tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Suresh Kumar J <suresh.kuma...@gmail.com>
Subject Re: How to make to Apache-Tomcat 6.0.13 to support all of SSLv2/SSLv3 and TLS protocols
Date Wed, 03 Sep 2008 06:20:01 GMT
Haven't yet tried with Sun JRE.

When I try setting the sslProtocol="ALL" in server.xml, the tomcat 
error'd out the following in catalina.out:
----------------------------------------------------
SEVERE: Error starting endpoint
Throwable occurred: java.io.IOException: SSLContext ALL implementation 
not found
         at 
org.apache.tomcat.util.net.jsse.JSSESocketFactory.init(JSSESocketFactory.java:394)
         at 
org.apache.tomcat.util.net.jsse.JSSESocketFactory.createSocket(JSSESocketFactory.java:125)
         at 
org.apache.tomcat.util.net.JIoEndpoint.init(JIoEndpoint.java:496)
         at 
org.apache.tomcat.util.net.JIoEndpoint.start(JIoEndpoint.java:515)
         at 
org.apache.coyote.http11.Http11Protocol.start(Http11Protocol.java:204)
         at 
org.apache.catalina.connector.Connector.start(Connector.java:1132)
         at 
org.apache.catalina.core.StandardService.start(StandardService.java:531)
         at 
org.apache.catalina.core.StandardServer.start(StandardServer.java:710)
         at org.apache.catalina.startup.Catalina.start(Catalina.java:566)
         at java.lang.reflect.VMReflection.invokeMethod(VMReflection.java)
         at java.lang.reflect.Method.invoke(Method.java:317)
         at org.apache.catalina.startup.Bootstrap.start(Bootstrap.java:288)
         at org.apache.catalina.startup.Bootstrap.main(Bootstrap.java:413)
Sep 2, 2008 11:17:49 PM org.apache.catalina.startup.Catalina start
SEVERE: Catalina.start:
Throwable occurred: LifecycleException:  service.getName(): "Catalina";  
Protocol handler start failed: java.io.IOException: SSLContext ALL 
implementation not found
         at 
org.apache.catalina.connector.Connector.start(Connector.java:1139)
         at 
org.apache.catalina.core.StandardService.start(StandardService.java:531)
         at 
org.apache.catalina.core.StandardServer.start(StandardServer.java:710)
         at org.apache.catalina.startup.Catalina.start(Catalina.java:566)
         at java.lang.reflect.VMReflection.invokeMethod(VMReflection.java)
         at java.lang.reflect.Method.invoke(Method.java:317)
         at org.apache.catalina.startup.Bootstrap.start(Bootstrap.java:288)
         at org.apache.catalina.startup.Bootstrap.main(Bootstrap.java:413)
----------------------------------------------------

Am runing Harmony JRE in this case. Is this error related to Harmony JRE 
or Tomcat?.

Thanks,
Suresh

Gregor Schneider wrote:
> Suresh,
>
> I guess no one is having the same problem like what you're having.
>
> As a first guess, within your connector I'd change
>
>          clientAuth="false" sslProtocol="TLS" keystoreType="PKCS12"
>
> to
>
>          clientAuth="false" sslProtocol="ALL" keystoreType="PKCS12"
>
> 2nd, I'd have a look how it behaves with Sun's original JDK
>
> If all that failes (what would puzzle me since you're the first to
> have this problem), I'd give OpenSSL a try:
>
> I'm running Tomcat 5.5 on Debian using APR with OpenSSL, and this is
> my Connector working like charm, even with the latest version of
> Firefox:
>
>     <Connector  port="443"
>                 address="xx.xxx.xxx.xx"
>                 maxHttpHeaderSize="8192"
>                 maxThreads="150"
>                 minSpareThreads="25"
>                 maxSpareThreads="75"
>                 enableLookups="false"
>                 disableUploadTimeout="true"
>                 acceptCount="100"
>                 scheme="https"
>                 secure="true"
>                 SSLEngine="on"
>                 SSLCertificateFile="/home/tomcat/www/certs/some.crt"
>                 SSLCertificateKeyFile="/home/tomcat/www/certs/some.key" />
>
> HTH
>
> Gregor
>   

---------------------------------------------------------------------
To start a new topic, e-mail: users@tomcat.apache.org
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org


Mime
View raw message