One piece of information I forgot to mention:
O/S: Red Hat Linux 7.2
Apache: Custom Compiled 1.3.26
Tomcat: 4.0.4 RPM installation
JSDK: j2sdk1.4.0_01
Thanks again.
Justin L. Spies
-----Original Message-----
From: Justin L. Spies [mailto:[EMAIL PROTECTED]]
Sent: Wednesday, December 18, 2002 2:43 PM
To: [EMAIL PROTECTED]
Subject: Tomcat SSL Setup
Hello all,
I've been working on getting SSL configured for Tomcat and seem to be
having a small problem. I must be mistyping something because the only
thing I get back from Netscape 7.0 is:
"Netscape 7.0 and www.mydomain.com cannot communicate securely
because they have no common encryption algorithms."
Here is what I have done so far:
1. I changed /etc/tomcat4/server.xml and uncommented the following:
<Connector
className="org.apache.catalina.connector.http.HttpConnector"
port="8443" minProcessors="5" maxProcessors="75"
enableLookups="true"
acceptCount="10" debug="0" scheme="https" secure="true">
<Factory
className="org.apache.catalina.net.SSLServerSocketFactory"
clientAuth="false"
keystoreFile="keystores/mydomain.keystore" keystorePass="xxxxxxxx"
protocol="TLS"/>
</Connector>
2. I ran the following commands to import the Verisign key:
/usr/java/j2sdk1.4.0_01/bin/keytool -import -alias root \
-keystore /var/tomcat4/keystores/mydomain.keystore \
-trustcacerts -file /etc/verisign.key
3. I ran the following commands to import a previously created SSL
certificate
/usr/java/j2sdk1.4.0_01/bin/keytool -import -alias tomcat \
-keystore /var/tomcat4/keystores/mydomain.keystore \
-trustcacerts -file /home/httpd/ssl/www.mydomain.com.cer
4. In /etc/tomcat4/server.xml, I noticed the following:
* Download and install JSSE 1.0.2 or later, and put the JAR
files
into "$JAVA_HOME/jre/lib/ext".
I found jsse.jar in $JAVA_HOME/jre/lib so I ran the following:
ln -s $JAVA_HOME/jre/lib/jsse.jar
$JAVA_HOME/jre/lib/ext/jsse.jar
5. I then restarted Tomcat and tried the following URL:
http://www.mydomain.com:8080/examples/servlets/index.hml
This was a test simply to make sure Tomcat started properly. In
this it worked fine.
6. I then restarted Tomcat and tried the following URL:
https://www.mydomain.com:8443/examples/servlets/index.html
This test failed with the above error message.
Does anyone have any ideas? Oh, and BTW, I can visit
https://www.mydomain.com/index.html and the home page for the site comes
up in SSL mode without a problem, so I know that the SSL certificate,
under Apache, is working fine.
Thanks,
Justin L. Spies
--
To unsubscribe, e-mail:
<mailto:[EMAIL PROTECTED]>
For additional commands, e-mail:
<mailto:[EMAIL PROTECTED]>
--
To unsubscribe, e-mail: <mailto:[EMAIL PROTECTED]>
For additional commands, e-mail: <mailto:[EMAIL PROTECTED]>
