tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From annlee <ann....@manchester.ac.uk>
Subject Re: Error while converting tomcat container from http to https
Date Mon, 11 Sep 2006 11:15:04 GMT

Hi Keyur,

I've just tried this out and it works. You should add the
SSLImplementation="org.apache.tomcat.util.net.jsse.JSSEImplementation"  in
Connector tag in server.xml file that resides under $CATALINA_HOME/conf
directory. So, it should look like this in server.xml

<Connector  keystoreFile="/path/to/keystore" keystorePass="keystorepassword"
                port="8443" maxHttpHeaderSize="8192"
                maxThreads="150" minSpareThreads="25" maxSpareThreads="75"
                enableLookups="true" disableUploadTimeout="true"
                acceptCount="100" scheme="https" secure="true"
                clientAuth="false" sslProtocol="TLS"
               
SSLImplementation="org.apache.tomcat.util.net.jsse.JSSEImplementation"/>

Change the keystoreFile and keystorePass accordingly.
Hope this help.

Ann



Keyu Sheth wrote:
> 
> Hi Bill,
>    
>            Where should I put the sslimplementation tag in the Connector
> tag. Because in the tomcat documentation for SSL this type of tag is not
> there. So can you please elaborate on this. And also give me the correct
> syntax for ssLImplementation.
>    
>   Keyur
> 
> Bill Barker <wbarker@wilshire.com> wrote:
>   PureTLS doesn't use the standard Java keystore format. Consult the
> PureTLS 
> docs for the correct format. Alternatively, specify 
> sSLImplementation="org.apache.tomcat.util.net.jsse.JSSEImplementation" on 
> the element to use JSSE instead of PureTLS.
> 
> "keyur sheth" wrote in message 
> news:20060907022345.85536.qmail@web32709.mail.mud.yahoo.com...
>> Hi everybody,
>>
>> I am trying to make the tomcat container secure by 
>> converting it from http to https. I am using the documentation on the 
>> following website.
>> http://tomcat.apache.org/tomcat-5.0-doc/ssl-howto.html
>>
>> I had implemented this before by creating the 
>> self-signed certificate and it worked. But for converting it to make it 
>> trusted I deleted all the files like the .keystore file and created the 
>> new .keystore and followed the steps in documentation.
>>
>> I am implementing the part in which you send the CSR 
>> to the CA for gettting the trusted certificate. So I sent the CSR and got 
>> the three certificates from the trusted authority. The root certificate, 
>> chain certificate and the signed certificate. I imported all the 
>> certificate files one by one following the sequence root, chain and
>> signed 
>> certificate.
>>
>> But now there is some error by which I am not able to 
>> see the page when I write the URL with 
>> https://xxxx.xxx.xxx:8443/gridsphere. But if I give 
>> http://xxxx.xxx.xxx:8080/ tomcat is starting and also also 
>> http://xxxx.xxx.xxx:8080/gridsphere the gridsphere application is 
>> starting. I shutdown the tomcat and also restarted the tomcat by making 
>> all these changes. But still it didn't showed up. The error shown is as 
>> follows:-
>>
>> Sep 2, 2006 1:39:14 PM org.apache.coyote.http11.Http11BaseProtocol start
>> SEVERE: Error starting endpoint
>> java.io.IOException: Couldn't find private key in this file
>> at 
>> org.apache.tomcat.util.net.puretls.PureTLSSocketFactory.init(PureTLSSocketFactory.java:149)
>> at 
>> org.apache.tomcat.util.net.puretls.PureTLSSocketFactory.createSocket(PureTLSSocketFactory.java:69)
>> at 
>> org.apache.tomcat.util.net.PoolTcpEndpoint.initEndpoint(PoolTcpEndpoint.java:292)
>> at 
>> org.apache.tomcat.util.net.PoolTcpEndpoint.startEndpoint(PoolTcpEndpoint.java:312)
>> at 
>> org.apache.coyote.http11.Http11BaseProtocol.start(Http11BaseProtocol.java:149)
>> at 
>> org.apache.coyote.http11.Http11Protocol.start(Http11Protocol.java:95)
>> at 
>> org.apache.catalina.connector.Connector.start(Connector.java:1089)
>> at 
>> org.apache.catalina.core.StandardService.start(StandardService.java:459)
>> at 
>> org.apache.catalina.core.StandardServer.start(StandardServer.java:680)
>> at org.apache.catalina.startup.Catalina.start(Catalina.java:536)
>> at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
>> at 
>> sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
>> at 
>> sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
>> at java.lang.reflect.Method.invoke(Method.java:585)
>> at org.apache.catalina.startup.Bootstrap.start(Bootstrap.java:275)
>> at org.apache.catalina.startup.Bootstrap.main(Bootstrap.java:413)
>> Sep 2, 2006 1:39:14 PM org.apache.catalina.startup.Catalina start
>> SEVERE: Catalina.start:
>> LifecycleException: Protocol handler start failed: java.io.IOException: 
>> Couldn't find private key in this file
>> at 
>> org.apache.catalina.connector.Connector.start(Connector.java:1091)
>> at 
>> org.apache.catalina.core.StandardService.start(StandardService.java:459)
>> at 
>> org.apache.catalina.core.StandardServer.start(StandardServer.java:680)
>> at org.apache.catalina.startup.Catalina.start(Catalina.java:536)
>> at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
>> at 
>> sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
>> at 
>> sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
>> at java.lang.reflect.Method.invoke(Method.java:585)
>> at org.apache.catalina.startup.Bootstrap.start(Bootstrap.java:275)
>> at org.apache.catalina.startup.Bootstrap.main(Bootstrap.java:413)
>>
>>
>> Can somebody tell me what mistake I am doing. Have anybody 
>> faced the same problem before.
>>
>> Thanking you,
>> Keyur
>>
>>
>>
>>
>>
>>
>> ---------------------------------
>> All-new Yahoo! Mail - Fire up a more powerful email and get things done 
>> faster. 
> 
> 
> 
> 
> ---------------------------------------------------------------------
> To start a new topic, e-mail: users@tomcat.apache.org
> To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
> For additional commands, e-mail: users-help@tomcat.apache.org
> 
> 
> 
>  		
> ---------------------------------
> How low will we go? Check out Yahoo! Messenger’s low  PC-to-Phone call
> rates.
> 

-- 
View this message in context: http://www.nabble.com/Error-while-converting-tomcat-container-from-http-to-https-tf2230735.html#a6244765
Sent from the Tomcat - User forum at Nabble.com.


---------------------------------------------------------------------
To start a new topic, e-mail: users@tomcat.apache.org
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org


Mime
View raw message