Re: SSL Errors and Warnings with various version of Tomcat

2018-11-13 Thread Richard Tearle
On Tue, 13 Nov 2018 at 14:10, Mark Thomas wrote: > > On 13/11/2018 14:00, Rémy Maucherat wrote: > > On Tue, Nov 13, 2018 at 2:50 PM Richard Tearle < > > richard.tea...@northgateps.com> wrote: > > > >> Hi > >> > >> Our applications are a

SSL Errors and Warnings with various version of Tomcat

2018-11-13 Thread Richard Tearle
Hi Our applications are all working fine with Tomcat 8.5.34 and Tomcat Native 1.2.17; Centos 7.5; OpenSSL 1.0.2k-fips 26 Jan 2017; Oracle Java JRE 8u172 On upgrading to Tomcat 8.5.35 and Tomcat Native 1.2.18, we get the following warning: 12-Nov-2018 14:37:03.459 WARNING [main]

Re: Connection closed error and certificateVerification="required"

2018-04-18 Thread Richard Tearle
On 17 April 2018 at 16:45, Richard Tearle <richard.tea...@northgateps.com> wrote: > On 17 April 2018 at 14:54, Mark Thomas <ma...@apache.org> wrote: >> On 17/04/18 11:36, Mark Thomas wrote: >>> On 17/04/18 10:14, Richard Tearle wrote: >> >> >> &

Re: Connection closed error and certificateVerification="required"

2018-04-17 Thread Richard Tearle
On 17 April 2018 at 14:54, Mark Thomas <ma...@apache.org> wrote: > On 17/04/18 11:36, Mark Thomas wrote: >> On 17/04/18 10:14, Richard Tearle wrote: > > > >> Now all we need to to do is to figure out how to fix this. With the >> understanding of what is (pr

Re: Connection closed error and certificateVerification="required"

2018-04-17 Thread Richard Tearle
On 16 April 2018 at 22:04, Mark Thomas <ma...@apache.org> wrote: > On 11/04/18 09:22, Richard Tearle wrote: > > > >> I've built tomcat from source using the link you provided, and rebuilt the >> containers with this tomcat, and can still reproduce the issue. I've up

Re: Connection closed error and certificateVerification="required"

2018-04-11 Thread Richard Tearle
On 5 April 2018 at 08:35, Richard Tearle <richard.tea...@northgateps.com> wrote: > > On 4 April 2018 at 17:58, Mark Thomas <ma...@apache.org> wrote: > > On 26/03/18 08:25, Richard Tearle wrote: > > > > > > > > Thanks. I've got the test application

Re: Connection closed error and certificateVerification="required"

2018-04-05 Thread Richard Tearle
On 4 April 2018 at 17:58, Mark Thomas <ma...@apache.org> wrote: > On 26/03/18 08:25, Richard Tearle wrote: > > > > Thanks. I've got the test application and UI running but I haven't yet > reproduced the problem. What parameters are you calling run-test.sh with? This

Re: Connection closed error and certificateVerification="required"

2018-03-26 Thread Richard Tearle
Hi On 24 March 2018 at 23:06, Mark Thomas <ma...@apache.org> wrote: > On 23/03/18 15:00, Richard Tearle wrote: >> On 22 March 2018 at 23:06, Mark Thomas <ma...@apache.org> wrote: >>> On 22/03/18 15:27, Richard Tearle wrote: >>>> On 22 March 2018 at 1

Re: Connection closed error and certificateVerification="required"

2018-03-23 Thread Richard Tearle
On 22 March 2018 at 23:06, Mark Thomas <ma...@apache.org> wrote: > On 22/03/18 15:27, Richard Tearle wrote: >> On 22 March 2018 at 14:49, Mark Thomas <ma...@apache.org> wrote: > > > > OK. Time to think about this. NIO + JSSE works whereas NIO + OpenSSL > doesn

Re: Connection closed error and certificateVerification="required"

2018-03-22 Thread Richard Tearle
On 22 March 2018 at 14:49, Mark Thomas <ma...@apache.org> wrote: > On 22/03/18 07:46, Richard Tearle wrote: >> On 21 March 2018 at 14:54, Mark Thomas <ma...@apache.org> wrote: [snip] > Excellent. > > There have been a few moving parts here so I'd like to get some &g

Re: Connection closed error and certificateVerification="required"

2018-03-22 Thread Richard Tearle
On 21 March 2018 at 14:54, Mark Thomas wrote: > > > Progress. > > Tomcat 8.0.x is more relaxed about the content of PKCS12 trust stores > then 8.5.x because of a change[1] made so that the effectiveness of the > certificateVerificationDepth configuration attribute did not depend

Re: Connection closed error and certificateVerification="required"

2018-03-21 Thread Richard Tearle
On 20 March 2018 at 19:58, Mark Thomas <ma...@apache.org> wrote: > On 20/03/18 14:49, Richard Tearle wrote: > OK. Can you share you configuration and the steps you used to create the > self-signed certificate. I'd like to see if I can reproduce this. > > > Mark > I

Re: Connection closed error and certificateVerification="required"

2018-03-20 Thread Richard Tearle
On 20 March 2018 at 14:49, Richard Tearle <richard.tea...@northgateps.com> wrote: > Hello > > On 20 March 2018 at 11:29, Mark Thomas <ma...@apache.org> wrote: >> >> >> >> There are rather too many factors at play here. It would be good to

Re: Connection closed error and certificateVerification="required"

2018-03-20 Thread Richard Tearle
Hello On 20 March 2018 at 11:29, Mark Thomas <ma...@apache.org> wrote: > > On 20/03/18 07:52, Richard Tearle wrote: > > Hello > > > > We have 4 applications built on the same architecture with a web UI > > and camel based ESB running in separate Tomcat's, using

Connection closed error and certificateVerification="required"

2018-03-20 Thread Richard Tearle
Hello We have 4 applications built on the same architecture with a web UI and camel based ESB running in separate Tomcat's, using REST/XML to communicate between the two. This is all deployed within separate Docker containers but on the same VM (at least for test), either on Centos Linux or

Re: Tomcat 8.5.28 SSL - Cannot store non-PrivateKeys

2018-03-14 Thread Richard Tearle
example server.xml entries show naming PEM > files directly, and the connector docs seem to imply that pem files are > supported. > > Can anyone give me a pointer on what to do here? > > -- > George S. > *MH Software, Inc.* > Voice: 303 438 9585 > http://www.mhsoftware.co

Re: Trouble with TLS/SSL and Tomcat 8.5.23

2017-11-23 Thread Richard Tearle
On 23 November 2017 at 17:20, Christopher Schultz <ch...@christopherschultz.net> wrote: > -BEGIN PGP SIGNED MESSAGE- > Hash: SHA256 > > Richard, > > On 11/23/17 8:28 AM, Richard Tearle wrote: >> Yes I read through that thread, but we don't really like Java ke

Re: Trouble with TLS/SSL and Tomcat 8.5.23

2017-11-23 Thread Richard Tearle
On 23 November 2017 at 05:33, Christopher Schultz <ch...@christopherschultz.net> wrote: > -BEGIN PGP SIGNED MESSAGE- > Hash: SHA256 > > Richard, > > On 11/22/17 8:40 AM, Richard Tearle wrote: >> Hello >> >> Apache Tomcat 8.5.23 Centos 7.4 (3.1

Re: Trouble with TLS/SSL and Tomcat 8.5.23

2017-11-22 Thread Richard Tearle
Peter On 22 November 2017 at 15:08, Peter Kreuser <l...@kreuser.name> wrote: > > > > > Richard, > > > > > >> Gesendet: Mittwoch, 22. November 2017 um 14:40 Uhr >> Von: "Richard Tearle" >> <richard.tea...@northgateps.com[mai

Trouble with TLS/SSL and Tomcat 8.5.23

2017-11-22 Thread Richard Tearle
Hello Apache Tomcat 8.5.23 Centos 7.4 (3.10.0-514.16.1.el7.x86_64) Java 1.8.0_152 (with jce) Running in Docker Container I'm upgrading our applications from Apache Tomcat 8.0.47 to 8.5.23, but when trying to get TLS/SSL working on a connector I get the following error: