Hi Mark,
Im not sure I understand what you mean by mutual authenticated SSL. I set to
not be SSL enabled and it made no difference when tring to connect to
https://localhost:9012/axis/ . i.e.
Connector sshConnector = embedded.createConnector( (java.net.InetAddress)
null,
9012,
false);
Could you elaborate as to how you got SSL working, or do you have sample code I
could use
-----Original Message-----
From: Mark [mailto:[EMAIL PROTECTED]
Sent: 08 June 2005 16:12
To: Tomcat Users List
Subject: Re: Embedded Tomcat & SSL
I do not think that you need an SSL connector. I have an embedded
tomcat working using mutual authenticated SSL and the connector is not
SSL enabled.
On 6/8/05, Diarmuid McDonald <[EMAIL PROTECTED]> wrote:
> Hi,
>
> Can anyone help me with regard to running Embedded Tomcat 5.5.9 with SSL. I
> found a mail archive before that has the same problem, however there is no
> resolution.
>
> http://www.mail-archive.com/[email protected]/msg153661.html
>
> I have included my code and errors that I am receiving. Any help would be
> greatly appreciated
>
> Here is the code I am Using
>
> import java.io.File;
> ..
> ..
> import org.apache.tomcat.util.IntrospectionUtils;
>
> public class TestEmbededTomcat {
>
>
> public static void main( String args[] )
> {
>
> Embedded embedded = new Embedded();
>
> // set default logger and realm
> org.apache.log4j.BasicConfigurator.configure();
>
> MemoryRealm memRealm = new MemoryRealm();
> embedded.setRealm(memRealm);
>
> //Create an Engine
> Engine baseEngine = embedded.createEngine();
>
> baseEngine.setName("TestEngine");
> baseEngine.setDefaultHost("vsjHost");
>
> //Create Host
> Host baseHost = embedded.createHost( "vsjHost",
> "e:/ent/sip2.0/rte/jakarta-tomcat-5.5.9-embed/webapps" );
>
> baseEngine.addChild( baseHost );
>
> //Create default context
> Context rootContext = embedded.createContext("","ROOT");
>
> baseHost.addChild( rootContext );
>
> // Create context for web app for axis
> Context axisContext = embedded.createContext("/axis", "axis");
> axisContext.setPrivileged( true );
> baseHost.addChild( axisContext );
>
> embedded.addEngine( baseEngine );
>
> //Create a ssh Connector
> Connector sshConnector = embedded.createConnector(
> (java.net.InetAddress) null,
> 9012,
> true);
>
> IntrospectionUtils.setProperty(sshConnector, "sslProtocol", "TLS");
> IntrospectionUtils.setProperty(sshConnector, "keypass", "changeit");
> IntrospectionUtils.setProperty(sshConnector, "keystore",
> "C:/Documents and Settings/mcdonald/.keystore");
> IntrospectionUtils.setProperty(sshConnector, "clientAuth", "false");
>
> embedded.addConnector( sshConnector );
> sshConnector.setProtocol( "TLS" );
>
> //start operation
> embedded.start();
> }
> }
>
>
> Here is the error message I get :-
>
> 12:16:41:375:
> [org.apache.tomcat.util.net.PoolTcpEndpoint][http-9012-Processor3] DEBUG -
> Handshake
> ailed
> javax.net.ssl.SSLHandshakeException: Received fatal alert: handshake_failure
> at com.sun.net.ssl.internal.ssl.BaseSSLSocketImpl.a(DashoA6275)
> at com.sun.net.ssl.internal.ssl.BaseSSLSocketImpl.b(DashoA6275)
> at com.sun.net.ssl.internal.ssl.SSLSocketImpl.b(DashoA6275)
> at com.sun.net.ssl.internal.ssl.SSLSocketImpl.a(DashoA6275)
> at com.sun.net.ssl.internal.ssl.SSLSocketImpl.j(DashoA6275)
> at
> com.sun.net.ssl.internal.ssl.SSLSocketImpl.startHandshake(DashoA6275)
> at
> org.apache.tomcat.util.net.jsse.JSSESocketFactory.handshake(JSSESocketFactory.java:119)
> at
> org.apache.tomcat.util.net.PoolTcpEndpoint.processSocket(PoolTcpEndpoint.java:520)
> at
> org.apache.tomcat.util.net.LeaderFollowerWorkerThread.runIt(LeaderFollowerWorkerThread.j
> va:80)
> at
> org.apache.tomcat.util.threads.ThreadPool$ControlRunnable.run(ThreadPool.java:684)
> at java.lang.Thread.run(Thread.java:536)
> 287423 [http-9012-Processor3] DEBUG
> org.apache.tomcat.util.net.PoolTcpEndpoint - Handshake failed
> javax.net.ssl.SSLHandshakeException: Received fatal alert: handshake_failure
> at com.sun.net.ssl.internal.ssl.BaseSSLSocketImpl.a(DashoA6275)
> at com.sun.net.ssl.internal.ssl.BaseSSLSocketImpl.b(DashoA6275)
> at com.sun.net.ssl.internal.ssl.SSLSocketImpl.b(DashoA6275)
> at com.sun.net.ssl.internal.ssl.SSLSocketImpl.a(DashoA6275)
> at com.sun.net.ssl.internal.ssl.SSLSocketImpl.j(DashoA6275)
> at
> com.sun.net.ssl.internal.ssl.SSLSocketImpl.startHandshake(DashoA6275)
> at
> org.apache.tomcat.util.net.jsse.JSSESocketFactory.handshake(JSSESocketFactory.java:119)
> at
> org.apache.tomcat.util.net.PoolTcpEndpoint.processSocket(PoolTcpEndpoint.java:520)
> at
> org.apache.tomcat.util.net.LeaderFollowerWorkerThread.runIt(LeaderFollowerWorkerThread.j
> va:80)
> at
> org.apache.tomcat.util.threads.ThreadPool$ControlRunnable.run(ThreadPool.java:684)
> at java.lang.Thread.run(Thread.java:536)
>
>
> Here is the message I get from Firefox :-
>
> "Could not establish an encrypted connection, because the certificate
> presented by localhost is invalid or corrupted. Error Code : -8182"
>
>
> This e-mail and any files transmitted with it are confidential and may be
> privileged and are intended solely for the individual named/ for the use of
> the individual or entity to whom they are addressed.If you are not the
> intended addressee, you should not disseminate, distribute or copy this
> e-mail.Please notify the sender immediately if you have received this e-mail
> by mistake and delete this e-mail from your system.If you are not the
> intended recipient, you are notified that reviewing, disclosing, copying,
> distributing or taking any action in reliance on the contents of this e-mail
> is strictly prohibited.Please note that any views or opinions expressed in
> this e-mail are solely those of the author and do not necessarily represent
> those of Traventec Limited. This e-mail has been swept for computer viruses
> however Traventec Limited accepts no liability for any damage caused by any
> virus transmitted by this e-mail.
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
This e-mail and any files transmitted with it are confidential and may be
privileged and are intended solely for the individual named/ for the use of the
individual or entity to whom they are addressed.If you are not the intended
addressee, you should not disseminate, distribute or copy this e-mail.Please
notify the sender immediately if you have received this e-mail by mistake and
delete this e-mail from your system.If you are not the intended recipient, you
are notified that reviewing, disclosing, copying, distributing or taking any
action in reliance on the contents of this e-mail is strictly prohibited.Please
note that any views or opinions expressed in this e-mail are solely those of
the author and do not necessarily represent those of Traventec Limited. This
e-mail has been swept for computer viruses however Traventec Limited accepts no
liability for any damage caused by any virus transmitted by this e-mail.
