-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Manish,
On 9/9/16 2:47 AM, Palod, Manish wrote: > Hi All, Previously I was using apache web server and tomcat for SSL > redirection and web server, in that case redirection from apache to > tomcat was working fine. > > Now I have removed the apache web server and using tomcat only for > ssl settings also [server.xml sslEnabled and other related > settings], things are in general working fine, in one case > redirection is not happening properly. > > Following are the details about my server.xml = <Connector > port="80" address="<address>" protocol="HTTP/1.1" > connectionTimeout="20000" maxPostSize="10485760" redirectPort="444" > URIEncoding="UTF-8"/> > > <!-- To disable TLSv1.0, add sslEnabledProtocols="TLSv1.1,TLSv1.2" > to connector --> <Connector port="443" protocol="HTTP/1.1" > SSLEnabled="true" maxThreads="150" scheme="https" secure="true" > keystoreFile="conf/my-server.keystore" keystorePass="<xxx>" > keystoreType="jks" compression="on" > compressableMimeType="text/html,text/xml,text/plain,text/javascript,te xt/css,application/x-javascript,application/javascript" > > address="<address>" > ciphers="<ciphers>" clientAuth="false" sslProtocol="TLS" > sslEnabledProtocols="TLSv1,TLSv1.1,TLSv1.2" redirectPort="444" > maxPostSize="10485760"/> > > <Connector port="444" protocol="HTTP/1.1" SSLEnabled="true" > maxThreads="150" scheme="https" secure="true" > keystoreFile="conf/my-server.keystore" keystorePass="<xxx>" > keystoreType="jks" compression="on" > compressableMimeType="text/html,text/xml,text/plain,text/javascript,te xt/css,application/x-javascript,application/javascript" > > address="<address>" > truststoreFile="conf/ca.keystore" truststorePass="<yyy>" > truststoreType="jks" clientAuth="true" sslProtocol="TLS" > sslEnabledProtocols="TLSv1,TLSv1.1,TLSv1.2" ciphers="<ciphers>" > redirectPort="443" maxPostSize="10485760"/> = > > When I type, http://<IP-Address<http://%3cIP-Address>>, I am able > to access the server and able to perform the client-auth and > server-auth operation > > But when we try, https://<IP-Address<https://%3cIP-Address>>, it > fails What version of Tomcat? Please post the full Tomcat startup log from catalina.out. No particular applications need to be deployed -- just let Tomcat start on its own and post the log. - -chris -----BEGIN PGP SIGNATURE----- Comment: GPGTools - http://gpgtools.org Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/ iQIcBAEBCAAGBQJX0wFfAAoJEBzwKT+lPKRYPXcP/RHRSd9rriZMH835rYYYtQK5 b4Ia+pLzH70YoatDeghwkbZYnVKk18gVq7PBGgID9WnP2aUtM1i1sMG5TpALy4Mz 6wnrwZTxtQgNyBMTe0G3QPc3k9YXmuScldi7LOaIoWVfVRONWJ3jP3LlBmAdaXGL /QpyQG7CPd9CHiaYcKoh46oWVpknJ42NEFlMcpspD53bTgerTbIt5Q/ps5Y9FW8s Znwb/zz7OIibzy/8C8hWZ0ycXYQzTNEfXxupI7DFJ5sUe2qLON9heeDKII69MVdi XBsjhFW6DozN6CYXzSpzir574Us8pWXuMbGtGADIfy+xRpM8ISWqwDYB2XKgUuEc bf5Mi6chxTGgKXowKdVpQskPOwlWOudDe58B4guYzCCpCGBX0vL4OJgNiDa+OkQk uIOK8VDWPaWLs/cMjbj3uehr2KXCaH3UVDETILtq3BdMP3Vhvezbpmmyc2ubtyhn gBr43fY3C7E7nUIlLixgh+yT9z9DUUUz7HKgWs42mTWyW5miH/NrR5S+tP+AQU8Z EYxFyE8k1i3ccrdUa9cO0j/PJrsXLT7o5dF43CAWmgMgbFy82jdeX/HLvb3hGLmD lsJdBuZ7g49k2+e/vKRew2kpYquAJ9BOQY4jzRnc0Ki1pxLj/z3DV5rdujNBQV4z jGNiY+1ZuxTR89sR1zmL =5rGv -----END PGP SIGNATURE----- --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
