I have a page that has some config info about SSL with Client Authentication turned on. You could have a look there and see if you find any of it useful.
http://jack.godau.googlepages.com/jbosscertificatesandopenssl Cheers Jack... On 11/05/06, Gavin Alexander <[EMAIL PROTECTED]> wrote:
Hi, I am having a problem getting Tomcat to work properly with SSL. My server.xml file contains the lines shown below, which appear fine to me. <!-- Define a non-SSL Coyote HTTP/1.1 Connector on the port specified during installation --> <Connector port="8080" maxThreads="150" minSpareThreads="25" maxSpareThreads="75" enableLookups="false" redirectPort="8443" acceptCount="100" debug="0" connectionTimeout="20000" disableUploadTimeout="true" /> <!-- Define a SSL Coyote HTTP/1.1 Connector on port 8443 --> <Connector port="8443" maxThreads="150" minSpareThreads="25" maxSpareThreads="75" enableLookups="false" disableUploadTimeout="true" acceptCount="100" debug="0" scheme="https" secure="true" clientAuth="false" sslProtocol="TLS" /> Tomcat works fine with html pages, JSPs and servlets until such time as they require SSL, and then I get the following message: Unable to connect Firefox can't establish a connection to the server at localhost:8443. * The site could be temporarily unavailable or too busy. Try again in a few moments. * If you are unable to load any pages, check your computer's network connection. * If your computer or network is protected by a firewall or proxy, make sure that Firefox is permitted to access the Web. or, in IE: The page cannot be displayed The page you are looking for is currently unavailable. The Web site might be experiencing technical difficulties, or you may need to adjust your browser settings. -------------------------------------------------------------------------------- Please try the following: ... If I enter https://localhost:8443 into the address bar of my browser (Firefox) I don't get the Tomcat splash page, as described in http://tomcat.apache.org/tomcat-5.5-doc/ssl-howto.html#Edit%20the%20Tomcat%20Configuration%20File. If anyone can suggest any other configuration details, or tests that I can use to figure out the problem, I would be grateful. Thankyou, Gavin Alexander
-- Cheers Jack... The claim "natural" is not synonymous with safe. --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]