Check the Tomcat 5 SSL-howto. There are notes on changes that are necessary to get Tomcat to work with IBM's JSSE implementation.
"Daniel Gibby" <[EMAIL PROTECTED]> wrote in message news:[EMAIL PROTECTED] > tomcat 5.0.19 Standalone SSL seems to be running correctly with no error > messages logged, and it is listening on port 8443. > I'm having some sort of problem with the keystore containing a valid > global cert for the browser, maybe... > > I get this error message from my browser once I try to connect: > "Firefox and <domainname> cannot communicate securely because they have > no common encryption algorithms." > > A google search for "cannot communicate securely" "common encryption" > only yields 8 results. No-one posted an answer there, although multiple > people have had the problem for quite a while. > > It's a good thing I use firefox, or I'd never know what the problem is. > IE hides the error- just like pretty much any error. > lynx https://localhost:8443 reports: > Alert!: Unable to make secure connection to remote host. > > See my venting below if you really care... It might make you feel > compassionate to help me out ;-) > > Thanks, > Daniel > > < venting > > In the past I've used mod_jk with apache1.3 and things back then seemed > to be stable enough. Those were the good old days. If only there weren't > security holes and features that are great from newer releases! > Then about a year ago we switched to apache 2 and mod_jk2. It works > alright, but we've had so many more lock-ups than we used to. > So I decide to try Standalone SSL on tomcat4. That didn't work since I'm > using IBM 1.4 and tomcat4's code imports the wrong packages for > SSLSocket in com.sun.net or something instead of javax.security... I think. > So I decide to try the latest and greatest tomcat 5 since JSSE is > included in 1.4. I import my keystore according to tomcat5's > documentation! Yeah success, but now this: My browser can't talk the talk. > </ venting > --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
