tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Mark Thomas <ma...@apache.org>
Subject Re: FIPS compliancy on Tomcat 7.00.062
Date Wed, 05 Aug 2015 08:44:36 GMT
On 05/08/2015 07:32, Nikitha Benny wrote:
> Hi Mark,
> 
> When I try to run Tomcat on the https server port:
> 
> *https://<ip address>:8444/*
> 
> It says as below:
> ----------
> 
> *SSL connection error*
> 
> *ERR_SSL_PROTOCOL_ERROR*
> 
> *Unable to make a secure connection to the server. This may be a problem
> with the server, or it may be requiring a client authentication certificate
> that you don't have*
> *------------*

That is the client side. What about server side logs?

> We have set the client authentication to False, so it does not need any
> client authorized certificate.

I recommend you run https://www.ssllabs.com/ssltest/ against your
server. That will tell you if you have a server side issue, a client
side issue or simply a mismatch between the two.

Mark

> 
> Regards,
> Nikitha
> 
> On Wed, Aug 5, 2015 at 10:07 AM, Nikitha Benny <nikki.benny@gmail.com>
> wrote:
> 
>>> But still Tomcat does not run on the https port.
>>
>> As in, when we run Tomcat on the https server port it does not display the
>> page.
>> Where as it goes through fine on the http port. The url opens.
>>
>>
>>
>> On Tue, Aug 4, 2015 at 6:18 PM, Mark Thomas <markt@apache.org> wrote:
>>
>>> On 04/08/2015 13:19, Nikitha Benny wrote:
>>>> Hello Mark,
>>>>
>>>> Thanks for your valuable suggestion.
>>>>
>>>> We were successful in creating the pkcs12 keystore which picks up
>>> SHA256 as
>>>> shown below:
>>>
>>> <snip/>
>>>
>>>> But still Tomcat does not run on the https port.
>>>
>>> Define "does not run".
>>>
>>>> Any clue as to why this happens?
>>>
>>> Based on the information provided so far, no.
>>>
>>>> The protocol I am using is* "org.apache.coyote.http11.Http11Protocol".*
>>>
>>> OK. That is the HTTP BIO connector.
>>>
>>>> Could it be because I am not using an APR connector protocol?
>>>
>>> No.
>>>
>>> Mark
>>>
>>>
>>> ---------------------------------------------------------------------
>>> To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
>>> For additional commands, e-mail: users-help@tomcat.apache.org
>>>
>>>
>>
> 


---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org


Mime
View raw message