tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Kobe <...@mailcity.com>
Subject Re: SSL connect to APR fails - "bad version"
Date Tue, 08 Nov 2011 20:30:56 GMT

Actually, whether it be webaccess or webservice access, i not follow
your confusion. pleas explain why this is wrong.

/Kobe

Kobe wrote:
> 
> Tomcat is also a servlet container and may be used to host web services.
> That is the case here. the web service client is hosted in a BEA weblogic
> server
> and attempts to connect to the web service over SSL.
> 
> /Kobe
> 
> 
> awarnier wrote:
>> 
>> Kobe wrote:
>>> I build tcnative and apr from src with exist ver of openssl (means
>>> openssl
>>> not
>>> build my me). I load apr connector in tomcat as below.
>>> 
>>> when my client connect, I cannot connect: i get "bad version". 
>>> please explain what I do wrong?
>>> 
>>> 
>>> server# ./apr-1-config  --version
>>> 1.4.5
>>> server#
>>> server# openssl version
>>> OpenSSL 0.9.8e-fips-rhel5 01 Jul 2008
>>> server#
>>> 
>>> 
>>> 
>>>   /// APR Connector Configuration in Tomcat6
>>>  <Connector port="443"
>>>     protocol="org.apache.coyote.http11.Http11AprProtocol"
>>>     enableLookups="false" disableUploadTimeout="true"
>>>     acceptCount="100" scheme="https" secure="true"
>>>     SSLCertificateFile="server_certificate.pem"
>>>     SSLCertificateChainFile="cachain.pem"
>>>     SSLCertificateKeyFile="server.key"
>>>   />
>>> 
>>> 
>>> 
>>> 
>>> $ openssl s_client -connect server.xxx.net:443 -debug -ssl3
>>> CONNECTED(00000003)
>>> write to 0x100119470 [0x100815e00] (95 bytes => 95 (0x5F))
>>> 0000 - 16 03 00 00 5a 01 00 00-56 03 00 4e b5 d4 3e 2d  
>>> ....Z...V..N..>-
>>> 0010 - 57 eb 94 3c f8 0f a0 55-76 75 21 7c b3 f1 37 6f  
>>> W..<...Uvu!|..7o
>>> 0020 - 99 2b 68 7c 65 b7 c9 2c-f6 1f dd 00 00 2e 00 39  
>>> .+h|e..,.......9
>>> 0030 - 00 38 00 35 00 16 00 13-00 0a 00 33 00 32 00 2f  
>>> .8.5.......3.2./
>>> 0040 - 00 9a 00 99 00 96 00 05-00 04 00 15 00 12 00 09  
>>> ................
>>> 0050 - 00 14 00 11 00 08 00 06-00 03 00 ff 02 01         ..............
>>> 005f - <SPACES/NULS>
>>> read from 0x100119470 [0x100811400] (5 bytes => 5 (0x5))
>>> 0000 - 48 54 54 50 2f                                    HTTP/
>>> write to 0x100119470 [0x10081b800] (7 bytes => 7 (0x7))
>>> 0000 - 15 03 00 00 02 02 28                              ......(
>>> 44414:error:1408F10B:SSL routines:SSL3_GET_RECORD:wrong version
>>> number:/SourceCache/OpenSSL098/OpenSSL098-35.1/src/ssl/s3_pkt.c:293:
>>> $ 
>>> 
>> Hi.
>> I don't know if other members of this list will be as puzzled as I am,
>> but it is not clear 
>> to me what you are trying to achieve.
>> I mean that Tomcat is in principle a web server, normally answering web
>> browser requests 
>> (via HTTP or HTTPS).  What are you trying to do when you access it with
>> the above type of 
>> client, and what are you sending to Tomcat, and why ?
>> 
>> 
>> ---------------------------------------------------------------------
>> To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
>> For additional commands, e-mail: users-help@tomcat.apache.org
>> 
>> 
>> 
> 
> 

-- 
View this message in context: http://old.nabble.com/SSL-connect-to-APR-fails---%22bad-version%22-tp32788669p32805704.html
Sent from the Tomcat - User mailing list archive at Nabble.com.


---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org


Mime
View raw message