Howdy all,
I'm struggling through setting up Tomcat with SSL on a Windows 2003 server, and even when I get the server running, with no errors in the logs when restarting the tomcat service, all I get is a "Page Not Found" error when I point to the ssl port on the server. Pointing to the default connector on port 8080 works fine. Here's a little background: 1. Using keytool, I created a certificate request, sent it off to Geotrust, and purchased a cert to import. It was emailed to me. 2. Following the recommendations of geotrust (http://www.geocerts.com/support/install/install_tomcat.php ) , I downloaded their root cert, imported it, converted their cert to DER format (on a separate Linux box), and imported it into the keystore. 3. I restarted the Tomcat service with no errors, see the connector started on port 8443: Nov 7, 2006 4:55:35 PM org.apache.coyote.http11.Http11BaseProtocol init INFO: Initializing Coyote HTTP/1.1 on http-8080 Nov 7, 2006 4:55:35 PM org.apache.coyote.http11.Http11BaseProtocol init INFO: Initializing Coyote HTTP/1.1 on http-8443 Nov 7, 2006 4:55:35 PM org.apache.catalina.startup.Catalina load INFO: Initialization processed in 812 ms Nov 7, 2006 4:55:35 PM org.apache.catalina.core.StandardService start INFO: Starting service Catalina Nov 7, 2006 4:55:35 PM org.apache.catalina.core.StandardEngine start INFO: Starting Servlet Engine: Apache Tomcat/5.5.12 Nov 7, 2006 4:55:35 PM org.apache.catalina.core.StandardHost start INFO: XML validation disabled Nov 7, 2006 4:55:36 PM org.apache.coyote.http11.Http11BaseProtocol start INFO: Starting Coyote HTTP/1.1 on http-8080 Nov 7, 2006 4:55:36 PM org.apache.coyote.http11.Http11BaseProtocol start INFO: Starting Coyote HTTP/1.1 on http-8443 Nov 7, 2006 4:55:37 PM org.apache.jk.common.ChannelSocket init INFO: JK: ajp13 listening on /0.0.0.0:8009 Nov 7, 2006 4:55:37 PM org.apache.jk.server.JkMain start INFO: Jk running ID=0 time=0/31 config=null Nov 7, 2006 4:55:37 PM org.apache.catalina.storeconfig.StoreLoader load INFO: Find registry server-registry.xml at classpath resource Nov 7, 2006 4:55:37 PM org.apache.catalina.startup.Catalina start INFO: Server startup in 1203 ms Now, opening any page on the server at http://servername:8080 <http://servername:8080/> works fine, but https://servername:8443 <https://servername:8443/> doesn't work. All ports are opened through the firewall, etc. Same for https://localhost:8443 <https://localhost:8443/> . Here is the server.xml file entry for the connector: <Connector className="org.apache.coyote.tomcat5.CoyoteConnector" port="8443" minProcessors="5" maxProcessors="20" enableLookups="true" disableUploadTimeout="true" acceptCount="100" debug="0" scheme="https" secure="true" sslProtocol="TLS" keystoreFile="c:\files\tomcat" keystorePass="THEPASS"/> According to the Tomcat SSL documentation, I need to have the root cert and the purchased cert in the keystore file, and I need to use the keyAlias to tell Tomcat which one to use. But whenever I add in the keyAlias entry it gives me the "Alias name tomcat does not identify a key entry" error in the logs. If I could find out how to enable better logging I may be able to troubleshoot this further. Thanks for any help! Michael Casale Systems Administrator / IT Manager Knoa Software [EMAIL PROTECTED] <mailto:[EMAIL PROTECTED]> Ph. (212) 807-9608 ext. 6000 Fax (212) 675-6121
