tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Christopher Schultz <ch...@christopherschultz.net>
Subject Re: Need help setting up SSL on Tomcat 8
Date Tue, 28 Jun 2016 20:06:14 GMT
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Sean,

On 6/28/16 2:31 PM, Sean Son wrote:
> Hey Philip
> 
> So i was able to get the page to connect with SSL but I noticed
> that when I clicked on the little icon that looks like a lock next
> to https:// in the address bar, I saw this certificate error: 
> Certificate Error There are issues with the site's certificate
> chain (net::ERR_CERT_COMMON_NAME_INVALID).

This usually means that the URL you are using contains a hostname that
doesn't match the TLS certificate's "common name".

> Does that mean that SSL has been implemented incorrectly?
> 
> Also I am trying to get an incoming connection through port 80 to
> tomcat, to automatically redirect to port 8443 (or 443 which ever
> you think is easiest to implement)  without having to use a reverse
> proxy in front of it.  In my server.xml I have the following:
> 
> <Connector port="80" protocol="HTTP/1.1" enableLookups="false" 
> connectionTimeout="20000" redirectPort="8443" /> <!-- A "Connector"
> using the shared thread pool--> <!-- <Connector
> executor="tomcatThreadPool" port="8080" protocol="HTTP/1.1" 
> connectionTimeout="20000" redirectPort="8443" />
> 
> 
> I cannot get the redirect nor the SSL to work properly. Please
> help.. Thanks!

Please post your complete <Connector> configuration (minus any
secrets), plus the output of this command:

$ keytool -list -keystore [your keystore] -keystorepass [passwd]

- -chris
-----BEGIN PGP SIGNATURE-----
Comment: GPGTools - http://gpgtools.org
Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/

iQIcBAEBCAAGBQJXcti2AAoJEBzwKT+lPKRYYNAP/jimgUxO8gp1W0rOEhqeTszc
yKjAhGQ6yjBE14mvDK+x2zO7+zw01fzqm3IbsyUeEHdSjo0YPQQl0/h15tnhatgA
WuMYz78HyXVtB02FPc/gg82LXwI5GowpKRgd3phQ6f1UKOxpcIPZdOG2MvsbLgFG
m8UX1qxhq34xkQBCkLv+sWd6sgAdGX3P6x/+qxCav3gr+8os5KHFofms6BUReIro
hTRQ6XXIbB3VvOGC6uK/IXLcKtvf1v7Bv5NUsL4mWd9AFkwLl+VlSjdK055ubftp
6CKj5RUmJkJ06Y0Hy1dK4v9mjcMvM0VwsPcwU9E/GOKMMj0Q56EFVKQkroeLjdXj
bYMPc8FNAG6eYUdlrSx5lfcDqhO/EmiUZXLJykBbPFmcke8jED1b31WdboMaJAce
YuuYVUgia4+sP2w/u0bXdQB5ie6gYHecYwdhiIB/mYY74jVz6BeQ26x7EjS7w/WT
4eI5XbPX6JPtJe0e3WpRIe2Fk/pLQOdcHMbG+g0X69cbRtRcf7PT/feGbJzoC/qJ
rUiE7okK98P9KawCV4lueV1b7whFAhJs6apGvIOs/1w296eZ60sM373ugF6ygc1b
gQybFF/NgnwLrKk0A63retwLeSj2ImB0pl3NvJ9yxJZOy+OP4GalV6BJ5+yF5yz2
UESskxe5+W3VYH8s1Ekt
=6brz
-----END PGP SIGNATURE-----

---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org


Mime
View raw message