tomcat-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Hanks Wang (hanwan)" <han...@cisco.com>
Subject Https doesn't work while using tomcat6.0+APR+OpenSSL
Date Mon, 03 Mar 2008 09:10:58 GMT
Hi all,
 
Tomcat6.0, JDK6.0, WindowsXP,.
 
I can see below info while starting tomcat server, which should mean the
tomcat starts successfully under the APR mode:
Mar 3, 2008 4:58:17 PM org.apache.coyote.http11.Http11AprProtocol start
INFO: Starting Coyote HTTP/1.1 on http-8080
Mar 3, 2008 4:58:17 PM org.apache.coyote.http11.Http11AprProtocol start
INFO: Starting Coyote HTTP/1.1 on http-443
 
But I always fail to access localhost:443, which gives me some info like
"The connection was interrupted" after very long wait.
 
Case reproduce:
 
1. Download OpenSSL from
http://www.slproweb.com/products/Win32OpenSSL.html
<http://www.slproweb.com/products/Win32OpenSSL.html>  and install it on
my machine;
2. execute "genrsa -des3 -out tomcatkey.pem 2048 (passwd is tomcat)
3. execute "req -new -x509 -key tomcatkey.pem -out tomcatcert.pem -days
1095" 
So far I get the private key and the certification: tomcatkey.pem and
tomcatcert.pem successfully;
 
4. Edit the conf/server.xml as below:
<Server port="8005" shutdown="SHUTDOWN">
  <!--APR library loader. Documentation at /docs/apr.html -->
  <Listener className="org.apache.catalina.core.AprLifecycleListener"
SSLEngine="on" />
  <Listener className="org.apache.catalina.core.JasperListener" />
  <Listener
className="org.apache.catalina.mbeans.ServerLifecycleListener" />
.....
  <Service name="Catalina">
    <Connector
    port="8080" maxHttpHeaderSize="8192"     maxThreads="150"
minSpareThreads="25" maxSpareThreads="75"    enableLookups="false"
redirectPort="443" acceptCount="100"
    connectionTimeout="20000" disableUploadTimeout="true" />
 
<!--  ssl for apr -->
    <Connector port="443" maxHttpHeaderSize="8192" maxThreads="150"
minSpareThreads="25" maxSpareThreads="75"  enableLookups="false"
disableUploadTimeout="true"
        acceptCount="100" scheme="https" secure="true"
clientAuth="false" sslProtocol="all" SSLEngine="on"
SSLCertificateFile="tomcatcert.pem"
SSLCertificateKeyFile="tomcatkey.pem"
       SSLPassword="tomcat"/>  
.....
 
I tried every instruction in tomcat doc, but can't access https by APR
at all.
The https feature works well if I use "Http11NioProtocol" Connector.
 
Any suggestion please?
 
btw, there is one warning when starting the Tomcat:
An older version 1.1.9 of the Apache Tomcat Native library is installed,
while Tomcat recommends version greater then 1.1.10
 
Thanks!
Han
 

Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message