Hi Mark, On a similar note, would you be able to point me on how to get CRL validator invoked by tomcat 5.x for ssl/mutual.
thnks On 6/8/05, Mark <[EMAIL PROTECTED]> wrote: > I do not think that you need an SSL connector. I have an embedded > tomcat working using mutual authenticated SSL and the connector is not > SSL enabled. > > On 6/8/05, Diarmuid McDonald <[EMAIL PROTECTED]> wrote: > > Hi, > > > > Can anyone help me with regard to running Embedded Tomcat 5.5.9 with SSL. I > > found a mail archive before that has the same problem, however there is no > > resolution. > > > > http://www.mail-archive.com/tomcat-user@jakarta.apache.org/msg153661.html > > > > I have included my code and errors that I am receiving. Any help would be > > greatly appreciated > > > > Here is the code I am Using > > > > import java.io.File; > > .. > > .. > > import org.apache.tomcat.util.IntrospectionUtils; > > > > public class TestEmbededTomcat { > > > > > > public static void main( String args[] ) > > { > > > > Embedded embedded = new Embedded(); > > > > // set default logger and realm > > org.apache.log4j.BasicConfigurator.configure(); > > > > MemoryRealm memRealm = new MemoryRealm(); > > embedded.setRealm(memRealm); > > > > //Create an Engine > > Engine baseEngine = embedded.createEngine(); > > > > baseEngine.setName("TestEngine"); > > baseEngine.setDefaultHost("vsjHost"); > > > > //Create Host > > Host baseHost = embedded.createHost( "vsjHost", > > "e:/ent/sip2.0/rte/jakarta-tomcat-5.5.9-embed/webapps" ); > > > > baseEngine.addChild( baseHost ); > > > > //Create default context > > Context rootContext = embedded.createContext("","ROOT"); > > > > baseHost.addChild( rootContext ); > > > > // Create context for web app for axis > > Context axisContext = embedded.createContext("/axis", "axis"); > > axisContext.setPrivileged( true ); > > baseHost.addChild( axisContext ); > > > > embedded.addEngine( baseEngine ); > > > > //Create a ssh Connector > > Connector sshConnector = embedded.createConnector( > > (java.net.InetAddress) null, > > 9012, > > true); > > > > IntrospectionUtils.setProperty(sshConnector, "sslProtocol", "TLS"); > > IntrospectionUtils.setProperty(sshConnector, "keypass", "changeit"); > > IntrospectionUtils.setProperty(sshConnector, "keystore", > > "C:/Documents and Settings/mcdonald/.keystore"); > > IntrospectionUtils.setProperty(sshConnector, "clientAuth", "false"); > > > > embedded.addConnector( sshConnector ); > > sshConnector.setProtocol( "TLS" ); > > > > //start operation > > embedded.start(); > > } > > } > > > > > > Here is the error message I get :- > > > > 12:16:41:375: > > [org.apache.tomcat.util.net.PoolTcpEndpoint][http-9012-Processor3] DEBUG - > > Handshake > > ailed > > javax.net.ssl.SSLHandshakeException: Received fatal alert: handshake_failure > > at com.sun.net.ssl.internal.ssl.BaseSSLSocketImpl.a(DashoA6275) > > at com.sun.net.ssl.internal.ssl.BaseSSLSocketImpl.b(DashoA6275) > > at com.sun.net.ssl.internal.ssl.SSLSocketImpl.b(DashoA6275) > > at com.sun.net.ssl.internal.ssl.SSLSocketImpl.a(DashoA6275) > > at com.sun.net.ssl.internal.ssl.SSLSocketImpl.j(DashoA6275) > > at > > com.sun.net.ssl.internal.ssl.SSLSocketImpl.startHandshake(DashoA6275) > > at > > org.apache.tomcat.util.net.jsse.JSSESocketFactory.handshake(JSSESocketFactory.java:119) > > at > > org.apache.tomcat.util.net.PoolTcpEndpoint.processSocket(PoolTcpEndpoint.java:520) > > at > > org.apache.tomcat.util.net.LeaderFollowerWorkerThread.runIt(LeaderFollowerWorkerThread.j > > va:80) > > at > > org.apache.tomcat.util.threads.ThreadPool$ControlRunnable.run(ThreadPool.java:684) > > at java.lang.Thread.run(Thread.java:536) > > 287423 [http-9012-Processor3] DEBUG > > org.apache.tomcat.util.net.PoolTcpEndpoint - Handshake failed > > javax.net.ssl.SSLHandshakeException: Received fatal alert: handshake_failure > > at com.sun.net.ssl.internal.ssl.BaseSSLSocketImpl.a(DashoA6275) > > at com.sun.net.ssl.internal.ssl.BaseSSLSocketImpl.b(DashoA6275) > > at com.sun.net.ssl.internal.ssl.SSLSocketImpl.b(DashoA6275) > > at com.sun.net.ssl.internal.ssl.SSLSocketImpl.a(DashoA6275) > > at com.sun.net.ssl.internal.ssl.SSLSocketImpl.j(DashoA6275) > > at > > com.sun.net.ssl.internal.ssl.SSLSocketImpl.startHandshake(DashoA6275) > > at > > org.apache.tomcat.util.net.jsse.JSSESocketFactory.handshake(JSSESocketFactory.java:119) > > at > > org.apache.tomcat.util.net.PoolTcpEndpoint.processSocket(PoolTcpEndpoint.java:520) > > at > > org.apache.tomcat.util.net.LeaderFollowerWorkerThread.runIt(LeaderFollowerWorkerThread.j > > va:80) > > at > > org.apache.tomcat.util.threads.ThreadPool$ControlRunnable.run(ThreadPool.java:684) > > at java.lang.Thread.run(Thread.java:536) > > > > > > Here is the message I get from Firefox :- > > > > "Could not establish an encrypted connection, because the certificate > > presented by localhost is invalid or corrupted. Error Code : -8182" > > > > > > This e-mail and any files transmitted with it are confidential and may be > > privileged and are intended solely for the individual named/ for the use of > > the individual or entity to whom they are addressed.If you are not the > > intended addressee, you should not disseminate, distribute or copy this > > e-mail.Please notify the sender immediately if you have received this > > e-mail by mistake and delete this e-mail from your system.If you are not > > the intended recipient, you are notified that reviewing, disclosing, > > copying, distributing or taking any action in reliance on the contents of > > this e-mail is strictly prohibited.Please note that any views or opinions > > expressed in this e-mail are solely those of the author and do not > > necessarily represent those of Traventec Limited. This e-mail has been > > swept for computer viruses however Traventec Limited accepts no liability > > for any damage caused by any virus transmitted by this e-mail. > > --------------------------------------------------------------------- > To unsubscribe, e-mail: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED] > > --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]