tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Becky Phaneuf" <PHAN...@wapa.gov>
Subject Re: Please help!
Date Thu, 13 Feb 2003 21:11:04 GMT

When your client app is connecting via HTTPS to a server the server will pass the client a
certificate that your client should validate.  

Implement the javax.net.ssl.TrustManager class.  Actually, you should implement X509TrustManager.

Then create an SSLContext (using getInstance("SSL")) and initialize it by passing your trust
manager to it's init method (use null as a keymanager and a new java.security.SecureRandom()
object.

Finally you have to tell your HTTPS connection to use the SSLContext you just created:   HttpsURLConnection.setDefaultSSLSocketFactory(<your
SSL Context object>.getSocketFactory());

-B

>>> a.mehta@cs.ucl.ac.uk 02/13/03 11:12AM >>>
Hi,

I am extremely confused with setting up SSL to work with my GUI application. 

So when attempting to connect to the server using a https connection I obtain the error in
the window where tomcat is running:

      at java.lang.Thread.run(Thread.java:484)
[ERROR] PoolTcpEndpoint - -Handshake failed <javax.net.ssl.SSLException: Re
d fatal alert: certificate_unknown>
java.lang.NullPointerException
        at org.apache.tomcat.util.net.TcpWorkerThread.runIt(PoolTcpEndpoint
:512)
        at org.apache.tomcat.util.threads.ThreadPool$ControlRunnable.run(Th
ool.java:533)
        at java.lang.Thread.run(Thread.java:484)
[ERROR] ThreadPool - -Caught exception executing org.apache.tomcat.util.net
orkerThread@4e669e, terminating thread <java.lang.NullPointerException>

and in the submission application window I obtain the error: 

IOException has occurredjavax.net.ssl.SSLException: untrusted server cert chain. 

I have followed all the rules on the html page: 
http://java.sun.com/products/jsse/install.html 

and ALL the instuctions on the tomcat page:

http://localhost:8080/tomcat-docs/ssl-howto.html.

This is the modified server.xml bit:
<!-- Define a SSL Coyote HTTP/1.1 Connector on port 8443, uncommented by Anish Mehta 23/12/2002
-->
    
    <Connector className="org.apache.coyote.tomcat4.CoyoteConnector"
               port="8443" minProcessors="5" maxProcessors="75"
               enableLookups="false"
        acceptCount="10" debug="0" scheme="https" secure="true"
               useURIValidationHack="false">
    
      <Factory className="org.apache.coyote.tomcat4.CoyoteServerSocketFactory"
               clientAuth="false" protocol="TLS" />
     
    </Connector>

I have also performed this action:
%JAVA_HOME%\bin\keytool -genkey -alias tomcat -keyalg RSA

      
       


I am totally confused in what to do, as I have attempted everything. Please can someone help
me as I require this function for my final year project!!!! I will be eternally grateful.

Thanks.

Anish




---------------------------------------------------------------------
To unsubscribe, e-mail: tomcat-user-unsubscribe@jakarta.apache.org
For additional commands, e-mail: tomcat-user-help@jakarta.apache.org


Mime
View raw message