Tomcat SSL Setup

Wed, 18 Dec 2002 11:46:06 -0800 

Hello all,
I've been working on getting SSL configured for Tomcat and seem to be
having a small problem.  I must be mistyping something because the only
thing I get back from Netscape 7.0 is:
        "Netscape 7.0 and www.mydomain.com cannot communicate securely
because they have no common encryption algorithms."

Here is what I have done so far:

1.      I changed /etc/tomcat4/server.xml and uncommented the following:

    <Connector
className="org.apache.catalina.connector.http.HttpConnector"
               port="8443" minProcessors="5" maxProcessors="75"
               enableLookups="true"
               acceptCount="10" debug="0" scheme="https" secure="true">
      <Factory
className="org.apache.catalina.net.SSLServerSocketFactory"
               clientAuth="false"
keystoreFile="keystores/mydomain.keystore" keystorePass="xxxxxxxx"
protocol="TLS"/>
    </Connector>

2.      I ran the following commands to import the Verisign key:
        /usr/java/j2sdk1.4.0_01/bin/keytool -import -alias root \
          -keystore /var/tomcat4/keystores/mydomain.keystore  \
          -trustcacerts -file /etc/verisign.key

3.      I ran the following commands to import a previously created SSL
certificate
        /usr/java/j2sdk1.4.0_01/bin/keytool -import -alias tomcat \
          -keystore /var/tomcat4/keystores/mydomain.keystore  \
          -trustcacerts -file /home/httpd/ssl/www.mydomain.com.cer

4.      In /etc/tomcat4/server.xml, I noticed the following:
         * Download and install JSSE 1.0.2 or later, and put the JAR
files
           into "$JAVA_HOME/jre/lib/ext".
 
        I found jsse.jar in $JAVA_HOME/jre/lib so I ran the following:
                ln -s $JAVA_HOME/jre/lib/jsse.jar
$JAVA_HOME/jre/lib/ext/jsse.jar

5.      I then restarted Tomcat and tried the following URL:
        http://www.mydomain.com:8080/examples/servlets/index.hml

        This was a test simply to make sure Tomcat started properly.  In
this it worked fine.

6.      I then restarted Tomcat and tried the following URL:
        https://www.mydomain.com:8443/examples/servlets/index.html

        This test failed with the above error message.


Does anyone have any ideas?  Oh, and BTW, I can visit
https://www.mydomain.com/index.html and the home page for the site comes
up in SSL mode without a problem, so I know that the SSL certificate,
under Apache, is working fine.

Thanks,
Justin L. Spies



--
To unsubscribe, e-mail:   <mailto:[EMAIL PROTECTED]>
For additional commands, e-mail: <mailto:[EMAIL PROTECTED]>

Reply via email to