tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Mohammad Musleh" <mmos...@mum.edu>
Subject RE: MM:Tomcat with SSL
Date Tue, 13 Jan 2004 20:45:38 GMT
Will install Tomcat 4.0.16 and follow the steps you told me, and will see
how things will go

Thanks any ways

Mohammad Musleh
Software Architect and Developer
Computer Science Dept., MUM
Fairfield, IA 52557 USA
Phone: (641) 472 7000 x 4326


-----Original Message-----
From: Keshav Sarin [mailto:KSarin@net-deposit.com]
Sent: Tuesday, January 13, 2004 2:31 PM
To: tomcat-user@jakarta.apache.org
Subject: RE: MM:Tomcat with SSL


I have implemented SSL with 4.1.27 and 5.0.16 using JDK 1.4.2 on
Windows. I have test with both the keystore and certificates that come
with the JRE. You can try using the JRE certificate & see if that works.
You will need to use the keytool utility that comes with JDK to use the
cacerts. Delete the old .keystore file before using cacert.

for 4.x,

    <Connector
className="org.apache.catalina.connector.http.HttpConnector" port="443"
minProcessors="5" maxProcessors="75" enableLookups="true"
acceptCount="10" debug="0" scheme="https" secure="true">
      <Factory
className="org.apache.catalina.net.SSLServerSocketFactory"
clientAuth="false" protocol="TLS"
keystoreFile="YOUR_JAVA_HOME_DIR/jre/lib/security/cacerts"
keystorePass="changeit"/>
    </Connector>


>>> mmosleh@mum.edu 01/13/04 01:19PM >>>
I have changed '\' to '/' in the server.xml file and specified the
keystorepass="changeit", but still getting the same error, which is

SEVERE: Error initializing endpoint
java.io.IOException: Cannot recover key
...



Mohammad Musleh
Software Architect and Developer
Computer Science Dept., MUM
Fairfield, IA 52557 USA
Phone: (641) 472 7000 x 4326


-----Original Message-----
From: Keshav Sarin [mailto:KSarin@net-deposit.com]
Sent: Tuesday, January 13, 2004 2:10 PM
To: tomcat-user@jakarta.apache.org
Subject: RE: MM:Tomcat with SSL


Try changing the '\' to '/' and specify the keystore password.
something
like

<Factory
className="org.apache.coyote.tomcat4.CoyoteServerSocketFactory"
               clientAuth="true" protocol="TLS"
keystoreFile="C:/Documents and Settings/Administrator/.keystore"
keypass="changeit" />


>>> mmosleh@mum.edu 01/13/04 11:14AM >>>
I copied jsse.jar to %tomcat_home%\common\lib, and when I restarted
Tomcat I
got this error

SEVERE: Error initializing endpoint
java.io.IOException: Cannot recover key
	at
org.apache.tomcat.util.net.jsse.JSSESocketFactory.initProxy(JSSESocketFactor
y.java:231)
	at
org.apache.tomcat.util.net.jsse.JSSESocketFactory.createSocket(JSSESocketFac
tory.java:127)
	at
org.apache.tomcat.util.net.PoolTcpEndpoint.initEndpoint(PoolTcpEndpoint.java
:275)
	at
org.apache.coyote.http11.Http11Protocol.init(Http11Protocol.java:150)

I changed the uncommented code within server.xml to point to the
keystore
file using keystoreFile, but still getting the same error above.

keystore file comes by default as .keystore file, I put it in the
keystoreFile parameter as is with "." and without "." after I renamed
it,
but it didn't work.

this is the new changes in the uncommented portion
    <Connector className="org.apache.coyote.tomcat4.CoyoteConnector"
               port="8443" minProcessors="5" maxProcessors="75"
               enableLookups="true"
	       acceptCount="100" debug="0" scheme="https" secure="true"
               useURIValidationHack="false"
disableUploadTimeout="true">
      <Factory
className="org.apache.coyote.tomcat4.CoyoteServerSocketFactory"
               clientAuth="false" protocol="TLS" keystoreFile =
"d:\Tomcat
4.1\conf\keystore"/>
    </Connector>


Mohammad Musleh
Software Architect and Developer
Computer Science Dept., MUM
Fairfield, IA 52557 USA
Phone: (641) 472 7000 x 4326


-----Original Message-----
From: Keshav Sarin [mailto:KSarin@net-deposit.com]
Sent: Tuesday, January 13, 2004 11:53 AM
To: tomcat-user@jakarta.apache.org
Subject: RE: MM:Tomcat with SSL


Try copying jsse.jar to the %tomcat_home%\common\lib folder. May be
the
jsse.jar is not seen by tomcat.

>>> mmosleh@mum.edu 01/13/04 10:31AM >>>

I'm using Tomcat 4.1, J2SDK 1.4.2 and Windows Environment.

Mohammad Musleh
Software Architect and Developer
Computer Science Dept., MUM
Fairfield, IA 52557 USA
Phone: (641) 472 7000 x 4326


-----Original Message-----
From: Keshav Sarin [mailto:KSarin@net-deposit.com]
Sent: Tuesday, January 13, 2004 11:18 AM
To: tomcat-user@jakarta.apache.org
Subject: RE: MM:Tomcat with SSL


What version of Tomcat are you using?

>>> mmosleh@mum.edu 01/13/04 09:37AM >>>
Hi;

Yes, when I generated .keystore file it asked me about a password and
I
used
"changeit" password.

this is the portion that I uncommented within server.xml file

    <Connector className="org.apache.coyote.tomcat4.CoyoteConnector"
               port="8443" minProcessors="5" maxProcessors="75"
               enableLookups="true"
	       acceptCount="100" debug="0" scheme="https" secure="true"
               useURIValidationHack="false"
disableUploadTimeout="true">
      <Factory
className="org.apache.coyote.tomcat4.CoyoteServerSocketFactory"
               clientAuth="false" protocol="TLS" />
    </Connector>

Thanks

Mohammad Musleh
Software Architect and Developer
Computer Science Dept., MUM
Fairfield, IA 52557 USA
Phone: (641) 472 7000 x 4326


-----Original Message-----
From: Keshav Sarin [mailto:KSarin@net-deposit.com]
Sent: Tuesday, January 13, 2004 10:27 AM
To: tomcat-user@jakarta.apache.org
Subject: RE: MM:Tomcat with SSL


I assume you have used the default password. Also, can you send the
"SSL
HTTP/1.1 Connector" element from the server.xml?

>>> mmosleh@mum.edu 01/13/04 09:17AM >>>
Hi;

.keystore file is in the default folder where Tomcat suppose to
access.
I
mean Tomcat knows the location of .keystore file, and it starts by the
same
user. I'm doing all of this stuff on my own PC.

Thanks
Mohammad Musleh
Software Architect and Developer
Computer Science Dept., MUM
Fairfield, IA 52557 USA
Phone: (641) 472 7000 x 4326


-----Original Message-----
From: Keshav Sarin [mailto:KSarin@net-deposit.com]
Sent: Tuesday, January 13, 2004 10:08 AM
To: tomcat-user@jakarta.apache.org
Subject: Re: MM:Tomcat with SSL


Look for a .keystore file under the home directory of the user that
generated the key. Make sure Tomcat is started by the same user.

>>> mmosleh@mum.edu 01/13/04 09:01AM >>>
GlacierDear guys;

- I have Java 2 SDK 1.4.2 that come with JSSE
- Apache Tomcat version 4.1
- I'm using Windows environment

I'm having a problem when I configured Tomcat with SSL, I followed HOW
TO
steps in Apache web site like this

1. have generated the key using this command
%JAVA_HOME%\bin\keytool -genkey -alias tomcat -keyalg RSA

2. Uncommented the "SSL HTTP/1.1 Connector" in server.xml

3. Restarted Tomcat

But I got the following problem
Jan 13, 2004 9:56:44 AM org.apache.coyote.http11.Http11Protocol init
SEVERE: Error initializing socket factory
java.lang.ClassNotFoundException: Can't find any SSL implementation
at
org.apache.tomcat.util.net.SSLImplementation.getInstance(SSLImplementation.j
ava:97)
at
org.apache.tomcat.util.net.SSLImplementation.getInstance(SSLImplementation.j
ava:103)
....

I searched for SSLImplementation class and I found it in a jar file,
and
that jar file is in the class path.

Any answers or suggestion why I'm getting this error and how to solve
it???


Thanks
Mohammad Musleh
Software Architect and Developer
Computer Science Dept, MUM
Fairfield, IA 52557 USA
Phone: (641) 472 7000 x 4326



---------------------------------------------------------------------
To unsubscribe, e-mail: tomcat-user-unsubscribe@jakarta.apache.org
For additional commands, e-mail: tomcat-user-help@jakarta.apache.org



---------------------------------------------------------------------
To unsubscribe, e-mail: tomcat-user-unsubscribe@jakarta.apache.org
For additional commands, e-mail: tomcat-user-help@jakarta.apache.org




---------------------------------------------------------------------
To unsubscribe, e-mail: tomcat-user-unsubscribe@jakarta.apache.org
For additional commands, e-mail: tomcat-user-help@jakarta.apache.org



---------------------------------------------------------------------
To unsubscribe, e-mail: tomcat-user-unsubscribe@jakarta.apache.org
For additional commands, e-mail: tomcat-user-help@jakarta.apache.org




---------------------------------------------------------------------
To unsubscribe, e-mail: tomcat-user-unsubscribe@jakarta.apache.org
For additional commands, e-mail: tomcat-user-help@jakarta.apache.org



---------------------------------------------------------------------
To unsubscribe, e-mail: tomcat-user-unsubscribe@jakarta.apache.org
For additional commands, e-mail: tomcat-user-help@jakarta.apache.org




---------------------------------------------------------------------
To unsubscribe, e-mail: tomcat-user-unsubscribe@jakarta.apache.org
For additional commands, e-mail: tomcat-user-help@jakarta.apache.org



---------------------------------------------------------------------
To unsubscribe, e-mail: tomcat-user-unsubscribe@jakarta.apache.org
For additional commands, e-mail: tomcat-user-help@jakarta.apache.org




---------------------------------------------------------------------
To unsubscribe, e-mail: tomcat-user-unsubscribe@jakarta.apache.org
For additional commands, e-mail: tomcat-user-help@jakarta.apache.org



---------------------------------------------------------------------
To unsubscribe, e-mail: tomcat-user-unsubscribe@jakarta.apache.org
For additional commands, e-mail: tomcat-user-help@jakarta.apache.org




---------------------------------------------------------------------
To unsubscribe, e-mail: tomcat-user-unsubscribe@jakarta.apache.org
For additional commands, e-mail: tomcat-user-help@jakarta.apache.org



---------------------------------------------------------------------
To unsubscribe, e-mail: tomcat-user-unsubscribe@jakarta.apache.org
For additional commands, e-mail: tomcat-user-help@jakarta.apache.org


Mime
View raw message