tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Kobe <...@mailcity.com>
Subject Re: SSL connect to APR fails - "bad version"
Date Tue, 08 Nov 2011 20:26:19 GMT

Tomcat is also a servlet container and may be used to host web services.
That is the case here. the web service client is hosted in a BEA weblogic
server
and attempts to connect to the web service over SSL.

/Kobe


awarnier wrote:
> 
> Kobe wrote:
>> I build tcnative and apr from src with exist ver of openssl (means
>> openssl
>> not
>> build my me). I load apr connector in tomcat as below.
>> 
>> when my client connect, I cannot connect: i get "bad version". 
>> please explain what I do wrong?
>> 
>> 
>> server# ./apr-1-config  --version
>> 1.4.5
>> server#
>> server# openssl version
>> OpenSSL 0.9.8e-fips-rhel5 01 Jul 2008
>> server#
>> 
>> 
>> 
>>   /// APR Connector Configuration in Tomcat6
>>  <Connector port="443"
>>     protocol="org.apache.coyote.http11.Http11AprProtocol"
>>     enableLookups="false" disableUploadTimeout="true"
>>     acceptCount="100" scheme="https" secure="true"
>>     SSLCertificateFile="server_certificate.pem"
>>     SSLCertificateChainFile="cachain.pem"
>>     SSLCertificateKeyFile="server.key"
>>   />
>> 
>> 
>> 
>> 
>> $ openssl s_client -connect server.xxx.net:443 -debug -ssl3
>> CONNECTED(00000003)
>> write to 0x100119470 [0x100815e00] (95 bytes => 95 (0x5F))
>> 0000 - 16 03 00 00 5a 01 00 00-56 03 00 4e b5 d4 3e 2d   ....Z...V..N..>-
>> 0010 - 57 eb 94 3c f8 0f a0 55-76 75 21 7c b3 f1 37 6f   W..<...Uvu!|..7o
>> 0020 - 99 2b 68 7c 65 b7 c9 2c-f6 1f dd 00 00 2e 00 39   .+h|e..,.......9
>> 0030 - 00 38 00 35 00 16 00 13-00 0a 00 33 00 32 00 2f   .8.5.......3.2./
>> 0040 - 00 9a 00 99 00 96 00 05-00 04 00 15 00 12 00 09   ................
>> 0050 - 00 14 00 11 00 08 00 06-00 03 00 ff 02 01         ..............
>> 005f - <SPACES/NULS>
>> read from 0x100119470 [0x100811400] (5 bytes => 5 (0x5))
>> 0000 - 48 54 54 50 2f                                    HTTP/
>> write to 0x100119470 [0x10081b800] (7 bytes => 7 (0x7))
>> 0000 - 15 03 00 00 02 02 28                              ......(
>> 44414:error:1408F10B:SSL routines:SSL3_GET_RECORD:wrong version
>> number:/SourceCache/OpenSSL098/OpenSSL098-35.1/src/ssl/s3_pkt.c:293:
>> $ 
>> 
> Hi.
> I don't know if other members of this list will be as puzzled as I am, but
> it is not clear 
> to me what you are trying to achieve.
> I mean that Tomcat is in principle a web server, normally answering web
> browser requests 
> (via HTTP or HTTPS).  What are you trying to do when you access it with
> the above type of 
> client, and what are you sending to Tomcat, and why ?
> 
> 
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
> For additional commands, e-mail: users-help@tomcat.apache.org
> 
> 
> 

-- 
View this message in context: http://old.nabble.com/SSL-connect-to-APR-fails---%22bad-version%22-tp32788669p32805690.html
Sent from the Tomcat - User mailing list archive at Nabble.com.


---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org


Mime
View raw message