tomcat-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Warner Onstine" <war...@warneronstine.com>
Subject Re: Tomcat 3.2 SSL - Unrecognized SSL handshake...
Date Sat, 23 Sep 2000 22:36:19 GMT
Sorry I didn't reply this e-mail got buried under all the others (my filters
automatically dump anything that has tomcat-dev in it into my tomcat-dev
folder and sometimes I don't read everything ;-).

The rewrite thing is really weird, I hadn't experienced anything like that
before. I will try and dupe on my system here, you are still using 3.2
right?

It may take me a couple of days but I will try and get to that as well as
the SSL-howto I've been promising ;-)

-warner

----- Original Message -----
From: "Stefán Freyr Stefánsson" <stebbi@decode.is>
To: <tomcat-dev@jakarta.apache.org>
Cc: "'Warner Onstine'" <warner@warneronstine.com>
Sent: Tuesday, September 12, 2000 1:38 AM
Subject: RE: Tomcat 3.2 SSL - Unrecognized SSL handshake...


> yes... I'm using the default one...
>
> It's under c:\Documents and Settings\stefanf\.keystore.
>
> I'm on Win2000 and I don't get any problems when I start tomcat up or
> anything... I even get the correct certificate from the web server when I
> try to connect my browser with https://localhost.  I can see the
certificate
> I just made... signed by me and so on...  but after I accept that
> certificate and try to retrieve the information on the page, I get the
error
> and only five boxes appear.  The thing which strikes me the most is that
> after this happens the url has been rewritten by the webserver from
> https://localhost/ to http://localhost:443/index.html.  This does impose a
> problem right?
>
> Kind regards, Stefan
>
> -----Original Message-----
> From: Warner Onstine [mailto:warner@warneronstine.com]
> Sent: 11. september 2000 17:15
> To: Stefán Freyr Stefánsson
> Subject: Re: Tomcat 3.2 SSL - Unrecognized SSL handshake...
>
>
> I don't see your keystore listed, are you using the default one suggested.
> If so where is it at?
>
> -warner
>
> ----- Original Message -----
> From: "Stefán Freyr Stefánsson" <stebbi@decode.is>
> To: <tomcat-dev@jakarta.apache.org>
> Cc: <warner@warneronstine.com>
> Sent: Saturday, September 09, 2000 4:47 AM
> Subject: RE: Tomcat 3.2 SSL - Unrecognized SSL handshake...
>
>
> attatching it to this letter.
>
> Don't worry about the additional parameter "clientAuth" that's just
> something we're going to use when the time comes that we can require
client
> certificates.  Otherwise it looks exactly like the default server.xml...
> only with the SSL partion uncommented and the regular http connector
> commented out.
>
> regards, Stefan Freyr
>
> -----Original Message-----
> From: Warner Onstine [mailto:warner@warneronstine.com]
> Sent: 8. september 2000 22:44
> To: tomcat-dev@jakarta.apache.org
> Subject: Re: Tomcat 3.2 SSL - Unrecognized SSL handshake...
>
>
> What does your server.xml file look like?
>
> -warner
>
> ----- Original Message -----
> From: "Stefán Freyr Stefánsson" <stebbi@decode.is>
> To: <tomcat-dev@jakarta.apache.org>
> Sent: Friday, September 08, 2000 2:16 AM
> Subject: Tomcat 3.2 SSL - Unrecognized SSL handshake...
>
>
> > Does anybody know this error?
> >
> > I'm receiving it when trying to access https://localhost:8443 (or just
> > https://localhost when Tomcat is configured to listen to port 443).  I'm
> > using Tomcat standalone.
> >
> > I've done everything I was told to do by the server.xml file, and I've
> even
> > looked through the SSLSocketFactory class code and found nothing which
may
> > be not working...  I've added JSSE to my classpath and I did the
keystore
> > thing with the -keyalg RSA flag so I'm a little bit baffled!
> >
> > Here is the output I get from the Tomcat console window when I try to
> access
> > the server:
> > 2000-09-08 08:36:01 - ContextManager: IOException reading request,
> ignored -
> > javax.net.ssl.SSLException: Unrecognized SSL handshake.
> >         at
> > com.sun.net.ssl.internal.ssl.InputRecord.read([DashoPro-V1.2-120198])
> >         at
> > com.sun.net.ssl.internal.ssl.SSLSocketImpl.a([DashoPro-V1.2-120198])
> >         at
> > com.sun.net.ssl.internal.ssl.SSLSocketImpl.a([DashoPro-V1.2-120198])
> >         at
> > com.sun.net.ssl.internal.ssl.AppInputStream.read([DashoPro-V1.2-120198])
> >         at
java.io.BufferedInputStream.fill(BufferedInputStream.java:186)
> >         at
java.io.BufferedInputStream.read(BufferedInputStream.java:204)
> >         at
> >
>
org.apache.tomcat.service.http.HttpRequestAdapter.doRead(HttpRequestAdapter.
> > java:120)
> >         at
> >
>
org.apache.tomcat.core.BufferedServletInputStream.doRead(BufferedServletInpu
> > tStream.java:106)
> >         at
> >
>
org.apache.tomcat.core.BufferedServletInputStream.read(BufferedServletInputS
> > tream.java:128)
> >         at
> > javax.servlet.ServletInputStream.readLine(ServletInputStream.java:138)
> >         at
> >
>
org.apache.tomcat.service.http.HttpRequestAdapter.readNextRequest(HttpReques
> > tAdapter.java:134)
> >         at
> >
>
org.apache.tomcat.service.http.HttpConnectionHandler.processConnection(HttpC
> > onnectionHandler.java:192)
> >         at
> >
org.apache.tomcat.service.TcpWorkerThread.runIt(PoolTcpEndpoint.java:403)
> >         at
> >
org.apache.tomcat.util.ThreadPool$ControlRunnable.run(ThreadPool.java:498)
> >         at java.lang.Thread.run(Thread.java:484)
> >
> > What I get up on the browser depends on a few things.  If I call
> > http://localhost:8443 or http://localhost:443 (depending only upon what
> port
> > Tomcat is configured to listen to) I do not get the certificate window
up
> on
> > the screen.  If, however, I call https://localhost:8443 or
> https://127.0.0.1
> > I get the certificate screen and the certificate is correct... My name,
> > signed by me and so on.  NOTE: I do not get the certificate window when
> > trying to access https://localhost.  That appears to redirect to
> > http://localhost:443/index.html).  This is for MS IExplorer.  The only
> thing
> > that appears on the browser window are five little boxes ("") (It
> > doesnt matter if I get the certificate window or not... it always ends
up
> > like this... five little boxes).
> >
> > In Netscape I get the certificate window and I can view everything when
I
> > try to access https://localhost but once I have accepted the certificate
a
> > window appears telling me:
> > "Warning! You have requested an insecure document that was originally
> > designated a secure document (the location has been redirected from a
> secure
> > to an insecure document). The document and any information you send back
> > could be observed by a third party while in transit."
> > When I press Continue another window appears telling me that "the
document
> > contained no data".
> > In Netscape I get the certificate window if I access https://localhost,
> > https://localhost:pnum or https://127.0.0.1.  I do not get that window
if
> I
> > try to access http://localhost:443, http://localhost:pnum or
> > http://127.0.0.1:pnum.  If I try to access http://127.0.0.1:pnum I get
an
> > 146 HTTP error (Connection refused), however I only get the "document
> > contained no data" window if I try to access http://localhost:pnum.
> >
> > One bizarre thing to me is that when I have tried to access the server
the
> > URL in the browser always seems to be rewritten...  like if I access
> > https://localhost then it is rewritten to http://localhost:443 (this is
> only
> > visible in IExplorer but I have a funny feeling that Netscape is doing
the
> > same thing just without showing it).  Any ideas?
> >
> > I really hope someone can help me with this thing... I know there have
> been
> > others who have had this problem and I've been monitoring all SSL
related
> > posts on the mailing lists but haven't seen any solution to their
problem.
> >
> > I'm using Windows 2000 for development and JDK1.3 from Sun.
> >
> > Please help...
> >
> > Kind regards and thanks in advance,
> > Stefan
> >
> >
> > ---------------------------------------------------------------------
> > To unsubscribe, e-mail: tomcat-dev-unsubscribe@jakarta.apache.org
> > For additional commands, e-mail: tomcat-dev-help@jakarta.apache.org
> >
> >
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: tomcat-dev-unsubscribe@jakarta.apache.org
> For additional commands, e-mail: tomcat-dev-help@jakarta.apache.org
>
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: tomcat-dev-unsubscribe@jakarta.apache.org
> For additional commands, e-mail: tomcat-dev-help@jakarta.apache.org
>
>


Mime
View raw message