SSL APR Tomcat 6.0.20 Not Working
Hi, I am trying to upgrade from 5.0.16 to 6.0.20 and also try to use the APR, with SSL. I had SSL working fine in 6.0.20 with JSSE (i.e. not APR SSL). I have used http://conshell.net/wiki/index.php/Keytool_to_OpenSSL_Conversion_tips to get my private key file and added this to my server.xml... Connector port=443 protocol=HTTP/1.1 maxHttpHeaderSize=8192 maxThreads=150 enableLookups=false disableUploadTimeout=true acceptCount=100 scheme=https secure=true SSLEnabled=true SSLProtocol=TLSv1 SSLPassword= SSLCertificateFile=* SSLCertificateKeyFile=** / and on startup I get this output 18-Feb-2010 17:04:45 org.apache.catalina.core.AprLifecycleListener init INFO: Loaded APR based Apache Tomcat Native library 1.1.16. 18-Feb-2010 17:04:45 org.apache.catalina.core.AprLifecycleListener init INFO: APR capabilities: IPv6 [true], sendfile [true], accept filters [false], random [true]. 18-Feb-2010 17:04:46 org.apache.coyote.http11.Http11AprProtocol init INFO: Initializing Coyote HTTP/1.1 on http-80 18-Feb-2010 17:04:46 org.apache.coyote.http11.Http11AprProtocol init INFO: Initializing Coyote HTTP/1.1 on http-443 18-Feb-2010 17:04:46 org.apache.catalina.startup.Catalina load INFO: Initialization processed in 1918 ms 18-Feb-2010 17:04:46 org.apache.catalina.core.StandardService start INFO: Starting service Catalina 18-Feb-2010 17:04:46 org.apache.catalina.core.StandardEngine start INFO: Starting Servlet Engine: Apache Tomcat/6.0.20 18-Feb-2010 17:04:48 org.apache.coyote.http11.Http11AprProtocol start INFO: Starting Coyote HTTP/1.1 on http-80 18-Feb-2010 17:04:48 org.apache.coyote.http11.Http11AprProtocol start INFO: Starting Coyote HTTP/1.1 on http-443 18-Feb-2010 17:04:48 org.apache.catalina.startup.Catalina start INFO: Server startup in 1316 ms which all looks fine and dandy, but when I try to access a page with https it just doesnt respond i.e. explorer says its not there and asks to diagnose connection problems. Am I missing something simple? Thanks, Iain -- View this message in context: http://old.nabble.com/SSL-APR-Tomcat-6.0.20-Not-Working-tp27642349p27642349.html Sent from the Tomcat - User mailing list archive at Nabble.com. - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: SSL APR Tomcat 6.0.20 Not Working
On 18/02/2010 17:15, iainmac wrote: Connector port=443 protocol=HTTP/1.1 maxHttpHeaderSize=8192 maxThreads=150 enableLookups=false disableUploadTimeout=true acceptCount=100 scheme=https secure=true SSLEnabled=true SSLProtocol=TLSv1 SSLPassword= SSLCertificateFile=* SSLCertificateKeyFile=** / Looks good. 18-Feb-2010 17:04:48 org.apache.coyote.http11.Http11AprProtocol start INFO: Starting Coyote HTTP/1.1 on http-443 This indicates that the SSL connector started up with http rather than https. It would end https-443 if it were using ssl. Usually, that means SSLEnabled=true was not set but I see it is there in your case. I'd upgrade to native 1.1.20 as there are a bunch of bug fixes. Also, which platform and where did you get the binaries from? Mark - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: SSL APR Tomcat 6.0.20 Not Working
I changed TLSv1 to just TLS and it worked iainmac wrote: Hi, I am trying to upgrade from 5.0.16 to 6.0.20 and also try to use the APR, with SSL. I had SSL working fine in 6.0.20 with JSSE (i.e. not APR SSL). I have used http://conshell.net/wiki/index.php/Keytool_to_OpenSSL_Conversion_tips to get my private key file and added this to my server.xml... Connector port=443 protocol=HTTP/1.1 maxHttpHeaderSize=8192 maxThreads=150 enableLookups=false disableUploadTimeout=true acceptCount=100 scheme=https secure=true SSLEnabled=true SSLProtocol=TLSv1 SSLPassword= SSLCertificateFile=* SSLCertificateKeyFile=** / and on startup I get this output 18-Feb-2010 17:04:45 org.apache.catalina.core.AprLifecycleListener init INFO: Loaded APR based Apache Tomcat Native library 1.1.16. 18-Feb-2010 17:04:45 org.apache.catalina.core.AprLifecycleListener init INFO: APR capabilities: IPv6 [true], sendfile [true], accept filters [false], random [true]. 18-Feb-2010 17:04:46 org.apache.coyote.http11.Http11AprProtocol init INFO: Initializing Coyote HTTP/1.1 on http-80 18-Feb-2010 17:04:46 org.apache.coyote.http11.Http11AprProtocol init INFO: Initializing Coyote HTTP/1.1 on http-443 18-Feb-2010 17:04:46 org.apache.catalina.startup.Catalina load INFO: Initialization processed in 1918 ms 18-Feb-2010 17:04:46 org.apache.catalina.core.StandardService start INFO: Starting service Catalina 18-Feb-2010 17:04:46 org.apache.catalina.core.StandardEngine start INFO: Starting Servlet Engine: Apache Tomcat/6.0.20 18-Feb-2010 17:04:48 org.apache.coyote.http11.Http11AprProtocol start INFO: Starting Coyote HTTP/1.1 on http-80 18-Feb-2010 17:04:48 org.apache.coyote.http11.Http11AprProtocol start INFO: Starting Coyote HTTP/1.1 on http-443 18-Feb-2010 17:04:48 org.apache.catalina.startup.Catalina start INFO: Server startup in 1316 ms which all looks fine and dandy, but when I try to access a page with https it just doesnt respond i.e. explorer says its not there and asks to diagnose connection problems. Am I missing something simple? Thanks, Iain -- View this message in context: http://old.nabble.com/SSL-APR-Tomcat-6.0.20-Not-Working-tp27642349p27647034.html Sent from the Tomcat - User mailing list archive at Nabble.com. - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org