tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Jason Palmatier <cobrac...@yahoo.com>
Subject Re: Tomcat with SSL
Date Thu, 22 Apr 2004 16:39:10 GMT
It looks like you are using WebSphere and may be
getting tangled up in IBM's version of Sun's JSSE.  I
ran into a similar problem on an IBM iSeries server
and posted my eventual soultion here:

http://www-106.ibm.com/developerworks/forums/dw_thread.jsp?forum=178&thread=26188&message=2377519&cat=10&q=%22IBM+JSSE%22+%2B%22iSeries%22#2377519

(Let me know if the link doesn't work)

If you are not on the iSeries then the important point
of the initial part about the provider is to have the
IBM provider com.ibm.jsse.IBMJSSEProvider in front of
Sun's provider.  The rest should apply without any
change.  Note the inclusion of algorithm="IbmX509" in
the server.xml HTTPS connector tag.  It's case
sensitive which can be tricky.  I hope this helps!

Jason    

--- "Hiemer, Bernhard" <Hiemer@mayr.de> wrote:
> 
> 
> Thanks for your reply!
> 
> I configured my server.xml like this:
>     <Connector
>
className="org.apache.coyote.tomcat4.CoyoteConnector"
>                port="8443" minProcessors="5"
> maxProcessors="75"
>                enableLookups="true"
> 	       acceptCount="10" debug="0" scheme="https"
> secure="true"
>                useURIValidationHack="false">
>       <Factory
>
className="org.apache.coyote.tomcat4.CoyoteServerSocketFactory"
>                clientAuth="false" protocol="TLS" 
>               
> keystoreFile="C:\Programme\IBM\WebSphere
> Studio\Application
>
Developer\v5.1\runtimes\base_v5\java\jre\lib\security\test"
> 
>                keystorePass="changeit" />
>     </Connector>
> 
> But there are the same effects ...
> 
> 
> 
> 
> 
> 
> -----Ursprüngliche Nachricht-----
> Von: Bill Barker [mailto:wbarker@wilshire.com]
> Gesendet: Donnerstag, 22. April 2004 08:38
> An: tomcat-user@jakarta.apache.org
> Betreff: Re: Tomcat with SSL
> 
> 
> I believe that you can't use IBM's JSSE with the
> HttpConnector.  You have to
> use the CoyoteConnector.
> 
> "Hiemer, Bernhard" <Hiemer@mayr.de> wrote in message
>
news:83611C6D0BACD411B83C00B0D021B5F5016532B8@exchange.chrmayr.lan...
> 
> Hi Tomcat-Users,
> 
> I found out, that my problem depends on the
> configuration of the security
> providers in the java.security file.
> (On my machine is installed jsse from IBM and Sun).
> 
> If the configuration is
> security.provider.1=sun.security.provider.Sun
> security.provider.2=com.ibm.jsse.JSSEProvider
>
security.provider.3=com.sun.net.ssl.internal.ssl.Provider
> 
> I get the following Exception
> Catalina.start: LifecycleException:  null.open:
> java.security.NoSuchAlgorithmException: Class
> com.ibm.jsse.ba configured for
> SSLContext not a SSLContext
> at com.sun.net.ssl.SunJSSE_b.a(DashoA6275)
> at
> com.sun.net.ssl.SSLContext.getInstance(DashoA6275)
> at
>
org.apache.catalina.net.SSLServerSocketFactory.initProxy(SSLServerSocContext
> not a SSLContext
> at com.sun.net.ssl.SunJSSE_b.a(DashoA6275)
> at
> com.sun.net.ssl.SSLContext.getInstance(DashoA6275)
> ...
> 
> 
> In the other case, when the configuration-file looks
> like
> security.provider.1=sun.security.provider.Sun
>
security.provider.2=com.sun.net.ssl.internal.ssl.Provider
> security.provider.3=com.ibm.jsse.JSSEProvider
> 
> this error message occurs:
> java.lang.reflect.InvocationTargetException:
> java.lang.OutOfMemoryError
> 
> 
> 
> 
> The relevant part of the server.xml file is:
> <Connector
>
className="org.apache.catalina.connector.http.HttpConnector"
>                port="8443" minProcessors="5"
> maxProcessors="75"
>                enableLookups="true"
>        acceptCount="10" debug="0" scheme="https"
> secure="true"
>                useURIValidationHack="false">
>       <Factory
>
className="org.apache.catalina.net.SSLServerSocketFactory"
>                clientAuth="false" protocol="TLS"
>               
> keystoreFile="C:\Programme\IBM\WebSphere
> Studio\Application
>
Developer\v5.1\runtimes\base_v5\java\jre\lib\security\test"
>                keystorePass="changeit" />
>     </Connector>
> 
> 
> 
> In the first case it looks like the two different
> jsse implementations cause
> the problem. But how to configure it right?
> 
> Can anyone give me any suggestions?
> 
> Thanks
> Bernhard
> 
> 
> 
> 
> 
> 
> -----Ursprüngliche Nachricht-----
> Von: Hiemer, Bernhard
> Gesendet: Freitag, 16. April 2004 08:00
> An: 'tomcat-user@jakarta.apache.org'
> Betreff: Tomcat with SSL
> 
> 
> Hi at all!
> 
> I´m trying to configure my Tomcat-Standalone for
> SSL-Support. I use Win XP,
> JRE 1.3.1 and JSSE 1.0.3_02.
> The Tomcat-Versions I tried are 4.1.30 and 5.0.19.
> 
> I worked along the HOW-TO on the Jakarta-Website:
>
http://jakarta.apache.org/tomcat/tomcat-4.1-doc/ssl-howto.html
> 
> BUT I receive the following error on startup of
> Tomcat:
> java.lang.reflect.InvocationTargetException:
> java.lang.OutOfMemoryError
> 
> I have already tried the Options -Xmx512m -Xms128m
> to give the VM more
> memory.
> 
> What´s to do now?
> Thanks in advance for each little help!
> Bernhard
> 
> 
> 
> 
>
---------------------------------------------------------------------
> To unsubscribe, e-mail:
> tomcat-user-unsubscribe@jakarta.apache.org
> For additional commands, e-mail:
> tomcat-user-help@jakarta.apache.org
> 



	
		
__________________________________
Do you Yahoo!?
Yahoo! Photos: High-quality 4x6 digital prints for 25˘
http://photos.yahoo.com/ph/print_splash

---------------------------------------------------------------------
To unsubscribe, e-mail: tomcat-user-unsubscribe@jakarta.apache.org
For additional commands, e-mail: tomcat-user-help@jakarta.apache.org


Mime
View raw message