Hello, I'm trying to get my web app, which is otherwise running fine on port 80 to respond on SSL. Sorry if this is a resend. I only just started getting list messages so my first may not have gone. Don't intend to bump.
Scenario: The server in question is a Windows12 web application host running Tomcat 8.0.26. Running on Tomcat is a java application which accepts port 80 connections from another host across the 'net. I have firewall rules configured to allow port 80 and 443 traffic between the servers. 80 This is working fine. I'm not running IIS - only Tomcat. However, we don't want to have our data stream exposed clear text over the internet - we need to use SSL. I have used %JAVA_HOME%\bin\keytool to generate a keystore and then have configured the InBound SSL Settings in my apps config.properties file with the path to the keystore and the password. The # lines are variations on the path to the truststore that I have attempted unsuccessfully. I'm using the default certificate, below. Webclients will not be connecting so we don't need a commercial certificate. This is a server to server web call. ############################## # Inbound SSL Settings ############################## org.apache.felix.https.enable=true org.osgi.service.http.port.secure=443 org.apache.felix.https.keystore=E:\keystore\scilexcon #org.apache.felix.https.keystore=./keystore/scilexcon org.apache.felix.https.keystore.password=redacted org.apache.felix.https.keystore.key.password= redacted org.apache.felix.https.truststore=E:\keystore\scilexcon #org.apache.felix.https.truststore=C:\Program Files\Java\jre1.8.0_60\lib\security\cacerts #org.apache.felix.https.truststore=./keystore/scilexcon org.apache.felix.https.truststore.password= redacted I've also configured the java runtime of my application with the trustore path: -Djavax.net.ssl.trustStore=E:\keystore\scilexcon An http connect to my connect runtime is successful. http://<hostname> https://<hostname> times out Netstat -a reveals that port 443 is listening on <hostname> Documents I have used so far is one documenting the Inbound SSL connections of my apps config file, and the SLL documentation of Apache Tomcat http://<hostname>8080/docs/ssl-howto.html In my server.xml, I've unremmed the connector section and changed the connector port to 443: <Connector port="443" protocol="org.apache.coyote.http11.Http11NioProtocol" maxThreads="150" SSLEnabled="true" scheme="https" secure="true" clientAuth="false" sslProtocol="TLS" /> Define an AJP 1.3 Connector on port 8009 --> <Connector port="8009" protocol="AJP/1.3" redirectPort="443" /> I've looked through my logs, but don't find anything to indicate why it just clocks until timing out. Maybe I'm missing something? Having read the SSL howto, I don't think I've missed anything. Thanks for your help. __________________________________________ Gregory Beyer gbey...@gatech.edu --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
