5 Replies Latest reply on May 28, 2003 7:23 PM by geoff.hill

    https and jboss-3.2.2beta

    geoff.hill Newbie

      I am trying to build the latest 3.2 branch from CVS and configure the https connector. It works ok with the jboss-3.2.1_tomcat-4.1.24 bundle but when I copy the jbossweb-tomcat.sar/META-INF/jboss-service.xml in to my built version I just get "Could not connect to host localhost (port 8443)". Nothing at all appears in the log output.

      So, have I built it wrong, or am I configuring it wrong? Or is there something else I'm not seeing?

      Attached is my jbossweb-tomcat.sar/META-INF/jboss-service.xml

      Thanks to anyone out there that can help point me in the right direction.

      Geoff H.

        • 1. Re: https and jboss-3.2.2beta
          Jon Barnett Master

          Have you tried telneting to port 8443? If you can't even get a connection there, probably the listener has not started. If the listener has not started, a possible problem may be that the securityDomain you specify doesn't exist or can't be looked up. Have you tried with a basic certificate registry to see that the SSL listener is operational. If it works then Tomcat is ok and you have a problem with the security domain setting. This should help narrow down the problem.

          • 2. Re: https and jboss-3.2.2beta
            geoff.hill Newbie

            OK so telnet works, and jboss is listening on the port, but still no joy. If it means anything the jaas domain I've set up appears under the JNDI view of the console.

            Can you point me at how to "try with a basic certificate registry" and how to test it?

            • 3. Re: https and jboss-3.2.2beta
              Jon Barnett Master

              Go to here for creating certificates:
              http://jakarta.apache.org/tomcat/tomcat-4.1-doc/ssl-howto.html

              Your jboss-service.xml for jbossweb-tomcat.sar is going to look like this instead:

              <Factory className="org.apache.coyote.tomcat4.CoyoteServerSocketFactory"
              keystoreFile="${jboss'dot'server'dot'home.dir}/conf/tomcat.key"
              clientAuth="false" protocol="TLS" />



              Sorry had to mangle the keystore bit so the forum wouldn't substitute things. Replace 'dot' with an actual '.'.

              • 4. Re: https and jboss-3.2.2beta
                geoff.hill Newbie

                Oops, turns out (of course) that there was a difference between my configuration with the bundle and the one I built. It's the HttpConnector that works, the CoyoteConnector seems not to work.

                Thanx for your help

                • 5. Re: https and jboss-3.2.2beta
                  geoff.hill Newbie

                  OK finally I'm at the bottom of this more or less. You use jakarta's own org.apache.coyote.tomcat4.CoyoteServerSocketFactory, and with the CoyoteConnector this works great.

                  What I found was that with the JBoss org.jboss.web.catalina.security.SSLServerSocketFactory that it only seems to work with HttpConnector.

                  I like your way much better - keep tomcat stuff in the tomcat family as it were, and get to use the supposedly better Connector.

                  Thanks again jon