tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "KUMAR,PANKAJ (HP-Cupertino,ex1)" <pankaj_ku...@hp.com>
Subject FW: HTTPS access with Tomcat 4.1.18
Date Wed, 15 Jan 2003 16:52:29 GMT
Hi,

I was finally able to track down the problem that prevented IE6.0 to work
with my tomcat setup.

I had not specified "-keyalg rsa" in my keytool invocation to generate the
server certificate. SO by default, it was taking dsa as key algorithm. That
seemed to create problem for IE6.0. Strangely, that is not a problem for
wget or a Java client.

/Pankaj.

>  -----Original Message-----
> From: 	KUMAR,PANKAJ (HP-Cupertino,ex1)  
> Sent:	Monday, January 13, 2003 9:32 AM
> To:	'tomcat-user@jakarta.apache.org'
> Subject:	FW: HTTPS access with Tomcat 4.1.18
> 
> Just wanted to add something to my earlier post:
> 
> The Tomcat setup with SSL works on my other machine with 
> IE6.0. The only difference I can see is that the "misbehaving 
> machine" has "autoupdate of security patches from Microsoft" on.
> 
> /Pankaj.
> 
> >  -----Original Message-----
> > From: 	KUMAR,PANKAJ (HP-Cupertino,ex1)  
> > Sent:	Monday, January 13, 2003 12:19 AM
> > To:	tomcat-user@jakarta.apache.org
> > Subject:	HTTPS access with Tomcat 4.1.18
> > 
> > Hi,
> > 
> > I am having problem with HTTPS setup of Tomcat 4.1.18. I am 
> > using Sun's J2SDK 1.4.1_01 on a Windows 2000 machine.
> > 
> > I have uncommented the SSL connector in server.xml and have 
> > set attributes keystoreFile and keystorePass appropriately.
> > 
> > I can even access a resource with HTTPS url using wget 
> > utility of Cygwin. I can also access it with a Java program 
> > using HttpsURLConnection.
> > 
> > However, I am not able to access the same URL using IE6.0 or 
> > Netscape 7.0. I put a proxy between the browser and the 
> > Tomcat, and found that IE6.0 abruptly terminates connection 
> > after getting ServerHelloDone (part of SSL handshake). In 
> > case of Netscape 7.0, the SSL handshake fails after 
> > ClientHello itself because it doesn't find a common ciphersuite.
> > 
> > I realize that the problem is probably with JSSE of JDK and 
> > not with Tomcat.
> > 
> > My question is: has any of you encountered this problem?
> > 
> > /Pankaj.

--
To unsubscribe, e-mail:   <mailto:tomcat-user-unsubscribe@jakarta.apache.org>
For additional commands, e-mail: <mailto:tomcat-user-help@jakarta.apache.org>


Mime
View raw message