
> > >> *at sun.security.ssl.Alert.createSSLException(Unknown Source) at
> > >> sun.security.ssl.TransportContext.fatal(Unknown Source) *
> > >>
> > >> *at sun.security.ssl.TransportContext.fatal(Unknown Source) at
> > >> sun.security.ssl.TransportContext.fatal(Unknown Source) at
> > >> sun.security.ssl.ServerHello$T12ServerHelloProducer.chooseCipherSui
> > >> te(Un
> > >> known
> > >> Source) at
> > >>
> sun.security.ssl.ServerHello$T12ServerHelloProducer.produce(Unknown
> > >> Source) at sun.security.ssl.SSLHandshake.produce(Unknown Source) at
> > >>
> sun.security.ssl.ClientHello$T12ClientHelloConsumer.consume(Unknown
> > >> Source) at
> > >> sun.security.ssl.ClientHello$ClientHelloConsumer.onClientHello(Unkn
> > >> own
> > >> Source) at
> > >> sun.security.ssl.ClientHello$ClientHelloConsumer.consume(Unknown
> > >> Source) at sun.security.ssl.SSLHandshake.consume(Unknown Source) at
> > >> sun.security.ssl.HandshakeContext.dispatch(Unknown Source) at
> > >> sun.security.ssl.HandshakeContext.dispatch(Unknown Source) at
> > >> sun.security.ssl.TransportContext.dispatch(Unknown Source) at
> > >> sun.security.ssl.SSLTransport.decode(Unknown Source) at
> > >> sun.security.ssl.SSLSocketImpl.decode(Unknown Source) at
> > >> sun.security.ssl.SSLSocketImpl.readHandshakeRecord(Unknown
> Source)
> > >> at sun.security.ssl.SSLSocketImpl.startHandshake(Unknown Source) at
> > >> sun.security.ssl.SSLSocketImpl.startHandshake(Unknown Source) at
> > >> org.apache.tomcat.util.net
> > .jsse.JSSESocketFactory.handshake(JSSESocketFac
> > >> tory.java:233)
> > >> at
> > >> org.apache.tomcat.util.net
> > .JIoEndpoint.setSocketOptions(JIoEndpoint.java:7
> > >> 01)
> > >> at org.apache.tomcat.util.net
> > .JIoEndpoint$Worker.run(JIoEndpoint.java:503)
> > >> at java.lang.Thread.run(Unknown Source)*
> > >>
> > >> If I disable SSL in tomcat server.xml, It's working with Non-SSL (
> > >> http://localhost:8080).
> > >>
> > >> Does Tomcat SSL configuration work with JRE 1.8.0 ? Are there any
> > changes
> > >> required to establish a handshake ?
> > >>
> > >> Please let me know if you need more details.
> > >>
> > >>
> > >> Regards,
> > >> Pavan
> > >>
> > >> On Tue, Jun 14, 2022 at 10:44 PM Christopher Schultz <
> > >> ch...@christopherschultz.net> wrote:
> > >>
> > >>> Pavan,
> > >>>
> > >>> Please reply to the list and not me personally.
> > >>>
> > >>> On 6/14/22 11:21, Pavan Kumar Tiruvaipati wrote:
> >   >   maxThreads="150" minSpareThreads="25"
> > >>> maxSpareThreads="75"
> >   enableLookups="false" disableUploadTimeout="true"
> >   acceptCount="100"  scheme="https" secure="true"
> >  connectionTimeout="2"
> >   clientAuth="false" algorithm="SunX509"
> > sslProtocol="TLS"
> >  keystoreFile="conf/certificate" keystorePass="x"
> >  useBodyEncodingForURI="true"
> >  SSLEnabled="true"/>
> > >>>
> > >>> That all looks pretty straightforward.
> > >>>
> > >>> When you say it's "not working", can you be more specific? Does
> > >>> the Tomcat server start? Are there any errors or warnings in the logs?
> > >>>
> > >>> -chris
> > >>>
> >  On Tue, Jun 14, 2022 at 7:30 PM Christopher Schultz
> >   >  >
> > >>> wrote:
> > 
> >   Pavan,
> > 
> >   On 6/14/22 08:32, Pavan Kumar Tiruvaipati wrote:
> >    > We have replaced JDK 1.8 with JRE 1.8.0_333.
> >    >
> >    > SSL configuration was working fine with Tomcat 6.0.45 before
> >   replacing JDK
> >    > with JRE.
> >    >
> >    > Now it's not working.
> >    >
> >    > In server.xml, SSL Protocol is set to "TLS".
> >    >
> >    > Does Tomcat 6.0.45 support

Re: AW: SSL issue with Tomcat 6.0.45 and JRE 1.8.0

2022-06-17 Thread Peter Chamberlain

On Thu, 16 Jun 2022 at 04:42, Christopher Schultz <
ch...@christopherschultz.net> wrote:

> Thomas,
>
> On 6/15/22 03:08, Thomas Hoffmann (Speed4Trade GmbH) wrote:
> > Hello,
> >
> >> -Ursprüngliche Nachricht-
> >> Von: Pavan Kumar Tiruvaipati 
> >> Gesendet: Mittwoch, 15. Juni 2022 08:59
> >> An: Christopher Schultz 
> >> Cc: Tomcat Users List 
> >> Betreff: Re: SSL issue with Tomcat 6.0.45 and JRE 1.8.0
> >>
> >> Hi,
> >>
> >> Tomcat server started successfully.
> >>
> >> I'm seeing the following error in the tomcat logs when SSL is enabled in
> >> server.xml
> >>
> >> Application is not able to run on https://localhost:8080.
> >>
> >> 2022-06-15 12:02:43,923 [http-3003-1] DEBUG
> >> *org.apache.tomcat.util.net.JIoEndpoint
> >> - Handshake failed*
> >>
> >> *javax.net.ssl.SSLHandshakeException: no cipher suites in common at
> >> sun.security.ssl.Alert.createSSLException(Unknown Source) *
> >>
> >> *at sun.security.ssl.Alert.createSSLException(Unknown Source) at
> >> sun.security.ssl.TransportContext.fatal(Unknown Source) *
> >>
> >> *at sun.security.ssl.TransportContext.fatal(Unknown Source) at
> >> sun.security.ssl.TransportContext.fatal(Unknown Source) at
> >> sun.security.ssl.ServerHello$T12ServerHelloProducer.chooseCipherSuite(Un
> >> known
> >> Source) at
> >> sun.security.ssl.ServerHello$T12ServerHelloProducer.produce(Unknown
> >> Source) at sun.security.ssl.SSLHandshake.produce(Unknown Source) at
> >> sun.security.ssl.ClientHello$T12ClientHelloConsumer.consume(Unknown
> >> Source) at
> >> sun.security.ssl.ClientHello$ClientHelloConsumer.onClientHello(Unknown
> >> Source) at
> >> sun.security.ssl.ClientHello$ClientHelloConsumer.consume(Unknown
> >> Source) at sun.security.ssl.SSLHandshake.consume(Unknown Source) at
> >> sun.security.ssl.HandshakeContext.dispatch(Unknown Source) at
> >> sun.security.ssl.HandshakeContext.dispatch(Unknown Source) at
> >> sun.security.ssl.TransportContext.dispatch(Unknown Source) at
> >> sun.security.ssl.SSLTransport.decode(Unknown Source) at
> >> sun.security.ssl.SSLSocketImpl.decode(Unknown Source) at
> >> sun.security.ssl.SSLSocketImpl.readHandshakeRecord(Unknown Source) at
> >> sun.security.ssl.SSLSocketImpl.startHandshake(Unknown Source) at
> >> sun.security.ssl.SSLSocketImpl.startHandshake(Unknown Source) at
> >> org.apache.tomcat.util.net
> .jsse.JSSESocketFactory.handshake(JSSESocketFac
> >> tory.java:233)
> >> at
> >> org.apache.tomcat.util.net
> .JIoEndpoint.setSocketOptions(JIoEndpoint.java:7
> >> 01)
> >> at org.apache.tomcat.util.net
> .JIoEndpoint$Worker.run(JIoEndpoint.java:503)
> >> at java.lang.Thread.run(Unknown Source)*
> >>
> >> If I disable SSL in tomcat server.xml, It's working with Non-SSL (
> >> http://localhost:8080).
> >>
> >> Does Tomcat SSL configuration work with JRE 1.8.0 ? Are there any
> changes
> >> required to establish a handshake ?
> >>
> >> Please let me know if you need more details.
> >>
> >>
> >> Regards,
> >> Pavan
> >>
> >> On Tue, Jun 14, 2022 at 10:44 PM Christopher Schultz <
> >> ch...@christopherschultz.net> wrote:
> >>
> >>> Pavan,
> >>>
> >>> Please reply to the list and not me personally.
> >>>
> >>> On 6/14/22 11:21, Pavan Kumar Tiruvaipati wrote:
>     maxThreads="150" minSpareThreads="25"
> >>> maxSpareThreads="75"
>   enableLookups="false" disableUploadTimeout="true"
>   acceptCount="100"  scheme="https" secure="true"
>  connectionTimeout="2"
>   clientAuth="false" algorithm="SunX509"
> sslProtocol="TLS"
>  keystoreFile="conf/certificate" keystorePass="x"
>  useBodyEncodingForURI="true"
>  SSLEnabled="true"/>
> >>>
> >>> That all looks pretty straightforward.
> >>>
> >>> When you say it's "not working", can you be more specific? Does the
> >>> Tomcat server start? Are there any errors or warnings in the logs?
> >>>
> >>> -chris
> >>>
>  On Tue, Jun 14, 2022 at 7:30 PM Christopher Schultz
>  mailto:ch...@christopherschultz.net>>
> >>> wrote:
> 
>   Pavan,
> 
>   On 6/14/22 08:32, Pavan Kumar Tiruvaipati wrote:
>    > We have replaced JDK 1.8 with JRE 1.8.0_333.
>    >
>    > SSL configuration was working fine with Tomcat 6.0.45 before
>   replacing JDK
>    > with JRE.
>    >
>    > Now it's not working.
>    >
>    > In server.xml, SSL Protocol is set to "TLS".
>    >
>    > Does Tomcat 6.0.45 support SSL with JRE 1.8.0_333 ?
>    >
>    > Are there any specific protocols / versions to be used to
> enable
>   SSL ?
> 
>   Please post your  configuration. Remove any secrets
>  that
> >>> may
>   be in there (e.g. passwords).
> 
>   -chris
> 
> >>>
> >
> > The error says that the client and the server couldn’t find a common
> cipher suite.
> > They couldn’t agree on any cipher.
> > Does your keystore contain

AW: AW: SSL issue with Tomcat 6.0.45 and JRE 1.8.0

Re: AW: SSL issue with Tomcat 6.0.45 and JRE 1.8.0

2 matches

Site Navigation

Mail list logo

Footer information