Hi Keyur, I've just tried this out and it works. You should add the SSLImplementation="org.apache.tomcat.util.net.jsse.JSSEImplementation" in Connector tag in server.xml file that resides under $CATALINA_HOME/conf directory. So, it should look like this in server.xml
<Connector keystoreFile="/path/to/keystore" keystorePass="keystorepassword" port="8443" maxHttpHeaderSize="8192" maxThreads="150" minSpareThreads="25" maxSpareThreads="75" enableLookups="true" disableUploadTimeout="true" acceptCount="100" scheme="https" secure="true" clientAuth="false" sslProtocol="TLS" SSLImplementation="org.apache.tomcat.util.net.jsse.JSSEImplementation"/> Change the keystoreFile and keystorePass accordingly. Hope this help. Ann Keyu Sheth wrote: > > Hi Bill, > > Where should I put the sslimplementation tag in the Connector > tag. Because in the tomcat documentation for SSL this type of tag is not > there. So can you please elaborate on this. And also give me the correct > syntax for ssLImplementation. > > Keyur > > Bill Barker <[EMAIL PROTECTED]> wrote: > PureTLS doesn't use the standard Java keystore format. Consult the > PureTLS > docs for the correct format. Alternatively, specify > sSLImplementation="org.apache.tomcat.util.net.jsse.JSSEImplementation" on > the element to use JSSE instead of PureTLS. > > "keyur sheth" wrote in message > news:[EMAIL PROTECTED] >> Hi everybody, >> >> I am trying to make the tomcat container secure by >> converting it from http to https. I am using the documentation on the >> following website. >> http://tomcat.apache.org/tomcat-5.0-doc/ssl-howto.html >> >> I had implemented this before by creating the >> self-signed certificate and it worked. But for converting it to make it >> trusted I deleted all the files like the .keystore file and created the >> new .keystore and followed the steps in documentation. >> >> I am implementing the part in which you send the CSR >> to the CA for gettting the trusted certificate. So I sent the CSR and got >> the three certificates from the trusted authority. The root certificate, >> chain certificate and the signed certificate. I imported all the >> certificate files one by one following the sequence root, chain and >> signed >> certificate. >> >> But now there is some error by which I am not able to >> see the page when I write the URL with >> https://xxxx.xxx.xxx:8443/gridsphere. But if I give >> http://xxxx.xxx.xxx:8080/ tomcat is starting and also also >> http://xxxx.xxx.xxx:8080/gridsphere the gridsphere application is >> starting. I shutdown the tomcat and also restarted the tomcat by making >> all these changes. But still it didn't showed up. The error shown is as >> follows:- >> >> Sep 2, 2006 1:39:14 PM org.apache.coyote.http11.Http11BaseProtocol start >> SEVERE: Error starting endpoint >> java.io.IOException: Couldn't find private key in this file >> at >> org.apache.tomcat.util.net.puretls.PureTLSSocketFactory.init(PureTLSSocketFactory.java:149) >> at >> org.apache.tomcat.util.net.puretls.PureTLSSocketFactory.createSocket(PureTLSSocketFactory.java:69) >> at >> org.apache.tomcat.util.net.PoolTcpEndpoint.initEndpoint(PoolTcpEndpoint.java:292) >> at >> org.apache.tomcat.util.net.PoolTcpEndpoint.startEndpoint(PoolTcpEndpoint.java:312) >> at >> org.apache.coyote.http11.Http11BaseProtocol.start(Http11BaseProtocol.java:149) >> at >> org.apache.coyote.http11.Http11Protocol.start(Http11Protocol.java:95) >> at >> org.apache.catalina.connector.Connector.start(Connector.java:1089) >> at >> org.apache.catalina.core.StandardService.start(StandardService.java:459) >> at >> org.apache.catalina.core.StandardServer.start(StandardServer.java:680) >> at org.apache.catalina.startup.Catalina.start(Catalina.java:536) >> at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) >> at >> sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39) >> at >> sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25) >> at java.lang.reflect.Method.invoke(Method.java:585) >> at org.apache.catalina.startup.Bootstrap.start(Bootstrap.java:275) >> at org.apache.catalina.startup.Bootstrap.main(Bootstrap.java:413) >> Sep 2, 2006 1:39:14 PM org.apache.catalina.startup.Catalina start >> SEVERE: Catalina.start: >> LifecycleException: Protocol handler start failed: java.io.IOException: >> Couldn't find private key in this file >> at >> org.apache.catalina.connector.Connector.start(Connector.java:1091) >> at >> org.apache.catalina.core.StandardService.start(StandardService.java:459) >> at >> org.apache.catalina.core.StandardServer.start(StandardServer.java:680) >> at org.apache.catalina.startup.Catalina.start(Catalina.java:536) >> at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) >> at >> sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39) >> at >> sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25) >> at java.lang.reflect.Method.invoke(Method.java:585) >> at org.apache.catalina.startup.Bootstrap.start(Bootstrap.java:275) >> at org.apache.catalina.startup.Bootstrap.main(Bootstrap.java:413) >> >> >> Can somebody tell me what mistake I am doing. Have anybody >> faced the same problem before. >> >> Thanking you, >> Keyur >> >> >> >> >> >> >> --------------------------------- >> All-new Yahoo! Mail - Fire up a more powerful email and get things done >> faster. > > > > > --------------------------------------------------------------------- > To start a new topic, e-mail: users@tomcat.apache.org > To unsubscribe, e-mail: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED] > > > > > --------------------------------- > How low will we go? Check out Yahoo! Messengers low PC-to-Phone call > rates. > -- View this message in context: http://www.nabble.com/Error-while-converting-tomcat-container-from-http-to-https-tf2230735.html#a6244765 Sent from the Tomcat - User forum at Nabble.com. --------------------------------------------------------------------- To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]