tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Paul Morrow" <p...@morrow.net>
Subject Please Help - Tomcat serves HTTPS with self-signed cert, but not Thawte cert!
Date Thu, 07 Feb 2002 00:03:39 GMT
This is a rather strange problem that I'm hoping someone can assist with.
In a nutshell, Tomcat serves HTTPS pages when a self-signed cert is
installed, but not when a Thawte cert is installed.

I'm running Tomcat 4.0.1 on Solaris 8.  I used keytool to create a
self-signed cert, i.e.

    ./keytool -genkey -alias tomcat -keyalg RSA

I restarted Tomcat and could then access my pages via https as expected.  I
ordered and received a cert from Thawte which I used keytool to install
(after deleting the self-signed cert), i.e.

    ./keytool -import -alias foo -file baz

I restarted Tomcat, but now HTTPS no longer works (however, the pages are
still available via HTTP).

openssl reports the following

    CONNECTED(00000004)
    3824:error:14077410:SSL routines:SSL23_GET_SERVER_HELLO:sslv3 alert
handshake failure:s23_clnt.c:455:
    ---
    no peer certificate available
    ---
    No client certificate CA names sent
    ---
    SSL handshake has read 7 bytes and written 130 bytes
    ---
    New, (NONE), Cipher is (NONE)
    ---

Does anyone have any ideas why this might be the case?

Thanks in advance for any help you can provide.

Paul Morrow
MMS Incentives, Inc.



--
To unsubscribe:   <mailto:tomcat-user-unsubscribe@jakarta.apache.org>
For additional commands: <mailto:tomcat-user-help@jakarta.apache.org>
Troubles with the list: <mailto:tomcat-user-owner@jakarta.apache.org>


Mime
View raw message