tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Becky Phaneuf" <>
Subject Re: Please help!
Date Thu, 13 Feb 2003 21:11:04 GMT

When your client app is connecting via HTTPS to a server the server will pass the client a
certificate that your client should validate.  

Implement the class.  Actually, you should implement X509TrustManager.

Then create an SSLContext (using getInstance("SSL")) and initialize it by passing your trust
manager to it's init method (use null as a keymanager and a new

Finally you have to tell your HTTPS connection to use the SSLContext you just created:   HttpsURLConnection.setDefaultSSLSocketFactory(<your
SSL Context object>.getSocketFactory());


>>> 02/13/03 11:12AM >>>

I am extremely confused with setting up SSL to work with my GUI application. 

So when attempting to connect to the server using a https connection I obtain the error in
the window where tomcat is running:

[ERROR] PoolTcpEndpoint - -Handshake failed < Re
d fatal alert: certificate_unknown>
        at org.apache.tomcat.util.threads.ThreadPool$
[ERROR] ThreadPool - -Caught exception executing
orkerThread@4e669e, terminating thread <java.lang.NullPointerException>

and in the submission application window I obtain the error: 

IOException has untrusted server cert chain. 

I have followed all the rules on the html page: 

and ALL the instuctions on the tomcat page:


This is the modified server.xml bit:
<!-- Define a SSL Coyote HTTP/1.1 Connector on port 8443, uncommented by Anish Mehta 23/12/2002
    <Connector className="org.apache.coyote.tomcat4.CoyoteConnector"
               port="8443" minProcessors="5" maxProcessors="75"
        acceptCount="10" debug="0" scheme="https" secure="true"
      <Factory className="org.apache.coyote.tomcat4.CoyoteServerSocketFactory"
               clientAuth="false" protocol="TLS" />

I have also performed this action:
%JAVA_HOME%\bin\keytool -genkey -alias tomcat -keyalg RSA


I am totally confused in what to do, as I have attempted everything. Please can someone help
me as I require this function for my final year project!!!! I will be eternally grateful.



To unsubscribe, e-mail:
For additional commands, e-mail:

View raw message