Kobe,
nothing is wrong. It was just my lack of familiarity with the SSL client that was the
cause of my puzzlement. Konstantin's answer already cleared that up for me.
I was just wondering what you were trying to do, connecting to Tomcat with a command-line
client, and you did not provide a lot of contextual information along with your question,
to explain that. Had you for example added a phrase like "To check that the SSL
connection is working, I am trying to connect to Tomcat's SSL Connector using the OpenSSL
command-line client, and the answer I am getting is this : ..", things would have been
clearer, even for me.
You see, on the list we get all kinds of questions, from all kinds of people.
Sometimes posters here try to have Tomcat serve the morning coffee, and wonder why it
doesn't work. Sometimes they seem to think that this is the Apache httpd or Weblogic
support list.
André
Kobe wrote:
Actually, whether it be webaccess or webservice access, i not follow
your confusion. pleas explain why this is wrong.
/Kobe
Kobe wrote:
Tomcat is also a servlet container and may be used to host web services.
That is the case here. the web service client is hosted in a BEA weblogic
server
and attempts to connect to the web service over SSL.
/Kobe
awarnier wrote:
Kobe wrote:
I build tcnative and apr from src with exist ver of openssl (means
openssl
not
build my me). I load apr connector in tomcat as below.
when my client connect, I cannot connect: i get "bad version".
please explain what I do wrong?
server# ./apr-1-config --version
1.4.5
server#
server# openssl version
OpenSSL 0.9.8e-fips-rhel5 01 Jul 2008
server#
/// APR Connector Configuration in Tomcat6
<Connector port="443"
protocol="org.apache.coyote.http11.Http11AprProtocol"
enableLookups="false" disableUploadTimeout="true"
acceptCount="100" scheme="https" secure="true"
SSLCertificateFile="server_certificate.pem"
SSLCertificateChainFile="cachain.pem"
SSLCertificateKeyFile="server.key"
/>
$ openssl s_client -connect server.xxx.net:443 -debug -ssl3
CONNECTED(00000003)
write to 0x100119470 [0x100815e00] (95 bytes => 95 (0x5F))
0000 - 16 03 00 00 5a 01 00 00-56 03 00 4e b5 d4 3e 2d
....Z...V..N..>-
0010 - 57 eb 94 3c f8 0f a0 55-76 75 21 7c b3 f1 37 6f
W..<...Uvu!|..7o
0020 - 99 2b 68 7c 65 b7 c9 2c-f6 1f dd 00 00 2e 00 39
.+h|e..,.......9
0030 - 00 38 00 35 00 16 00 13-00 0a 00 33 00 32 00 2f
.8.5.......3.2./
0040 - 00 9a 00 99 00 96 00 05-00 04 00 15 00 12 00 09
................
0050 - 00 14 00 11 00 08 00 06-00 03 00 ff 02 01 ..............
005f - <SPACES/NULS>
read from 0x100119470 [0x100811400] (5 bytes => 5 (0x5))
0000 - 48 54 54 50 2f HTTP/
write to 0x100119470 [0x10081b800] (7 bytes => 7 (0x7))
0000 - 15 03 00 00 02 02 28 ......(
44414:error:1408F10B:SSL routines:SSL3_GET_RECORD:wrong version
number:/SourceCache/OpenSSL098/OpenSSL098-35.1/src/ssl/s3_pkt.c:293:
$
Hi.
I don't know if other members of this list will be as puzzled as I am,
but it is not clear
to me what you are trying to achieve.
I mean that Tomcat is in principle a web server, normally answering web
browser requests
(via HTTP or HTTPS). What are you trying to do when you access it with
the above type of
client, and what are you sending to Tomcat, and why ?
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org
