Hi, although I've read all the docs and FAQs I could find, I can't get Tomcat 5.5.15 to do SSL on Windows with SUN JDK 1.5.
I've imported the keys according to the docs, starting with the root CA cert and going all the way up until the cert that matches my key request. Then I've copied the keystore file "keystore" into CATALINA_HOME and configured Tomcat like such: <!-- Define a SSL HTTP/1.1 Connector on port 443 --> <Connector port="443" maxHttpHeaderSize="8192" maxThreads="150" minSpareThreads="25" maxSpareThreads="75" enableLookups="false" disableUploadTimeout="true" acceptCount="100" debug="99" scheme="https" secure="true" clientAuth="false" sslProtocol="TLS" keystoreFile="keystore" keystorePass="changeit" /> All environment variables are set, JAVA_HOME plus CATALINA_HOME pointing to the right directories. When I start Tomcat, there's nothing special in the logs. Pointing a browser to https://localhost/ just times out. Doing the same using the OpenSSL tool gives me $ openssl s_client -connect localhost:443 -showcerts -state CONNECTED(00000003) SSL_connect:before/connect initialization SSL_connect:SSLv2/v3 write client hello A 2644:error:140790E5:SSL routines:SSL23_WRITE:ssl handshake failure:s23_lib.c:188: Interesting point: Pointing the browser to http://localhost:443/ works. Since I don't find anything in the logs, I'm lost. Remaining issues are: 1) Should I import the server certificate under the alias "tomcat" oder the name of the host? There's different documentation about this. 2) Can I increase logging somehow, to see what's going on inside the SSL factory/connector? Any help is appreciated... Kind regards Christian Aust Development mySAP Human Resources Pecaso Deutschland Im Breitspiel 5 - 69126 Heidelberg - Germany Phone: +49 (0) 6221 3106-270 - Fax: +49 (0) 6221 3106-275 Mobil: +49 (0) 151 171 56 191 mailto:[EMAIL PROTECTED] - http://www.pecaso.com/ ________________________________________________________________________ This email has been scanned for all viruses by the MessageLabs SkyScan service. ________________________________________________________________________ --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
