Mailing-List: contact users-help@tomcat.apache.org; run by ezmlm
Precedence: bulk
Reply-To: "Tomcat Users List" <users@tomcat.apache.org>
MIME-Version: 1.0
In-Reply-To: <563CD024.802@christopherschultz.net>
References: 
 <CACNy_jQ-d5+7cSDmUrVi5jnnXVRA8uLUSLU4cO6-vQ=TSiueaA@mail.gmail.com>
	<563CD024.802@christopherschultz.net>
Date: Fri, 6 Nov 2015 23:23:22 +0530
Message-ID: 
 <CACNy_jROhpMMhpNDv4pvMm2G51i-s-3M3xwrEgBL=CnoPRBJEw@mail.gmail.com>
Subject: Re: ERR_SSL_PROTOCOL_ERROR
From: Brajesh Patel <brajeshpatel07@gmail.com>
To: Tomcat Users List <users@tomcat.apache.org>
Content-Type: multipart/alternative; boundary=089e01228be06759720523e2eb9c

--089e01228be06759720523e2eb9c
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: quoted-printable

Hi chris,

Thanks for your reply, yes we are on too old version of tomcat , issue was
occur because infra team updated java version .

sent from YU
On Nov 6, 2015 9:37 PM, "Christopher Schultz" <chris@christopherschultz.net=
>
wrote:

> Brajesh,
>
> On 11/6/15 1:44 AM, Brajesh Patel wrote:
> > We are getting "ERR_SSL_PROTOCOL_ERROR" error while hitting any request
> > from browser following configuration we have:
> >
> > Tomcat:5.5
> >
> >          <property name=3D"clientAuth" value=3D"false"/>
> >             <property name=3D"keystoreFile" value=3D"file ofbizssl.jks"=
/>
> >             <property name=3D"keystorePass" value=3D"changeit"/>
> >             <property name=3D"keystoreType" value=3D"JKS"/>
> >             <property name=3D"sslProtocol" value=3D"TLS"/>
> >             <property name=3D"ciphers"
> >
> value=3D"TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,TLS_ECDHE_RSA_WITH_AES_1=
28_GCM_SHA256,TLS_DHE_RSA_WITH_AES_128_GCM_SHA256,TLS_ECDHE_ECDSA_WITH_CHAC=
HA20_POLY1305_SHA256,TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256,TLS_DHE_RS=
A_WITH_CHACHA20_POLY1305_SHA256,TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA,TLS_EC=
DHE_RSA_WITH_AES_256_CBC_SHA,TLS_DHE_RSA_WITH_AES_256_CBC_SHA,TLS_ECDHE_ECD=
SA_WITH_AES_128_CBC_SHA,TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA,TLS_DHE_RSA_WITH=
_AES_128_CBC_SHA,TLS_RSA_WITH_AES_128_GCM_SHA256,TLS_RSA_WITH_AES_256_CBC_S=
HA,TLS_RSA_WITH_AES_128_CBC_SHA,TLS_RSA_WITH_3DES_EDE_CBC_SHA,TLS_EMPTY_REN=
EGOTIATION_INFO_SCSV"/>
> >
> > Please suggest us.
>
> A few things:
>
> 1. Tomcat 5.5 is no longer supported. Consider an upgrade to a later
> version. Tomcat 8.0.28 is the most recent version.
>
> 2. SSL protocol error is almost certainly caused by trying to use an
> SSLv3 client with a TLS-only server (or vice-versa). The server or the
> client might have been updated without you realizing it. Recent versions
> of the Java JVM have SSLv3 explicitly disabled and you'd need additional
> configuration to re-enable it.
>
> Can you connect to your server using the "openssl s_client" command? You
> may have to use the "-ssl3" or "-tls1" switches to be able to connect.
>
> -chris
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
> For additional commands, e-mail: users-help@tomcat.apache.org
>
>

--089e01228be06759720523e2eb9c--