Hi,
I am trying to configure SHA2 algorithm certificates with tomcat6 in
centos 6. I have created a keystore of format "JKS" using keytool and imported
the certificate and intermediates to the keystore. When i restart the tomcat,
logs do not show any kind of errors it starts up normally but when i try to
connect to host from a browser it shows the following error
my system configuration
OS : centos
tomcat 6
java1.7.x
In chrome
Version 39.0.2171.71 (64-bit)
SSL connection error
Hide detailsUnable to make a secure connection to the server. This may be a
problem with the server, or it may be requiring a client authentication
certificate that you don't have.
Error code: ERR_SSL_PROTOCOL_ERROR
In firefox it shows
Cannot communicate securely with peer: no common encryption algorithm(s).
(Error code: ssl_error_no_cypher_overlap)
tomcat configuration for the certificate in server.xml
<Connector port="8443" maxHttpHeaderSize="8192" maxThreads="150"
minSpareThreads="25"
maxSpareThreads="75" enableLookups="false"
disableUploadTimeout="true"
acceptCount="100" scheme="https" secure="true" SSLEnabled="true"
keystoreFile="/etc/tomcat6/xxxxx.jks"
keystorePass="xxxxxx"
clientAuth="false" sslEnabledProtocols="TLSv1, TLSv1.1,
TLSv1.2" />
When i change the tomcat keystore with another certificates of SHA1 algorithm
everything works fine.
Thanks
Pavan
