tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Stefan <>
Subject Re: Please Help: Tomcat 5.5.17 SSL Help
Date Fri, 23 Feb 2007 12:53:15 GMT
Blake Smith schrieb:
> Hi,
> I am running a Red Hat Enterprise 4 Linux Server.  I have Tomcat installed
> under port 8080.  I have setup "iptables" to redirect all request for port
> 80 to 8080.  I also have Java JDK 1.5.0_10 installed.  The $CATALINA_HOME
> and $JAVA_HOME variables have been set inside /etc/profile.   Tomcat runs in
> normal mode, and everything is working excellent.  The only issue I am
> having is getting Tomcat to server HTTPS.  I have followed the tutorial on
> how to use "keytool" and successfully generated an private key, certificate,
> and then had the certificate signed by Verisign.  I then import the signed
> certificate with keytool.  I have uncommented the section within server.xml
> and pointed it to the location of the keystore, and it's password.  I even
> changed the port from 8443 to 443 and the corresponding forwarding value for
> 8080.  By the way Apache HTTP Server is not running on this machine.
> My iptables are setup to allow 80, 8080, and 443.  Yet I can't get Tomcat to
> use SSL.  If anyone can please provided me with directions for getting
> tomcat to server SSL I would be most thankful.  Tomcat is running
> standalone.
> Im not sure if there is anything special I need to do with JSSE???
> Everything I can find states it as a requirement but since I am using JDK
> 1.5.0_10, it should already be included if my understanding is correct.  Is
> there anything special which needs to be done to use it in my version?
> Thanks in advance,
> Blake Smith
I'm not familiar with ssl issues and tomcat but see the posting from 
Steffen Heil, dated 22.2. "RE: Get rid of 8080 port in Tomcat 3.3". He 
wrote about redirecting port 80 to 8080 with iptables:

"2. The IP tables solution
You webapplication will not know about the different port and encode urls
incorrecly. Bad Idea and impossible if SSL is required."

I would disable the redirect rules checking if ssl works with the 
standard configuration on 8443.

Hope this helps


Stefan Riegel

To start a new topic, e-mail:
To unsubscribe, e-mail:
For additional commands, e-mail:

View raw message