4 Replies Latest reply on Apr 19, 2004 4:23 AM by nitin888

    SSL with Tomcat in JBOSS 3.2.3

    acox
    acox Apr 5, 2004 11:42 AM

      I've read the documemtation and attempted the fixes listed in the forums. No matter what I add to jboss-service.xml (conf and deploy), I always get startup errors regarding loading TLS classes, and SSL errors when connecting to the SSL tomcat instance. So, I am able to get encrypted SSL traffic, but I get errors in my log files.

      So, what are the definitive steps to configuring SSL with Tomcat?
      If I want to use a minimal install, rather than all, what additional files need to be copied into the minimal directory?

      server.log.2004-03-29:2004-03-29 15:17:36,195 DEBUG [org.apache.tomcat.util.net.SSLImplementation] Error loading SSL Implementation org.apache.tomcat.util.net.puretls.PureTLSImplementation

      I'd assume the steps should be something like:
      1) copy a list of files from all to minimal (or some directory copied from minimal)
      2) create keystore
      3) edit minimcal/conf/jboss-service.xml
      4) edit minimal/deploy/jbossweb-tomcat41.sar/META-INF/jboss-service.xml
      5) start jboss and you'll see no errors regarding SSL or TLS in any of your log files

      Please point me to an accurate document, if one exists, that actually details how to accomplsh these tasks.

      • 4528 Views
      • Tags:
        • 1. Re: SSL with Tomcat in JBOSS 3.2.3
          starksm64
          starksm64 Apr 5, 2004 12:10 PM (in response to acox)

          This is not a valid error, it is really a debug message as indicated by the log4j level. Tomcat is looking for various SSL implementation choices and the 'Error' about PureTLSImplementation simply means it could not be found. It will default to the JDK JSSE implementation and work fine.

            • Actions
          • 2. Re: SSL with Tomcat in JBOSS 3.2.3
            acox
            acox Apr 6, 2004 3:23 PM (in response to acox)

            So if this is truely a warning, and also to avoid the DEBUG errors for every SSL connection:

            2004-04-06 12:52:59,697 DEBUG [org.apache.tomcat.util.threads.ThreadPool] Getting new thread data
            2004-04-06 12:53:01,840 DEBUG [org.apache.tomcat.util.net.jsse.JSSE14Support] Error getting client certs
            javax.net.ssl.SSLPeerUnverifiedException: peer not authenticated
            ...

            I added the section below to log4j.xml. This hides the TLS errors on startup and the authentication errors (even though clientAuth="false")


            <!-- Limit Util categories to INFO -->
 <category name="org.apache.tomcat.util">
 <priority value="INFO"/>
 </category>


            Have I opened myself up to masking other issues, or is this a legitmate "solution"?

              • Actions
            • 3. Re: SSL with Tomcat in JBOSS 3.2.3
              nitin888
              nitin888 Apr 19, 2004 4:21 AM (in response to acox)

              To avoid PureTLSImplementation error
              Add SSLImplementation parameter.



              Regarding changing log4j into is just pretending that there's no errors. I don't think its the right way. Even i'm trying to get a soln for that problem.

                • Actions
              • 4. Re: SSL with Tomcat in JBOSS 3.2.3
                nitin888
                nitin888 Apr 19, 2004 4:23 AM (in response to acox)

                Add SSLImplementation parameter.

                SSLImplementation="org.apache.tomcat.util.net.jsse.JSSEImplementation"

                in jboss-service.xml in Factory tag

                  • Actions