Hi,
I am trying to setup a Tomcat 6.0.16.0/Axis2 1.3 combination using HTTPS
connectivity. The machine is running on AIX with an IBM JDK5...
After configuring HTTPS in server.xml by:
<Connector port="8080" connectionTimeout="20000" scheme="https"
secure="true" debug="10" SSLEnabled="true" algorithm="IbmX509"
keystoreFile="conf/keystore" keystorePass="emagine" clientAuth="false"
maxHttpHeaderSize="8192" allowTrace="true" alias="tomcat"
truststoreFile="conf/keystore" truststorePass="emagine" />
The keystore is properly generated and gets read upon Tomcat starting up:
----------------------------------------------------------------------------
***
found key for : tomcat
chain [0] = [
[
Version: V3
Subject: CN=hostname, OU=Unknown, O=Some Company, L=Frankfurt,
ST=Germany, C=DE
Signature Algorithm: SHA1withDSA, OID = 1.2.840.10040.4.3
Key: IBMJCE DSA Public Key:
1101875205480948287113762571182603954171081492294072340935647672002184786011003216506042732219085256508724886035809875598372032797071912523681226049632332697
29313007298780303022913848325612157676219396023035090034471325854025863722427785141790280802270182659236245978325266744766279713673387084071498707580084
Validity: [From: Wed Jun 04 09:46:09 GMT+01:00 2008,
To: Thu Jun 04 09:46:09 GMT+01:00 2009]
Issuer: CN=hostname, OU=Unknown, O=Some Company, L=Frankfurt,
ST=Germany, C=DE
SerialNumber: [1212569169]
]
Algorithm: [SHA1withDSA]
Signature:
0000: 30 2c 02 14 7b 08 ac 5d 5c ac de 55 7d e6 46 22 0..........U..F.
0010: 61 e1 e1 94 ca c6 63 01 02 14 2e 01 af 24 e8 c8 a.....c.........
0020: 98 8d 9e dc 0d 6d c9 75 f5 ea fc 10 a6 34 .....m.u.....4
]
----------------------------------------------------------------------------
I tried accessing the server under https://hostname:8080/ and keep getting
the following error in catalina.out (Firefox reports not being able to
find common encryption algorithms):
----------------------------------------------------------------------------
http-8080-1, setSoTimeout(20000) called
http-8080-1, READ: SSL v2, contentType = Handshake, translated length = 83
*** ClientHello, SSLv3
RandomCookie: GMT: 0 bytes = { 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 37,
165, 36, 210, 22, 2, 241, 22, 187, 73, 139, 255, 223, 69, 154, 9 }
Session ID: {}
Cipher Suites: [SSL_DHE_RSA_WITH_AES_256_CBC_SHA,
SSL_DHE_DSS_WITH_AES_256_CBC_SHA, SSL_RSA_WITH_AES_256_CBC_SHA,
SSL_DHE_RSA_WITH_AES_128_CBC_SHA, SSL_DHE_DSS_WITH_AES_128_CBC_SHA,
SSL_RSA_WITH_RC4_128_MD5, SSL_RSA_WITH_RC4_128_SHA,
SSL_RSA_WITH_AES_128_CBC_SHA, SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA,
SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA, SSL_RSA_FIPS_WITH_3DES_EDE_CBC_SHA,
SSL_RSA_WITH_3DES_EDE_CBC_SHA, SSL_DHE_RSA_WITH_DES_CBC_SHA,
SSL_DHE_DSS_WITH_DES_CBC_SHA, SSL_RSA_FIPS_WITH_DES_CBC_SHA,
SSL_RSA_WITH_DES_CBC_SHA, SSL_RSA_EXPORT1024_WITH_RC4_56_SHA,
SSL_RSA_EXPORT1024_WITH_DES_CBC_SHA, SSL_RSA_EXPORT_WITH_RC4_40_MD5,
SSL_RSA_EXPORT_WITH_RC2_CBC_40_MD5]
Compression Methods: { 0 }
***
http-8080-1, SEND TLSv1 ALERT: fatal, description = handshake_failure
http-8080-1, WRITE: TLSv1 Alert, length = 2
http-8080-1, called closeSocket()
http-8080-1, handling exception: javax.net.ssl.SSLHandshakeException:
Client requested protocol SSLv3 not enabled or not supported
http-8080-1, called close()
http-8080-1, called closeInternal(true)
----------------------------------------------------------------------------
Changing the SSL protocols used in Firefox did not help at all...
I am at my wits end here and would really appreciate any help.
Rgds,
Andreas
---------------------------------------------------------------------
To start a new topic, e-mail: users@tomcat.apache.org
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
