On 13 January 2015 at 16:11, Christopher Schultz < ch...@christopherschultz.net> wrote:
> -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA256 > > Alexandre, > > On 1/13/15 1:37 PM, Alexandre Lima wrote: > > Hello! This is the first time I'm using tomcat, so I'm a little bit > > lost... > > Welcome! Configuring SSL always turns out to be a pain in the neck. > > > Using the tutorials, I could make the server and the application I > > want to run with it work. The only modification I did until now was > > changing the http port from 8080 to 80, I did that changing the > > http conector on servers.xml, enabling authbind and executing the > > folowing commands: > > > > sudo touch /etc/authbind/byport/80 sudo chmod 500 > > /etc/authbind/byport/80 sudo chown tomcat7 /etc/authbind/byport/80 > > > > So, the server and the application I want to use with it are > > actually working on port 80 > > You've confirmed this? I've never used authbind before, so I just > wanted to make sure that you have Tomcat working properly with non-SSL > before you try to add SSL. > > > , but the next and last step, which is enabling an SSL connection, > > isn't working. > > > > What I did following the site's tutorial was: created my self > > signed certificate with keytools and put it on > > /home/myuser/key.keystore > > Can you outline the steps you took? Where is your keystore? > > > Additionally, I've created the folowing conector: > > > > <Connector port="8443" > > protocol="org.apache.coyote.http11.Http11Protocol" > > SSLEnabled="true" maxThreads="200" scheme="https" secure="true" > > keystoreFile="/home/myuser/key.keystore" keystorePass="mypass" > > clientAuth="false" sslProtocol="TLS" /> > > That looks good so far. > > > Saved it, restarted server and accessed https://myip:8443, but it > > isn't working. Chrome says "No data recieved" and "Unable to load > > the webpage because the server sent no data and "Error code: > > ERR_EMPTY_RESPONSE". > > > > Firefox says that the connection was reset while the page was being > > loaded. > > > > That's where I am now. I don't know what to try anymore. > > Try: > > $ telnet localhost 8443 > > (on the server with Tomcat running) > > That will tell you if the port is open (it should be, otherwise you'd > be getting different errors from Chrome and ff) and what, if anything, > gets dumped to it when you connect. > > If you get a connection and nothing happens, try submitting a request > like this: > > $ telnet localhost 8443 > GET / > > [output goes here] > > Post the results of the above if you get anything. > > Dumb question: you restarted Tomcat after updating server.xml, right? > > - -chris > -----BEGIN PGP SIGNATURE----- > Version: GnuPG v1 > Comment: GPGTools - http://gpgtools.org > > iQIcBAEBCAAGBQJUtW3WAAoJEBzwKT+lPKRYzVMP/Rl9RP6tpuU+leyUcyNjLy+2 > hMSmXJ1GfttVxuC6KmD+leV19uyd6dKu16dA4v/LZMX+Un7uQIfY97vUleqg1LkA > HnwQYv6Sond5TOJR4PeY644qULBOOh4Bi+kJuS4HFjrAUCcG6KHSJfkhLluX/w6c > +I4/G5MYQQ0r68TOnLAn9ijTZl957ekj3ainc4XmL1U5BA7q0/fOttgVmytuUq3k > q3Kh/IU1S2ovu4milc0IWGcQttlZ9cn1nZf/nGZyuyWun0gQNLL5oX6ZY5ys5x1D > 1LQ1TZWb6XL3TK1qBHvbs+u4qnfl3ZSWEKMWntYq0JHLDC2lvL8QcLvVkPguYN/W > 6HHEp4fNfmqeWLvS7aj6ugNT6UQ4iWxhPJ882YeVQ06D9sLHGL5gIqJE+OPYp8pU > hyA7MnGDwKpbrTRq6u+QOUUF4Z+g/j++xTsdBk/+rrzaZs4HuLsBtikRbOoNr6ZJ > 4c1WnuUiFkXbWYkMOEA9p3/Iy/nIay1aAmnqBEuWSBr83+WJvkB+/Nyf4HDZX6Ti > AElDG4K6yBVtN1bThmwFfWOPqO+zieP/RhdHUgVw7VOU7hi4xBMpcF+UZKImrkGs > kfN0tqSMriAQ7CL49UbrFxY4bsC0u4uVRJyoB4EOtaPy9cQH01rIrlotwOuPOwD4 > lK/2rtEZo3uAazzi7oTP > =sNDG > -----END PGP SIGNATURE----- > > --------------------------------------------------------------------- > To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org > For additional commands, e-mail: users-h...@tomcat.apache.org > > Thank you for the reply Christopher! I've used the command: keytool -genkey -alias tomcat -keyalg RSA -keystore /home/myuser/key.keystore to generate the keystore. I should put the keystore in some special directory or this one is fine? So, after, requesting: telnet localhost 8443 I got some strange stuff: ~$ telnet localhost 8443 Trying ::1... Connected to localhost. Escape character is '^]'. GET / ^U^C^A^@^B^B And yes, I've restarted it :) -- -- Alexandre Lima
