Hi , I have compiled tomcat-native-1.1.29-src.tar.gz with 1.0.1e-3ubuntu1 and test it with fresh apache-tomcat-7.0.47.tar.gz. and with following connector settings
<Connector port="8443" protocol="org.apache.coyote.http11.Http11AprProtocol" maxThreads="200" clientAuth="false" SSLCipherSuite="ECDHE-ECDSA-AES128-SHA256" scheme="https" secure="true" SSLEnabled="true" SSLCertificateFile="/home/mudassir/p.pem" SSLCertificateKeyFile="/home/mudassir/p-key.pem" SSLCACertificateFile="/home/mudassir/p/AdminCA1.pem" /> Tomcat Logs: Jan 03, 2014 8:25:32 PM org.apache.catalina.core.AprLifecycleListener init INFO: Loaded APR based Apache Tomcat Native library 1.1.29 using APR version 1.5.0. Jan 03, 2014 8:25:32 PM org.apache.catalina.core.AprLifecycleListener init INFO: APR capabilities: IPv6 [true], sendfile [true], accept filters [false], random [true]. Jan 03, 2014 8:25:32 PM org.apache.catalina.core.AprLifecycleListener initializeSSL INFO: OpenSSL successfully initialized (OpenSSL 1.0.1e 11 Feb 2013) Jan 03, 2014 8:25:33 PM org.apache.coyote.AbstractProtocol init INFO: Initializing ProtocolHandler ["http-apr-8443"] Jan 03, 2014 8:25:33 PM org.apache.coyote.AbstractProtocol init INFO: Initializing ProtocolHandler ["http-apr-8080"] Jan 03, 2014 8:25:33 PM org.apache.coyote.AbstractProtocol init INFO: Initializing ProtocolHandler ["ajp-apr-8009"] Jan 03, 2014 8:25:33 PM org.apache.catalina.startup.Catalina load INFO: Initialization processed in 3189 ms Jan 03, 2014 8:25:33 PM org.apache.catalina.core.StandardService startInternal INFO: Starting service Catalina Jan 03, 2014 8:25:33 PM org.apache.catalina.core.StandardEngine startInternal INFO: Starting Servlet Engine: Apache Tomcat/7.0.47 Jan 03, 2014 8:25:33 PM org.apache.catalina.startup.HostConfig deployDirectory INFO: Deploying web application directory /opt/tomcat7/webapps/host-manager Jan 03, 2014 8:25:55 PM org.apache.catalina.util.SessionIdGenerator createSecureRandom INFO: Creation of SecureRandom instance for session ID generation using [SHA1PRNG] took [19,247] milliseconds. Jan 03, 2014 8:25:55 PM org.apache.catalina.startup.HostConfig deployDirectory INFO: Deploying web application directory /opt/tomcat7/webapps/docs Jan 03, 2014 8:25:55 PM org.apache.catalina.startup.HostConfig deployDirectory INFO: Deploying web application directory /opt/tomcat7/webapps/manager Jan 03, 2014 8:25:55 PM org.apache.catalina.startup.HostConfig deployDirectory INFO: Deploying web application directory /opt/tomcat7/webapps/ROOT Jan 03, 2014 8:25:56 PM org.apache.catalina.startup.HostConfig deployDirectory INFO: Deploying web application directory /opt/tomcat7/webapps/examples Jan 03, 2014 8:25:57 PM org.apache.coyote.AbstractProtocol start INFO: Starting ProtocolHandler ["http-apr-8443"] Jan 03, 2014 8:25:57 PM org.apache.coyote.AbstractProtocol start INFO: Starting ProtocolHandler ["http-apr-8080"] Jan 03, 2014 8:25:58 PM org.apache.coyote.AbstractProtocol start INFO: Starting ProtocolHandler ["ajp-apr-8009"] Also attached TCP dump logs , I am again getting following error on FF26 with TLS 1.2 support Cannot communicate securely with peer: no common encryption algorithm(s). (Error code: ssl_error_no_cypher_overlap)
20:36:23.496965 IP 10.10.0.147.18938 > example.com.8443: Flags [S], seq 435979095, win 8192, options [mss 1366,nop,wscale 2,nop,nop,sackOK], length 0 20:36:23.497066 IP example.com.8443 > 10.10.0.147.18938: Flags [S.], seq 1576579154, ack 435979096, win 29200, options [mss 1460,nop,nop,sackOK,nop,wscale 7], length 0 20:36:23.739969 IP 10.10.0.147.18938 > example.com.8443: Flags [.], ack 1, win 4098, length 0 20:36:24.023396 IP 10.10.0.147.18938 > example.com.8443: Flags [P.], seq 1:202, ack 1, win 4098, length 201 20:36:24.023471 IP example.com.8443 > 10.10.0.147.18938: Flags [.], ack 202, win 237, length 0 20:36:24.023964 IP example.com.8443 > 10.10.0.147.18938: Flags [P.], seq 1:8, ack 202, win 237, length 7 20:36:24.024187 IP example.com.8443 > 10.10.0.147.18938: Flags [F.], seq 8, ack 202, win 237, length 0 20:36:24.713659 IP 10.10.0.147.18938 > example.com.8443: Flags [F.], seq 202, ack 8, win 4096, length 0 20:36:24.713726 IP example.com.8443 > 10.10.0.147.18938: Flags [.], ack 203, win 237, length 0 20:36:24.956342 IP 10.10.0.147.18939 > example.com.8443: Flags [S], seq 3315815756, win 8192, options [mss 1366,nop,wscale 2,nop,nop,sackOK], length 0 20:36:24.956402 IP example.com.8443 > 10.10.0.147.18939: Flags [S.], seq 3575233717, ack 3315815757, win 29200, options [mss 1460,nop,nop,sackOK,nop,wscale 7], length 0 20:36:24.956415 IP 10.10.0.147.18938 > example.com.8443: Flags [.], ack 9, win 4096, length 0 20:36:25.225229 IP 10.10.0.147.18940 > example.com.8443: Flags [S], seq 821209259, win 8192, options [mss 1366,nop,wscale 2,nop,nop,sackOK], length 0 20:36:25.225278 IP example.com.8443 > 10.10.0.147.18940: Flags [S.], seq 2980117984, ack 821209260, win 29200, options [mss 1460,nop,nop,sackOK,nop,wscale 7], length 0 20:36:25.468393 IP 10.10.0.147.18939 > example.com.8443: Flags [.], ack 1, win 4098, length 0 20:36:25.468436 IP 10.10.0.147.18939 > example.com.8443: Flags [P.], seq 1:180, ack 1, win 4098, length 179 20:36:25.468481 IP example.com.8443 > 10.10.0.147.18939: Flags [.], ack 180, win 237, length 0 20:36:25.469227 IP example.com.8443 > 10.10.0.147.18939: Flags [P.], seq 1:8, ack 180, win 237, length 20:36:25.469424 IP example.com.8443 > 10.10.0.147.18939: Flags [F.], seq 8, ack 180, win 237, length 0 20:36:25.750601 IP 10.10.0.147.18940 > example.com.8443: Flags [.], ack 1, win 4098, length 0 20:36:25.750631 IP 10.10.0.147.18940 > example.com.8443: Flags [P.], seq 1:180, ack 1, win 4098, length 179 20:36:25.750671 IP example.com.8443 > 10.10.0.147.18940: Flags [.], ack 180, win 237, length 0 20:36:25.751203 IP example.com.8443 > 10.10.0.147.18940: Flags [P.], seq 1:8, ack 180, win 237, length 7 20:36:25.751353 IP example.com.8443 > 10.10.0.147.18940: Flags [F.], seq 8, ack 180, win 237, length 0 20:36:26.001464 IP 10.10.0.147.18939 > example.com.8443: Flags [F.], seq 180, ack 8, win 4096, length 0 20:36:26.001570 IP example.com.8443 > 10.10.0.147.18939: Flags [.], ack 181, win 237, length 0 20:36:26.001584 IP 10.10.0.147.18942 > example.com.8443: Flags [S], seq 432508422, win 8192, options [mss 1366,nop,wscale 2,nop,nop,sackOK], length 0 20:36:26.001642 IP example.com.8443 > 10.10.0.147.18942: Flags [S.], seq 2594784904, ack 432508423, win 29200, options [mss 1460,nop,nop,sackOK,nop,wscale 7], length 0 20:36:26.001654 IP 10.10.0.147.18939 > example.com.8443: Flags [.], ack 9, win 4096, length 0 20:36:26.264731 IP 10.10.0.147.18943 > example.com.8443: Flags [S], seq 1225729238, win 8192, options [mss 1366,nop,wscale 2,nop,nop,sackOK], length 0 20:36:26.264795 IP example.com.8443 > 10.10.0.147.18943: Flags [S.], seq 412449617, ack 1225729239, win 29200, options [mss 1460,nop,nop,sackOK,nop,wscale 7], length 0 20:36:26.507048 IP 10.10.0.147.18940 > example.com.8443: Flags [.], ack 9, win 4096, length 0 20:36:26.507134 IP 10.10.0.147.18940 > example.com.8443: Flags [F.], seq 180, ack 9, win 4096, length 0 20:36:26.507174 IP example.com.8443 > 10.10.0.147.18940: Flags [.], ack 181, win 237, length 0 20:36:26.507191 IP 10.10.0.147.18942 > example.com.8443: Flags [.], ack 1, win 4098, length 0 20:36:26.507206 IP 10.10.0.147.18942 > example.com.8443: Flags [P.], seq 1:180, ack 1, win 4098, length 179 20:36:26.507250 IP example.com.8443 > 10.10.0.147.18942: Flags [.], ack 180, win 237, length 0 20:36:26.507851 IP example.com.8443 > 10.10.0.147.18942: Flags [P.], seq 1:8, ack 180, win 237, length 7 20:36:26.508043 IP example.com.8443 > 10.10.0.147.18942: Flags [F.], seq 8, ack 180, win 237, length 0 20:36:26.757066 IP 10.10.0.147.18943 > example.com.8443: Flags [.], ack 1, win 4098, length 0 20:36:26.757087 IP 10.10.0.147.18943 > example.com.8443: Flags [P.], seq 1:180, ack 1, win 4098, length 179 20:36:26.757113 IP example.com.8443 > 10.10.0.147.18943: Flags [.], ack 180, win 237, length 0 20:36:26.757432 IP example.com.8443 > 10.10.0.147.18943: Flags [P.], seq 1:8, ack 180, win 237, length 7 20:36:26.757579 IP example.com.8443 > 10.10.0.147.18943: Flags [F.], seq 8, ack 180, win 237, length 0 20:36:27.037974 IP 10.10.0.147.18942 > example.com.8443: Flags [.], ack 9, win 4096, length 0 20:36:27.038053 IP 10.10.0.147.18942 > example.com.8443: Flags [F.], seq 180, ack 9, win 4096, length 0 20:36:27.038091 IP example.com.8443 > 10.10.0.147.18942: Flags [.], ack 181, win 237, length 0 20:36:27.038206 IP 10.10.0.147.18944 > example.com.8443: Flags [S], seq 4033355514, win 8192, options [mss 1366,nop,wscale 2,nop,nop,sackOK], length 0 20:36:27.038262 IP example.com.8443 > 10.10.0.147.18944: Flags [S.], seq 2371580431, ack 4033355515, win 29200, options [mss 1460,nop,nop,sackOK,nop,wscale 7], length 0 20:36:27.314728 IP 10.10.0.147.18946 > example.com.8443: Flags [S], seq 4281262802, win 8192, options [mss 1366,nop,wscale 2,nop,nop,sackOK], length 0 20:36:27.314764 IP example.com.8443 > 10.10.0.147.18946: Flags [S.], seq 2730993849, ack 4281262803, win 29200, options [mss 1460,nop,nop,sackOK,nop,wscale 7], length 0 20:36:27.321159 IP 10.10.0.147.18943 > example.com.8443: Flags [.], ack 9, win 4096, length 0 20:36:27.321192 IP 10.10.0.147.18943 > example.com.8443: Flags [F.], seq 180, ack 9, win 4096, length 0 20:36:27.321211 IP example.com.8443 > 10.10.0.147.18943: Flags [.], ack 181, win 237, length 0 20:36:27.565946 IP 10.10.0.147.18944 > example.com.8443: Flags [.], ack 1, win 4098, length 0 20:36:27.565975 IP 10.10.0.147.18944 > example.com.8443: Flags [P.], seq 1:89, ack 1, win 4098, length 88 20:36:27.566008 IP example.com.8443 > 10.10.0.147.18944: Flags [.], ack 89, win 229, length 0 20:36:27.566459 IP example.com.8443 > 10.10.0.147.18944: Flags [P.], seq 1:8, ack 89, win 229, length 7 20:36:27.566641 IP example.com.8443 > 10.10.0.147.18944: Flags [F.], seq 8, ack 89, win 229, length 0 20:36:27.866665 IP 10.10.0.147.18946 > example.com.8443: Flags [.], ack 1, win 4098, length 0 20:36:27.866777 IP 10.10.0.147.18946 > example.com.8443: Flags [P.], seq 1:89, ack 1, win 4098, length 88 20:36:27.866819 IP example.com.8443 > 10.10.0.147.18946: Flags [.], ack 89, win 229, length 0 20:36:27.867271 IP example.com.8443 > 10.10.0.147.18946: Flags [P.], seq 1:8, ack 89, win 229, length 7 20:36:27.867426 IP example.com.8443 > 10.10.0.147.18946: Flags [F.], seq 8, ack 89, win 229, length 0 20:36:28.356764 IP 10.10.0.147.18944 > example.com.8443: Flags [.], ack 9, win 4096, length 0 20:36:28.356852 IP 10.10.0.147.18944 > example.com.8443: Flags [F.], seq 89, ack 9, win 4096, length 0 20:36:28.356891 IP example.com.8443 > 10.10.0.147.18944: Flags [.], ack 90, win 229, length 0 20:36:28.666615 IP 10.10.0.147.18946 > example.com.8443: Flags [P.], seq 1:89, ack 1, win 4098, length 88 20:36:28.666661 IP example.com.8443 > 10.10.0.147.18946: Flags [.], ack 89, win 229, options [nop,nop,sack 1 {1:89}], length 0 20:36:28.666675 IP 10.10.0.147.18946 > example.com.8443: Flags [.], ack 9, win 4096, length 0 20:36:28.666702 IP 10.10.0.147.18946 > example.com.8443: Flags [F.], seq 89, ack 9, win 4096, length 0 20:36:28.666729 IP example.com.8443 > 10.10.0.147.18946: Flags [.], ack 90, win 229, length 0200 packets captured
--------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org