Reputation: 3064
tomcat can't establish ssl connection
I can't establish ssl connnection with tomcat. Chrome writes "107 (net::ERR_SSL_PROTOCOL_ERROR".
I've generated mystore file via keytool.(>keytool -genkey -alias tomcat -keyalg RSA -keystore mystore -validity 999 -keysize 512) and put it to D:\mystore.
also in my server.xml:
<Connector connectionTimeout="20000" port="8080" protocol="HTTP/1.1" redirectPort="443"/>
<Connector port="443" SSLEnabled="true" maxHttpHeaderSize="8192"
maxThreads="150" minSpareThreads="25" maxSpareThreads="200"
enableLookups="false" disableUploadTimeout="true"
acceptCount="100" scheme="https" secure="true"
clientAuth="false" sslProtocol="TLS"
keystoreFile="d:\mystore" keystorePass="123123" keystoreType="JKS"
keyAlias="tomcat"/>
and when I starting tomcat in logs exist these strings :
INFO: Starting ProtocolHandler ["http-bio-443"]
сен 05, 2012 9:00:29 AM org.apache.coyote.AbstractProtocol start
and when I try
https://localhost/lib ( or https://localhost:443/lib ) nothing work.
Can somebody help me?
PS: -apache-tomcat-7.0.29
-jdk1.7.0_5
FIXED!
migrate to apache-tomcat-7.0.28 ((((
Upvotes: 3
Views: 26863
Answers (4)
Reputation: 11
in your connector configuration include "sslEnabledProtocols" Here is a sample
<Connector port="8443" protocol="org.apache.coyote.http11.Http11Protocol" maxHttpHeaderSize="8192" minSpareThreads="25" maxSpareThreads="75" enableLookups="false" disableUploadTimeout="true" acceptCount="100" maxThreads="150" SSLEnabled="true" scheme="https" secure="true" clientAuth="false" sslProtocol="TLS" sslEnabledProtocols="TLSv1,TLSv1.1,TLSv1.2" keystoreFile="" keystorePass="password" />
Upvotes: 1
Reputation: 91
I also encountered the same problem, but even after upgrading tomcat the problem remained. I resolved the problem by clearing cache and cookies.
Upvotes: 2
Reputation: 1298
First of all, you should use the 8443 (or another 8000+ port), the 443 is one of the default ports that systems use (like FTP on 21 and so on). Then: you should modify your server.xml like this:
<Connector port=”8443” protocol=”org.apache.coyote.http11.Http11Protocol” SSLEnabled=”true”
maxThreads=”200” scheme=”https” secure=”true” keystoreFile=”D:/mystore/.keystore” keystorePass=”123123”
clientAuth=”false” sslProtocol=”TLS” />
in the keystoreFile option, you should verify that your file is named actually ".keystore" (withour brackets of course). If you want to try and create another one: you should do like this:
keytool –genkey –alias tomcat –keyalg RSA
You should use the "backslash", "\", in the keystoreFile not the "/". then on the restart of your application server, you should try to go to
https://localhost:8443/
let me know if helps
Upvotes: 7
Related Questions
- Tomcat 7 SSL Failed
- What is wrong with the way I configured SSL in tomcat?
- Connection refused after installing SSL certificates into tomcat server
- Tomcat 8 running but refused to connect
- HTTPS Connection error
- ssl tomcat certificate error
- SSL with Tomcat 7 at Ubuntu: unable to connect
- Configuring SSL with tomcat
- SSL error in Ubuntu and Tomcat
- Setting up tomcat + ssl failed.. cannot connect to SSL channel?