tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Jakarta Tomcat Newsgroup (@Basebeans.com) <jakarta-...@basebeans.com>
Subject Re: failed to enable SSL on Tomcat 4.04
Date Thu, 01 Aug 2002 15:25:03 GMT
Subject: Re: failed to enable SSL on Tomcat 4.04
From: "tom" <home@hongkong.com>
 ===
Jurjan,

Thanks for your reply, I got it, but it is only validate if using a dummy
keystore created by the keytool.

My problem is I have a signed certification issued by my univerity's ca,
I tried to get the .keystore file but it seems that tomcat does not
recognise it.
Here is my implementation

C:\jakarta-tomcat-4.0.4\bin>keytool -import -alias root -keystore
wisdom\.keystore -trustcacerts -file caroot.cer

C:\jakarta-tomcat-4.0.4\bin>keytool -import -alias wisdom -keystore
wisdom\.keystore -trustcacerts -file 1061.crt

server.xml configuration

    <Connector className="org.apache.catalina.connector.http.HttpConnector"
               port="443" minProcessors="5" maxProcessors="75"
               enableLookups="true"
        acceptCount="10" debug="0" scheme="https" secure="true">
      <Factory className="org.apache.catalina.net.SSLServerSocketFactory"
               clientAuth="false" protocol="TLS"
keystoreFile="c:\temp\wisdom\.keystore" keystorePass="changeit"/>
    </Connector>

Thank you very much.

Tom


<jurjanw@xs4all.nl> wrote in message
news:mailman.1028201761.31369.jakarta_tomcat@basebeans.com...
>
> Tom,
>
> I think you make one mistake you have to load https://localhost:8443, with
> "https" as your conection protocol not "http". That will do I think, I had
> the same problem.If you load the url over http you only see 4 squares.
>
> Jurjan
>
> > Subject: failed to enable SSL on Tomcat 4.04
> > From: "tom" <tomcwh@yahoo.com>
> > ===
> > I tried to enable SSL for 2 days but did not ever success.
> >
> > Environment:
> > Windows 2000 Server
> > JDK1.4.0.01
> > Tomcat 4.04
> > 1 signed digital certificate
> >
> > Steps
> > 1. run "keytool -import -alias wisdom -file wisdom.crt -keystore
> > c:\mydoc\.keystore" to generate the .keystore file
> > 2. modify server.xml as below
> >
> >    <Connector
> >    className="org.apache.catalina.connector.http.HttpConnector"
> >               port="8443" minProcessors="5" maxProcessors="75"
> >               enableLookups="true"
> >        acceptCount="10" debug="0" scheme="https" secure="true">
> >      <Factory
> >      className="org.apache.catalina.net.SSLServerSocketFactory"
> >               clientAuth="false" protocol="TLS"
> >     keystoreFile="c:\mydoc\.keystore"
> >     keystorePass="changeit"/>
> >    </Connector>
> >
> > 3. run "startup"
> > 4. load http://localhost:8443
> >
> > The browser displays 4 strange squares, and no error message ever
> > appears in the console
> >
> > Alternatively, I tried to following the doc
> > http://jakarta.apache.org/tomcat/tomcat-4.0-doc/ssl-howto.html exactly.
> > but still failed to enable SSL.
> >
> > 1. run "keytool -genkey -alias tomcat -keyalg RSA -keystore
> > c:\mydoc2\.keystore"
> > 2. modify the server.xml as below
> >
> >    <Connector
> >    className="org.apache.catalina.connector.http.HttpConnector"
> >               port="8443" minProcessors="5" maxProcessors="75"
> >               enableLookups="true"
> >        acceptCount="10" debug="0" scheme="https" secure="true">
> >      <Factory
> >      className="org.apache.catalina.net.SSLServerSocketFactory"
> >               clientAuth="false" protocol="TLS"
> >     keystoreFile="c:\mydoc2\.keystore"
> >     keystorePass="changeit"/>
> >    </Connector>
> >
> > 3. run "startup"
> > 4. load http://localhost:8443
> >
> > The browser displays 3 strange symbols, and no error message ever
> > appears in the console
> >
> > Help please.
> >
> > Tom
> > mailto:tomcwh@yahoo.com
> >
> >
> >
> >
> > --
> > To unsubscribe, e-mail:
> > <mailto:tomcat-user-unsubscribe@jakarta.apache.org> For additional
> > commands, e-mail: <mailto:tomcat-user-help@jakarta.apache.org>
>
>
>
>
> --
> To unsubscribe, e-mail:
<mailto:tomcat-user-unsubscribe@jakarta.apache.org>
> For additional commands, e-mail:
<mailto:tomcat-user-help@jakarta.apache.org>
>



--
To unsubscribe, e-mail:   <mailto:tomcat-user-unsubscribe@jakarta.apache.org>
For additional commands, e-mail: <mailto:tomcat-user-help@jakarta.apache.org>


Mime
View raw message