RE: ssl_error_internal_error_alert in tomcat 7‏

jaya ravindran Fri, 20 Dec 2013 11:15:21 -0800


> Date: Fri, 20 Dec 2013 14:06:30 -0500
> From: ch...@christopherschultz.net
> To: users@tomcat.apache.org
> Subject: Re: ssl_error_internal_error_alert in tomcat 7‏
> 
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA256
> 
> Jaya,
> 
> On 12/20/13, 10:52 AM, jaya ravindran wrote:
> >> No client certificate CA names sent --- SSL handshake has read
> >> 1166 bytes and written 303 bytes --- New, TLSv1/SSLv3, Cipher is
> >> EDH-RSA-DES-CBC3-SHA Server public key is 1023 bit Secure
> >> Renegotiation IS supported SSL-Session: Protocol  : TLSv1 Cipher
> >> : EDH-RSA-DES-CBC3-SHA Session-ID:
> >> 52B463FFE2D5638DE0E2AE86EE9AFB0DBD6F6DB4E042C411148491D76D8A4B09 
> >> Session-ID-ctx: Master-Key:
> >> 4AE6604C872A681708E872C970E4D3BADCE22701A2BE5E43110D0F99C86CA6A04313B3381E914A9BA460849C2C60C7F8
> >>
> >> 
> Key-Arg   : None
> >> Start Time: 1387553791 Timeout   : 300 (sec) Verify return code:
> >> 18 (self signed certificate) --- closed That means server can do
> >> TLSv1. Then why can't it connect with TLS protocol on browsers.
> 
> 
> Well, did *did* explicitly disable TLS on your web browser, so maybe
> that's why.
> I can get TLS1.0 connection to some other sites.
> What if you use "openssl s_client -ssl3"?
Tried with -ssl3. Got back the following
SSL handshake has read 3426 bytes and written 284 bytes
---
New, TLSv1/SSLv3, Cipher is EDH-RSA-DES-CBC3-SHA
Server public key is 1024 bit
Secure Renegotiation IS supported
SSL-Session:
    Protocol  : SSLv3
    Cipher    : EDH-RSA-DES-CBC3-SHA
    Session-ID: 52B4960B812952824F26DCA6DB67455143F624E615D1CAADA39E2831676944C7
    Session-ID-ctx: 
    Master-Key: 
A871539A23FD30DB1336B8B95AF50026DEDC0ADA79B80706E9B8CAA5E59E90AFAA2BEC8FA60FCCF32C0415EEA4D6F21B
    Key-Arg   : None
    Start Time: 1387566603
    Timeout   : 7200 (sec)
    Verify return code: 19 (self signed certificate in certificate chain)


> 
> - -chris
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG v1
> Comment: GPGTools - http://gpgtools.org
> Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/
> 
> iQIcBAEBCAAGBQJStJUzAAoJEBzwKT+lPKRYNs8P/134CDbGmyX+w4LTpxEO+bG+
> QmcnQgiOCz67vv4uoALNsBHDs04fqUDJVt0t4iVh4qUwzieeI0vyiTo8Gki1Aggb
> Qm4Y6SLrtuAXyo/bTecFIJjXd6CVmzBuRHyVus/yuIeCUlyIvmXDuBq/QKtw3Txp
> w8IFNsGTWhzxkYZpLkKGKOkbWWHKRlKQdOxd91EWBY92R7cmfWVI5H5NGyCVCYLZ
> TVhaoL3F+oT+abvLwHoMpOs+Rei6iuVXnpyDa8mXPs1Ci5mB3jvVlN8G313rqCV/
> Xf3zicvSwyNzSBTAridl3si8mWXXWyN4LerDxc/+EOumakXb6M2okyGBIT9BJdhA
> 29H7DgfTYwjtmRhxIO2f6x/wcX74otZ/3tR2l64vAP1ZLCgzdHa+bTfmskDpBNSl
> 1trdUs9t/nUpCROjFPJUAzmwgYlxUIGX6Gyyy7akQEKd1X47AC2LESBr/nOZc/rT
> xqv2S6z45dj9KwcPaxK4eSmg01Qf+J4l0a9bqR3WpnXp5U5q9vn+yeKFpLRnsBSg
> a5GTZuBgg9x+GJ5xv3ukBeJs5bI8Fa96BwrJd7ZHLCkYuKR+k5J/9jYBSZhUdyzP
> 4/IFkpag+oAN1U9exhd5ispZBI5xbZVp6Naoekov6VUX67DW0NV7B2Ou5T+vmLoL
> ntnFhOgqN6LgHejUjd+R
> =ZFBX
> -----END PGP SIGNATURE-----
> 
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
> For additional commands, e-mail: users-h...@tomcat.apache.org
>

RE: ssl_error_internal_error_alert in tomcat 7‏

Reply via email to