On 29/01/2016 17:36, Hubert Hickman wrote: > Hi Dave ! > > > The app is specified to run on 6443 - with openings in firewalls between > installations only for this port. Tomcat does answer and return data if > the call is made by hostname to port 6443 - just not by IP number to port > 6443. > > Regular Apache is running https on 443 and works fine. > > https:<hostname>:6443/yadayada works. > https:<IP number>:6443/yadayada does not work.
Define doesn't work. Some clients may simply drop the connection because the host name used to connect doesn't match the name on the certificate. Wireshark will give you a better idea of what is going on. Mark > > On Fri, Jan 29, 2016 at 11:28 AM, David kerber <dcker...@verizon.net> wrote: > >> On 1/29/2016 12:09 PM, Hubert Hickman wrote: >> >>> I am running Tomcat 7.0.67 on RHEL 6.7 >>> >>> I have a tomcat app that is deployed and listening on port 6443 for https >>> traffic. >>> >>> tomcat answers fine by request URLS of the form https://hostname:port/rest >>> of >>> URL/etc. However, it does not answer on https://IP <https://ip/> >>> >> >> That's because 6443 is not the standard port for HTTPS. If you just say >> https://<whatever>, without specifying the port, it will go to 443. It >> will work if you use https://ip:port. >> >> >> Number:port/rest >>> of URL/etc EXCEPT for tests I run from the server itself. >>> >>> [myuser@adifferenthost ~]$ curl -vk https://IP NUMBER:6443/<rest >>> ofURL>* About to connect() to IP NUMBER port 6443 (#0)* Trying IP >>> NUMBER... connected* Connected to IP NUMBER (IP NUMBER) port 6443 >>> (#0)* Initializing NSS with certpath: sql:/etc/pki/nssdb* warning: >>> ignoring value of ssl.verifyhost* NSS error -5961* Closing connection >>> #0* SSL connect error >>> curl: (35) SSL connect error >>> >>> By convention, the other applications that connect to this port >>> connect via IP number, not hostname. Not sure what I am missing in >>> the setup or certificates ? >>> >>> Thanks! >>> >>> Hubert >>> >>> >> >> --------------------------------------------------------------------- >> To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org >> For additional commands, e-mail: users-h...@tomcat.apache.org >> >> > --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
