Tomcat5 SSL not working

Question

I am working on a Windows 2008 Server and have successfully set up a webapp on Tomcat v5.5. I can access the app via http, but not via https.

In my Tomcat server.xml, I have defined the https connector as follows:

<Connector port="443" maxHttpHeaderSize="8192" maxThreads="150" minSpareThreads="25" maxSpareThreads="75" 
           enableLookups="false" disableUploadTimeout="true" acceptCount="100" scheme="https" secure="true" 
           SSLEnabled="true" clientAuth="false" sslProtocol="TLS" 
           keyAlias="server" keystoreFile="C:/Program Files (x86)/Java/jdk1.6.0_25/bin/<keystore>.jks" 
           keypass="<keypass>" URIEncoding="UTF-8" />

I've also verified that the keystore file exists and that I can view the certificate contained within using the specified keypass. Is there anything else I'm missing? I did NOT create the keystore file locally, but rather copied it from another system. Do I need to "install" it somehow? Lastly, does IIS have to be installed/configured to access Tomcat via https locally?

I also cannot access Tomcat in general via https in the browser:

https://localhost/

Accessing Tomcat via http works fine:

http://localhost/

No errors as far as I can see. I've searched through all the logs. When I try connecting it just spins for a while, then finally says 'This page can't be displayed' in IE (not by choice) — Bob ., Nov 22 '13 at 01:55
No dice. The file, catalina.2013-11-21, doesn't have any statements indicating an attempt to connect to it. Should I add more logging? — Bob ., Nov 22 '13 at 02:41
When you did `http://localhost/` did the tomcat web page appear? — Scary Wombat, Nov 22 '13 at 02:44
Yes, when I ran `http://localhost/` it did, but not when I ran `https://localhost/` — Bob ., Nov 22 '13 at 02:45

score 0 · Answer 1 · answered Nov 22 '13 at 02:53

0

My server.xml looks like (and works)

   <Connector port="8443" SSLEnabled="true"
           protocol="org.apache.coyote.http11.Http11Protocol"
               maxThreads="150" scheme="https" secure="true"
           keystoreFile="conf/tomcat.keystore" keystorePass="blah123"
               clientAuth="false" sslProtocol="TLS" />

so your file with <keystore>.jks looks wrong - no angle brackets eh.

answered Nov 22 '13 at 02:53

Scary Wombat

44,617
6
35
64

I put in the brackets simply to indicate that it's a file. The actual filename does not contain any unusual characters – Bob . Nov 22 '13 at 03:02
I think the problem may be that I'm reusing a certificate from a different machine. – Bob . Nov 22 '13 at 03:17
well maybe you should try doing it from the same machine then. – Scary Wombat Nov 22 '13 at 04:19

Tomcat5 SSL not working

1 Answers1