tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Lengyel Tamás <leng...@quattrosoft.hu>
Subject RE: tomcat with apr and openssl gives ssl_error_rx_record_too_long
Date Fri, 01 Apr 2011 17:01:50 GMT
Sorry, too much copy/pastes made my mail unreadable. Again:

Hi all,
We use tomcat 5.5.30 on ubuntu linux, ssl configured and working (with java keystore).
We tried to install APR. libapr1-dev, libssl-dev, java (jdk1.6.0_24) installed.
tomcat-native-1.1-20-src downloaded, and built correctly ("Loaded APR based Apache Tomcat
Native library 1.1.20" message in catalina.out, no error messages).
We used the free "portecle" application to export private key and certificate from the java
keystore.
Relevant server.xml parts are:

    <Listener className="org.apache.catalina.core.AprLifecycleListener" SSLEngine="on"
/>

    <Connector
      protocol="org.apache.coyote.http11.Http11AprProtocol"
      URIEncoding="UTF-8"
      acceptCount="100"
      algorithm="${jazz.connector.algorithm}"
      clientAuth="false"
      connectionTimeout="20000"
      disableUploadTimeout="true"
      enableLookups="false"
      SSLCertificateFile="/opt/IBM/JazzTeamServer/server/tomcat/rtc.cer"
      SSLCertificateKeyFile="/opt/IBM/JazzTeamServer/server/tomcat/rtcpk.pem"
      SSLPassword=""
      maxHttpHeaderSize="8192"
      maxSpareThreads="75"
      maxThreads="150"
      minSpareThreads="25"
      port="9443"
      scheme="https"
      secure="true"
      SSLEnabled="true
      SSLProtocol="${jazz.connector.sslProtocol}"/>

We tried to omit and change ${jazz.connector.*} parameters without effect so we think it's
not relevant.
(Rational Team Concert is running on this server, hopefully unrelevant.) After all, when connecting
to the server we've got the mentioned error:

"An error occurred during a connection to https://some-machine:9443.
SSL received a record that exceeded the maximum permissible length.
(Error code: ssl_error_rx_record_too_long)"

No error messages in log.
Any instructions, comments, hints appreciated.

Best regards,
Lengyel Tamas
e-mail: lengyel@quattrosoft.hu<mailto:lengyel@quattrosoft.hu>


---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org


Mime
View raw message