I'm trying to get Tomcat 5.0 working with SSL v2. I've got it working
fine with SSL v3 and TLS, but whenever I try to connect with just SSL
v2, whether from a browser or openssl, I can't connect.
Here's the Connector I'm using:
<Connector port="8443" address="0.0.0.0"
maxThreads="100" minSpareThreads="5" maxSpareThreads="15"
scheme="https" secure="true" clientAuth="false"
keystoreFile="/conf/keystore"
keystorePass="pxessl" sslProtocol="TLS" algorithm="SunX509"/>
I've tried leaving off the address and/or algorithm, and changing the
sslProtocol to "SSL", none of which change anything. I'm guessing that I
may have to include a cipher attribute, but I can't find anywhere what
it's value would have to be. I've searched the FAQ and the mailing list
archives, and have found some information about using Apache with
Tomcat, but that's not an option for me. I'm using the Sun JDK 1.4.2_04.
Here's the openssl output:
$ openssl s_client -ssl2 -connect localhost:8443 -state -debug
CONNECTED(00000003)
SSL_connect:before/connect initialization
write to 10103798 [100FB2A1] (48 bytes => 48 (0x30))
0000 - 80 2e 01 00 02 00 15 00-00 00 10 07 00 c0 03 00
................
0010 - 80 01 00 80 08 00 80 06-00 40 04 00 80 02 00 80
[EMAIL PROTECTED]
0020 - 4d d9 ba c7 5b 7a e4 44-22 9f 16 53 cd bf f6 7c
M...[z.D"..S...|
SSL_connect:SSLv2 write client hello A
read from 10103798 [100F3298] (2 bytes => 2 (0x2))
0000 - 80 03 ..
read from 10103798 [100F329A] (3 bytes => 3 (0x3))
0000 - 00 00 01 ...
SSL_connect:failed in SSLv2 read server hello A
3356:error:1406D0CB:SSL routines:GET_SERVER_HELLO:peer error no
cipher:s2_pkt.c:675:
3356:error:1407F0E5:SSL routines:SSL2_WRITE:ssl handshake
failure:s2_pkt.c:428:
Any ideas?
Thanks,
Brian
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
