tomcatsslopenssljava-6

Tomcat: Trouble with SSL https connection on port 8443

We are having trouble with the https (port 8443) connection on an app that runs on Tomcat 7. The app is running fine on http (port 80) now. I have uncommented the "Define a SSL ..." section in the server.xml file and set all the property values (see below). However, when I try to run the app through a browser, I get the error, "The remote device or resource won't accept the connection."

Also, when I run a port utility on the server to see what ports are open and listening, it displays port 80 for Tomcat, and port 443 is also listening. Java version 1.6, Tomcat 7 versions.

Any ideas would be greatly appreciated as I've been banging my head on this one for weeks.

<connector port="443" maxhttpheadersize="8192" maxthreads="150" minsparethreads="25" 
            maxsparethreads="75" enablelookups="false" disableuploadtimeout="true" acceptcount="100" 
            scheme="https" secure="true" sslprotocol="TLS" clientauth="false" 
            keystorefile="K:/tomcat1.keystore" keystorepass="password"

command i used to generate keystore file

keytool -genkey -alias tomcat -keyalg RSA -keystore K:/tomcat1.keystore

password: password

I could see in cmd prompt- OpenSSL succeessfully initiated while starting tomcat server.

Help me out

Solution

  • Atlast it started working... Installed new copy of server, modified server.xml as below,

    <Connector connectionTimeout="20000" port="8080" protocol="HTTP/1.1" 
           redirectPort="8443"/>
<!-- A "Connector" using the shared thread pool-->
<!--
<Connector executor="tomcatThreadPool"
           port="8080" protocol="HTTP/1.1"
           connectionTimeout="20000"
           redirectPort="8443" />
-->
<!-- Define a SSL HTTP/1.1 Connector on port 8443
     This connector uses the JSSE configuration, when using APR, the
     connector should be using the OpenSSL style configuration
     described in the APR documentation -->

<Connector SSLEnabled="true" acceptCount="100" clientAuth="false" 
           disableUploadTimeout="true" enableLookups="false" 
           keystoreFile="k:/tomcat.keystore" keystorePass="*****" 
           maxThreads="25" port="8443" 
           protocol="org.apache.coyote.http11.Http11NioProtocol" 
           scheme="https" secure="true" sslProtocol="TLS"/>

<!-- Define an AJP 1.3 Connector on port 8009 -->
<Connector port="8009" protocol="AJP/1.3" redirectPort="8443"/>

    Used below command to generate keystore file

    keytool -genkey -alias tomcat -keyalg RSA -keystore k:/tomcat.keystore