tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Mike Grandmaison <java97...@yahoo.com>
Subject Tomcat Native Library Breaks SSL
Date Mon, 28 May 2007 14:18:12 GMT
I am working with

Windows XP
Tomcat 5.5.23


http://tomcat.heanet.ie/native/1.1.10/binaries/win32/


I followed the openssl instructions at 

http://www.galatea.com/flashguides/tomcat-ssl-5-unix

to setup my ssl.  

When I start tomcat and try to connect to localhost:8443 the browser sits there loading for
a long time.  After a couple minutes of waiting the browser stops and says

The connection was interrupted
The connection to 127.0.0.1:8443 was interrupted while the page was loading

I finally removed the tcnative-1.dll from my windows/system32 directory and restarted tomcat.
 The ssl works properly now.

I probably spent a couple days debugging this problem.  Anyone know why the native library
stops ssl from working?  Also I did adjust the debug="0" to debug="5" but didn't receive any
more detailed output.  

My conf/server.xml looks like:

<Connector port="8443" maxHttpHeaderSize="8192"
               maxThreads="150" minSpareThreads="25" maxSpareThreads="75"
               enableLookups="false" disableUploadTimeout="true"
               acceptCount="100" scheme="https" secure="true"
               clientAuth="false" sslProtocol="TLS" keystoreType="PKCS12"
               keystoreFile="mycert.p12" 
               keystorePass="changeit"/>

I tried changing my ssl connector xml to ajp syntax like:

    <Connector port="8443" maxHttpHeaderSize="8192"
               maxThreads="150" minSpareThreads="25" maxSpareThreads="75"
               enableLookups="false" disableUploadTimeout="true"
               acceptCount="100" scheme="https" secure="true"
               SSLEngine="on" 
               SSLCertificateFile="${catalina.base}/conf/localhost.crt"
               SSLCertificateKeyFile="${catalina.base}/conf/localhost.key" />

but I renamed my mycert.pem to localhost.crt and mykey.pem to localhost.key - the files created
from the www.galatea.com instructions - but it resulted in the same browser loading till the
problem loading page message.

Thanks for any advice.  

MG



       
____________________________________________________________________________________Ready
for the edge of your seat? 
Check out tonight's top picks on Yahoo! TV. 
http://tv.yahoo.com/

---------------------------------------------------------------------
To start a new topic, e-mail: users@tomcat.apache.org
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org


Mime
View raw message