Hi Nikhita, run the sslscan tool from the command line or openssl s_client in debug mode https://github.com/rbsec/sslscan
Regards, Sanaullah On Wed, Aug 5, 2015 at 2:23 PM, Nikitha Benny <nikki.be...@gmail.com> wrote: > Hi Mark, > > My server is not on a public domain. > How can i verify the setup which is on a private network? > > Regards, > Nikitha > > On Wed, Aug 5, 2015 at 2:14 PM, Mark Thomas <ma...@apache.org> wrote: > > > On 05/08/2015 07:32, Nikitha Benny wrote: > > > Hi Mark, > > > > > > When I try to run Tomcat on the https server port: > > > > > > *https://<ip address>:8444/* > > > > > > It says as below: > > > ---------- > > > > > > *SSL connection error* > > > > > > *ERR_SSL_PROTOCOL_ERROR* > > > > > > *Unable to make a secure connection to the server. This may be a > problem > > > with the server, or it may be requiring a client authentication > > certificate > > > that you don't have* > > > *------------* > > > > That is the client side. What about server side logs? > > > > > We have set the client authentication to False, so it does not need any > > > client authorized certificate. > > > > I recommend you run https://www.ssllabs.com/ssltest/ against your > > server. That will tell you if you have a server side issue, a client > > side issue or simply a mismatch between the two. > > > > Mark > > > > > > > > Regards, > > > Nikitha > > > > > > On Wed, Aug 5, 2015 at 10:07 AM, Nikitha Benny <nikki.be...@gmail.com> > > > wrote: > > > > > >>> But still Tomcat does not run on the https port. > > >> > > >> As in, when we run Tomcat on the https server port it does not display > > the > > >> page. > > >> Where as it goes through fine on the http port. The url opens. > > >> > > >> > > >> > > >> On Tue, Aug 4, 2015 at 6:18 PM, Mark Thomas <ma...@apache.org> wrote: > > >> > > >>> On 04/08/2015 13:19, Nikitha Benny wrote: > > >>>> Hello Mark, > > >>>> > > >>>> Thanks for your valuable suggestion. > > >>>> > > >>>> We were successful in creating the pkcs12 keystore which picks up > > >>> SHA256 as > > >>>> shown below: > > >>> > > >>> <snip/> > > >>> > > >>>> But still Tomcat does not run on the https port. > > >>> > > >>> Define "does not run". > > >>> > > >>>> Any clue as to why this happens? > > >>> > > >>> Based on the information provided so far, no. > > >>> > > >>>> The protocol I am using is* > > "org.apache.coyote.http11.Http11Protocol".* > > >>> > > >>> OK. That is the HTTP BIO connector. > > >>> > > >>>> Could it be because I am not using an APR connector protocol? > > >>> > > >>> No. > > >>> > > >>> Mark > > >>> > > >>> > > >>> --------------------------------------------------------------------- > > >>> To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org > > >>> For additional commands, e-mail: users-h...@tomcat.apache.org > > >>> > > >>> > > >> > > > > > > > > > --------------------------------------------------------------------- > > To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org > > For additional commands, e-mail: users-h...@tomcat.apache.org > > > > >
