Hi,
I have a Debian machine where previously, Tomcat 5.5 was installed
(using the Tomcat 5.5 Debian package). "uname -a" returns:
Linux server02 2.6.26-2-amd64 #1 SMP Sun Jul 26 20:35:48 UTC 2009 x86_64
GNU/Linux
Now, for some reason I installed Tomcat 6 by using the binary
distribution of Tomcat 6.0.20 downloadable from the website (because
there's no Debian package for Tomcat 6 yet). I copied over the
configuration files: logging.properties, server.xml, tomcat-users.xml
and everything works fine except SSL.
The server listens on port 80 for HTTP requests and on port 443 for
HTTPS requests. With the exact same configuration and certificate file,
SSL works with Tomcat 5.5 but not with Tomcat 6. Everything else works
without any flaws.
When I try to access the server using "https://myserver.com/" in
firefox, the error code "ssl_error_rx_record_too_long" appears. However,
no errors are logged at all, although I set everything to ALL in the
logging.properties file.
I even converted the PKCS12 certificate I use to JKS format but although
keytool shows the certificate just fine, using the JKS keystore has the
same effect.
I use the following connector settings in /opt/tomcat6/conf/server.xml:
<Connector
port="443"
scheme="https"
secure="true"
clientAuth="false"
sslProtocol="TLS"
keystoreFile="/opt/tomcat6/conf/cert.p12"
keystorePass="*************"
keystoreType="pkcs12"
maxHttpHeaderSize="8192"
maxThreads="150"
minSpareThreads="25"
maxSpareThreads="75"
enableLookups="false"
connectionTimeout="20000"
disableUploadTimeout="true"
acceptCount="100"
/>
Tomcat is run as root (for now at least), so permission problems should
not occur. Of course /opt/tomcat6/conf/cert.p12 exists and is a valid
certificate.
I would be extremely grateful if someone has an idea on how I could
attempt to debug this strange problem.
Thanks in advance!
Best regards
Markus
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org