Hi Aleksandar,
When I enabled logging using the BasicConfigurator I now get much more
logging information (how exactly the logging is configured and what impact
the value of CATALINA_HOME has I havent been able to figure out but Im sure
Ill get it eventually).
Anyway the exception being displayed is
/////////////////////////////////////////////////
179070 [http-443-Processor4] DEBUG
org.apache.tomcat.util.net.PoolTcpEndpoint - Handshake
failed
javax.net.ssl.SSLHandshakeException: Remote host closed connection during
handshake
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.a(DashoA6275)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.j(DashoA6275)
at
com.sun.net.ssl.internal.ssl.SSLSocketImpl.startHandshake(DashoA6275)
////////////////////////////////////////////////
Im guessing this exception is occurring because the server is trying to
authenticate the client and expects the client to send a certificate so I
updated my code by adding the line
IntrospectionUtils.setProperty(httpConnector, "clientauth", "false");
This hasnt resolved my problem but Im sure Ill figure it out eventually.
Thanks for all your help.
Tom
From: Aleksandar Valchev <[EMAIL PROTECTED]>
Reply-To: "Tomcat Users List" <[email protected]>
To: "Tomcat Users List" <[email protected]>
Subject: Re: Embedded Tomcat & SSL
Date: Tue, 31 May 2005 13:14:14 +0300
On Tuesday 31 May 2005 12:39, tom ONeill wrote:
You see tomcat home page on http://localhost:443/ because tomcat redirects
connection (I think so :) ).
I test this on jakarta-tomcat-5.5.9-embedded:
Connector httpConnector = new Connector();
httpConnector.setScheme("https");
httpConnector.setSecure(true);
httpConnector.setEnableLookups(false);
IntrospectionUtils.setProperty(httpConnector, "sslProtocol", "TLS");
IntrospectionUtils.setProperty(httpConnector, "keypass", "changeit");
IntrospectionUtils.setProperty(httpConnector, "keystore", "C:/Documents and
Settings/tom/.keystore");
IntrospectUtils.setProperty(httpConnector, "address",
InetAddress.getLocalhost());
IntrospectUtils.setProperty(httpConnector, "port", ""+443);
Of course you have to create your keystore according to tomcat-5.5.9
documentation.
See in your logs. There has to be errors. To see more tomcat messages while
tomcat starts add at the top of your code BasicConfigurator.configure().
This
line configures commons-logging to output debug messages.
If you see "Cannot find server", I think the problem is in your
httpConnector.
While tomcat starts it looks for certificate and private key and if it does
not find it connector just would not start.
I advise you to see your logs ($CATALINA_HOME/logs directory) more
carefully.
> Hi Aleksandar,
>
> Thanks for this. When I update my code to do this I still cannot connect
> from a browser using HTTPS (https://localhost:443/). I get a "Cannot
find
> server error" in my browser.
> But if I change my URL so that I use HTTP (http://localhost:443/) I can
see
> the Tomcat homepage. Seems like Tomcat is still only able to handle http
> requests even though I think I have enabled it for SSL.
>
> I have included a extract of my code to illustrate what I am doing.
>
>
>
///////////////////////////////////////////////////////////////////////////
>///////////////////////
>
>
> Connector httpConnector = embedded.createConnector(
> (java.net.InetAddress) null,
> 443,
> true);
>
> IntrospectionUtils.setProperty(httpConnector, "sslProtocol",
> "TLS"); IntrospectionUtils.setProperty(httpConnector, "keypass",
> "changeit");
> IntrospectionUtils.setProperty(httpConnector, "keystore",
> "C:/Documents and Settings/tom/.keystore");
>
>
> embedded.addConnector( httpConnector );
>
> embedded.start();
>
>
>
>
///////////////////////////////////////////////////////////////////////////
>///////////////////
>
>
> Any ideas what I am doing wrong (I forgot to mention that I am using
> embedded Tomcat 5.5.9).
>
> Cheers,
> Tom
>
> >From: Aleksandar Valchev <[EMAIL PROTECTED]>
> >Reply-To: "Tomcat Users List" <[email protected]>
> >To: "Tomcat Users List" <[email protected]>
> >Subject: Re: Embedded Tomcat & SSL
> >Date: Tue, 31 May 2005 11:55:42 +0300
> >
> >You have to tell tomcat where to find keystore file:
> >
> >IntrospectionUtils.setProperty(connector, "sslProtocol", "TLS");
> >IntrospectionUtils.setProperty(connector, "keypass",
"keystore-password");
> >IntrospectionUtils.setProperty(connector, "keystore",
"path-to-keystore");
> >
> >Hope this helps
> >Aleksandar
> >
> >---------------------------------------------------------------------
> >To unsubscribe, e-mail: [EMAIL PROTECTED]
> >For additional commands, e-mail: [EMAIL PROTECTED]
>
> _________________________________________________________________
> It's finally here! Download Messenger 7.0 - still FREE
> http://messenger.msn.co.uk
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: [EMAIL PROTECTED]
> For additional commands, e-mail: [EMAIL PROTECTED]
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
_________________________________________________________________
Upgrade to Messenger 7.0 - more fun features, still totally FREE!
http://messenger.msn.co.uk
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
