tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Kleber" <kvie...@f2b.com.br>
Subject Re: peer not authenticated
Date Fri, 19 Sep 2003 18:56:36 GMT
Hi,

Thanks again for your attention, and help...

I'm with a doubt. You said that there was nothing wrong, however the warning
message always appears. Won't this leave the webpage slower with lots of
person accessing it?
Is there any way to avoid this message appearing?
I can´t leave this messages appears.

[]'s
Kleber


----- Original Message ----- 
From: "Bill Barker" <wbarker@wilshire.com>
To: <tomcat-user@jakarta.apache.org>
Sent: Friday, September 19, 2003 1:25 AM
Subject: Re: peer not authenticated


> It looks like I fixed it after 4.1.27.  The message you are seeing is
simply
> a debugging message that got left in the code.  It doesn't mean that there
> is anything wrong with your keystore, or even that anything unusual is
> happening.  All that it is saying is the the browser didn't send a
> certificate (which is normal when you have clientAuth="false").
>
> "Kleber" <kvieira@f2b.com.br> wrote in message
> news:01bf01c37df4$98b1fec0$a500a8c0@kleber...
> > Hi Bill,
> >
> > For a test, I created a new keystore file that use the keytool from
java:
> > %JAVA_HOME%\bin\keytool -genkey -alias tomcat -keyalg RSA
> > the password is: "kleber"
> >
> > My server.xml file is like this:
> >     <Connector className="org.apache.coyote.tomcat4.CoyoteConnector"
> > redirectPort="443" bufferSize="2048"
> >         serverSocketTimeout="0" connectionUploadTimeout="300000"
> port="443"
> > connectionTimeout="60000"
> >         scheme="https" enableLookups="true" secure="true"
> > protocolHandlerClassName="org.apache.coyote.http11.Http11Protocol"
> >         debug="0" maxKeepAliveRequests="100" disableUploadTimeout="true"
> > proxyPort="0"
> >         maxProcessors="75" minProcessors="5" tcpNoDelay="true"
> > acceptCount="100"
> >         useURIValidationHack="false" compression="off"
> > connectionLinger="-1">
> >         <Factory
> > className="org.apache.coyote.tomcat4.CoyoteServerSocketFactory"
> >                 rootFile="C:\WINDOWS\root.pem" keystoreType="JKS"
> >                 keystorePass="kleber" clientAuth="false"
> >                 randomFile="C:\WINDOWS\random.pem"
> >                 keystoreFile="c:\Tomcat\keystore\.keystore"
> protocol="TLS"/>
> >     </Connector>
> >
> > As I ever had said, the page with https:// load normally at the browser,
> > however at DOS windows appears this error:
> >
> > [WARN] Http11Processor - -Exception getting SSL attributes
> > <javax.net.ssl.SSLPeerUnverifiedException: peer not
> > authenticated>javax.net.ssl.SSLPeerUnverifiedException: peer not
> > authenticated
> >         at
> >
>
com.sun.net.ssl.internal.ssl.SSLSessionImpl.getPeerCertificateChain(DashoA62
> > 75)
> >         at
> >
>
org.apache.tomcat.util.net.jsse.JSSESupport.getX509Certificates(JSSESupport.
> > java:113)
> >         at
> >
>
org.apache.tomcat.util.net.jsse.JSSESupport.getPeerCertificateChain(JSSESupp
> > ort.java:161)
> >         at
> >
org.apache.coyote.http11.Http11Processor.action(Http11Processor.java:748)
> >         at org.apache.coyote.Response.action(Response.java:222)
> >         at
> >
>
org.apache.coyote.tomcat4.CoyoteAdapter.postParseRequest(CoyoteAdapter.java:
> > 321)
> >         at
> > org.apache.coyote.tomcat4.CoyoteAdapter.service(CoyoteAdapter.java:221)
> >         at
> >
org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:601)
> >         at
> >
>
org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.processConne
> > ction(Http11Protocol.java:392)
> >         at
> >
org.apache.tomcat.util.net.TcpWorkerThread.runIt(PoolTcpEndpoint.java:565)
> >         at
> >
>
org.apache.tomcat.util.threads.ThreadPool$ControlRunnable.run(ThreadPool.jav
> > a:619)
> >         at java.lang.Thread.run(Thread.java:484)
> >
> > I'm also attaching my keystore file
> >
> > I´m thankful for your attention...
> > Kleber
> >
> > ----- Original Message ----- 
> > From: "Bill Barker" <wbarker@wilshire.com>
> > To: <tomcat-user@jakarta.apache.org>
> > Sent: Thursday, September 18, 2003 12:03 AM
> > Subject: Re: peer not authenticated
> >
> >
> > > That message is supposed to be only logged at 'debug' level.  Could
you
> > post
> > > more of the stack trace, so I can see how to plug this message under
> > normal
> > > use?
> > >
> > > The error itself is harmless (it's just telling you that the user
didn't
> > > send a client cert, which is normal).
> > >
> > > "Kleber" <kvieira@f2b.com.br> wrote in message
> > > news:005801c37d56$76681d20$a500a8c0@kleber...
> > > Hi,
> > >
> > > My name is Kleber, I am brazilian and I have a problem with Tomcat
> > > certificates(if someone could help me, I would be grateful).
> > > I was trying to place Tomcat certificate 4.1.27, however I've  just
had
> a
> > > certificate, because nowadays I'm using Orion server.
> > > I have one file called keystore and another '.cer'.
> > >
> > > I had created a HTTP connection using port 443 and I have used the
path
> > from
> > > the keystore file. Till this point, everything was working well, the
> > Tomcat
> > > was starting normally. When I open a website that use a 'secure
> > encryption',
> > > it is loaded normally, however, a error message apears on DOS:
> > > javax.net.ssl.SSLPeerUnverifiedException: peer not authenticated
> > >
> > > I had created an keystore file from the beginning, even so the same
> > message
> > > error has apeared. I also have tried to import, without sucess, the
> > content
> > > from my .cer file to an empty keystore file.
> > >
> > > Where was I messing up?
> > >
> > > Since now I´m thankful for your help and I´m waiting for an aswer.
> > > []´s
> > > Kleber
> > >
> > >
> > >
> > >
> > > ---------------------------------------------------------------------
> > > To unsubscribe, e-mail: tomcat-user-unsubscribe@jakarta.apache.org
> > > For additional commands, e-mail: tomcat-user-help@jakarta.apache.org
> > >
> > >
> >
> >
>
>
> --------------------------------------------------------------------------
--
> ----
>
>
> > ---------------------------------------------------------------------
> > To unsubscribe, e-mail: tomcat-user-unsubscribe@jakarta.apache.org
> > For additional commands, e-mail: tomcat-user-help@jakarta.apache.org
>
>
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: tomcat-user-unsubscribe@jakarta.apache.org
> For additional commands, e-mail: tomcat-user-help@jakarta.apache.org
>
>


Mime
View raw message