I have an application that runs on secure channel, I want to configure a secure port. I am adding following connector into my tomcat server.xml file
<Connector port="8443" protocol="HTTP/1.1"
maxThreads="150" secure="true"
clientAuth="false" />
It connects to server when I hit
https://localhost.com:8443
in browser, but I never get response back, it connects to server forever.
I would really appreciate any help on this.
Thanks.
It is because you configuration is not complete. Take a look at this tutorial:
http://tomcat.apache.org/tomcat-7.0-doc/ssl-howto.html
It has to look more like this:
<Connector
protocol="HTTP/1.1"
port="8443" maxThreads="200"
scheme="https" secure="true" SSLEnabled="true"
keystoreFile="${user.home}/.keystore" keystorePass="changeit"
clientAuth="false" sslProtocol="TLS"/>
Without SSLEnabled="true" there will be no encryption.
I found the issue was due to a webservice was down that my application is depend upon, that is why request were stuck forever.
However the above configuration for configuring fake secure port worked for me.
Related
I have created my Rest API in java and working fine with HTTP. But to secure transportation I have made some changes in server.xml file in eclipse.
First I have created self signed certificate and password for that and mentioned that information in server.xml file like below (All done in windows 7)
<Connector connectionTimeout="20000" port="8080" protocol="HTTP/1.1" redirectPort="8443"/>
<Connector port="8443" protocol="org.apache.coyote.http11.Http11NioProtocol"
maxThreads="150" SSLEnabled="true" scheme="https" secure="true"
clientAuth="false" sslProtocol="TLS"
keystoreFile="E:\\SSL\\Certificate.pfx" keystorePass="Certificate123" />
But sill am not able to connect webserver with HTTPS.
Can anyone tell me what am doing wrong here ?
It looks like you're using apache-tomact and it also looks like you have created a keystore in the pkcs12 format.
Try adding the keystoreType="PKCS12" attribute to the connector element.
You can find additional details here.
I get the same problem with this topic
I already try 2 days but still not works at all..
this is my server.xml
<Connector port="8080" protocol="HTTP/1.1"
connectionTimeout="20000"
redirectPort="8443" />
<Connector port="443" protocol="HTTP/1.1" SSLEnabled="true"
maxThreads="150" scheme="https" secure="true"
clientAuth="false" sslProtocol="TLS"
keystoreFile="/root/xyz.jks"
keystorePass="asdfasdf" />
what step I do:
create file.jks
create file.csr
submit to comodo
then comodo send me a link and a code for verification
after verification, comodo send me a file.zip with 4 *.crt
then I store all that file with keytool.
after store it, I configure the server.xml like the code at above
then I tried to run my tomcat 8.
then I tried to open https://example.com:8443 or https://example.com:443
it always like this
then I tried with http://example.com:8080/index.html
my index.html run well..
Can someone suggest me what must I do again?
What's wrong with my configuration?
We have some problems with SSO (single sign on) authentication. We use JASIG CAS and our implmentation is not working. It is allert "You are currently accessing CAS over a non-secure connection. Single Sign On WILL NOT WORK. In order to have single sign on work, you MUST log in over HTTPS." But we added the sertificate to Tomcat server.xml
our settings in server.xml
<Connector port="8443"
protocol="org.apache.coyote.http11.Http11NioProtocol"
SSLEnabled="true"
maxThreads="150"
scheme="https"
secure="true"
clientAuth="false"
sslProtocol="TLS"
keyAlias="myalias"
keystoreFile="C:\Program Files\Java\jdk1.8.0_65\bin\ssoServer.jks"
keystorePass="12345678" />
If you did add the cert, then why are you going over localhost and 8080?
I've got a problem setting up my tomcat on linux for secure connection. My servlets work fine for normal http requests, but when changing the server.xml file to https configuration, the servlet is only addressable through the intern IP. I created a .keystore file in my home directory. The fact, that the https connection(after accepting the certificate) works within the intern network makes me believe it is a router related problem (I opend and forwarded port 8443 on my router).
Thanks for any help!
Server.xml:
<Connector port="8080" protocol="HTTP/1.1" connectionTimeout="20000" URIEncoding="UTF-8" redirectPort="8443"/>
...
<Connector port="8443" protocol="HTTP/1.1" SSLEnabled="true"
maxThreads="150" scheme="https" secure="true"
clientAuth="false" sslProtocol="TLS"
keystoreFile="/home/user/.keystore"
keystorePass="password" />
I am trying to get self signed certificate for my website. I created a certificate using "Keytool" and then made following changes in conf/server.xml
<Connector connectionTimeout="20000" port="8080" protocol="HTTP/1.1"
redirectPort="8443" />
<Connector SSLEnabled="true" clientAuth="false"
keystoreFile="c:\tomcat\keystore\.keystore" keystorePass="changeit"
maxThreads="150" port="8443" protocol="HTTP/1.1" scheme="https"
secure="true" sslProtocol="TLS" />
When i run the tomcat server externally and type the URL https://"localhost":8443 (No quotes around localhost) it works but when i run the tomcat server in Eclipse i get 404 error.
Can anyone please help me with this. Thanks in advance.
I referred to the below sites for help.
http://technology-for-human.blogspot.com/2011/08/ssl-in-tomcat-under-eclipse-part-1-self.html
Eclipse WTP: How do I enable SSL on Tomcat?
According to https://tomcat.apache.org/tomcat-7.0-doc/config/http.html
the sslProtocol property should be one of the followings: SSLv2, SSLv3, TLSv1, TLSv1.1, TLSv1.2, all.
Try putting "TLSv1+TLSv1.1+TLSv1.2".
Be sure there's no exceptions regarding the keystore's path or password.
And last but not least, remove the redirectPort property from others Connectors.