https - Tomcat8 SSL connector -


i followed official tutorial install ssl on tomcat8 browser giving me err_ssl_version_or_cipher_mismatch error.

first of give informations server :

  • ip : 10.1.5.55
  • tomcat port : 8200
  • java version : 1.8.0_121
  • tomcat version : apache tomcat/8.5.11
  • servlet specification version : 3.1
  • jsp version : 2.3

i use https://10.1.5.55:8200/ url connect server (which working http protocol)

the first thing confused me fact tutorial talking connector :

<connector protocol="org.apache.coyote.http11.http11nioprotocol" port="8443" .../>

but basic config file server.xml provides me template :

<connector port="8443" protocol="org.apache.coyote.http11.http11aprprotocol"                maxthreads="150" sslenabled="true" >         <upgradeprotocol classname="org.apache.coyote.http2.http2protocol" />         <sslhostconfig>             <certificate certificatekeyfile="conf/localhost-rsa-key.pem"                          certificatefile="conf/localhost-rsa-cert.pem"                          certificatechainfile="conf/localhost-rsa-chain.pem"                          type="rsa" />         </sslhostconfig>     </connector>

anyway followed tutorial , generated keystore under e:\keys :

keytool -genkey -alias myapp -keystore myapp-keystore

in first , last name typed : 10.1.5.55:8200 password : changeit pressed return same password key.

then wrote connector (i modified http port run on 8199) :

<connector     port="8200"      protocol="org.apache.coyote.http11.http11nioprotocol"      sslenabled="true"      maxthreads="300"      scheme="https"      secure="true"      clientauth="false"      sslprotocol="tls"      keystorefile="e:\keys\myapp-keystore"      keystorepass="changeit" />

but got error @ point.

now there solutions tried :

  • try 1 one tls protocol (v1, v1.1, v1.2, sslv3)
  • change first , last name of keystore 10.1.5.55 lonely
  • try protocol="http/1.1", protocol org...http11nio2protocol

and tried add ciphers. here list used :

ciphers="tls_ecdhe_ecdsa_with_aes_256_cbc_sha384,  tls_ecdhe_rsa_with_aes_256_cbc_sha384,  tls_ecdh_ecdsa_with_aes_256_cbc_sha384,  tls_ecdh_rsa_with_aes_256_cbc_sha384,  tls_dhe_dss_with_aes_256_cbc_sha256,  tls_ecdhe_ecdsa_with_aes_256_cbc_sha,  tls_ecdhe_rsa_with_aes_256_cbc_sha,  tls_ecdh_ecdsa_with_aes_256_cbc_sha,  tls_ecdh_rsa_with_aes_256_cbc_sha,  tls_dhe_dss_with_aes_256_cbc_sha,  tls_ecdhe_ecdsa_with_aes_128_cbc_sha256,  tls_ecdhe_rsa_with_aes_128_cbc_sha256,  tls_ecdh_ecdsa_with_aes_128_cbc_sha256,  tls_ecdh_rsa_with_aes_128_cbc_sha256,  tls_dhe_dss_with_aes_128_cbc_sha256,  tls_ecdhe_ecdsa_with_aes_128_cbc_sha,  tls_ecdhe_rsa_with_aes_128_cbc_sha,  tls_ecdh_ecdsa_with_aes_128_cbc_sha,  tls_ecdh_rsa_with_aes_128_cbc_sha,  tls_dhe_dss_with_aes_128_cbc_sha,  tls_ecdhe_ecdsa_with_rc4_128_sha,  tls_ecdh_ecdsa_with_rc4_128_sha,  tls_ecdh_rsa_with_rc4_128_sha,  tls_ecdhe_ecdsa_with_aes_256_gcm_sha384,  tls_ecdhe_ecdsa_with_aes_128_gcm_sha256,  tls_ecdhe_rsa_with_aes_256_gcm_sha384,  tls_rsa_with_aes_256_gcm_sha384,  tls_ecdh_ecdsa_with_aes_256_gcm_sha384,  tls_ecdh_rsa_with_aes_256_gcm_sha384,  tls_dhe_dss_with_aes_256_gcm_sha384,  tls_ecdhe_rsa_with_aes_128_gcm_sha256,  tls_rsa_with_aes_128_gcm_sha256,  tls_ecdh_ecdsa_with_aes_128_gcm_sha256,  tls_ecdh_rsa_with_aes_128_gcm_sha256,  tls_dhe_dss_with_aes_128_gcm_sha256,  tls_ecdhe_ecdsa_with_3des_ede_cbc_sha,  tls_ecdhe_rsa_with_3des_ede_cbc_sha,  tls_ecdh_ecdsa_with_3des_ede_cbc_sha,  tls_ecdh_rsa_with_3des_ede_cbc_sha,  tls_empty_renegotiation_info_scsvf  "

i got list from here , here learned tomcat7 w/ java7 works differently tomcat8 w/ java8. tried, it's recommended here, remove "sslprotocol" , add "useserverciphersuitesorder" nothing worked, same error browser.

please can tell me how solves ?

you generating dsa certificate of 1024 bits , chrome stops/stopped supporting dsa(dss) shown here or here. try generate rsa certificate of 2048 bits

replace command 

keytool -genkey -alias myapp -keystore myapp-keystore

with 

keytool -genkey -alias myapp -keystore myapp-keystore -keyalg rsa

Comments

Post a Comment

Popular posts from this blog

python - Selenium remoteWebDriver (& SauceLabs) Firefox moseMoveTo action exception -

while performing simple hover test on firefox through selenium (3.4.0) python bindings (3.4.3) using of available os in saucelabs (except linux, latest available firefox version old), performing following actionchain: hover = actionchains(driver) hover.move_to_element(elm_men_menu).perform() it throws following error: taceback: file [...] in testhover hover.perform() file "/usr/local/lib/python2.7/dist-packages/selenium/webdriver/common/action_chains.py", line 80, in perform action() file "/usr/local/lib/python2.7/dist-packages/selenium/webdriver/common/action_chains.py", line 290, in <lambda> command.move_to, {'element': to_element.id})) file "/usr/local/lib/python2.7/dist-packages/selenium/webdriver/remote/webdriver.py", line 256, in execute self.error_handler.check_response(response) file "/usr/local/lib/python2.7/...
Read more

html - How to custom Bootstrap grid height? -

why bootstrap grid has height 591.067 ? did height came ? .main-post { padding: 20px; background-color: #fff; border: 1px solid #d8d8d8; margin-bottom: 100px; } .main-post .post-categories { margin-bottom: 10px } .main-post h3 { margin: 0 0 10px; color: #777; letter-spacing: -1px; font-weight: bold } .main-post .post-author, .main-post .post-date, .main-post .post-comments { font-size: 12px } .main-post img { display: block; margin: 10px 0; } .main-post .post-summary { line-height: 1.7; color: #888 } .main-post { color: #999 } <div class="col-sm-6"> <div class="main-post"> <h3 class="post-title"> <a href="#"> post title </a> </...
Read more

transpose - Maple isnt executing function but prints function term -

im using maple im in worksheetmode tried using maple input , 2d input , want transpose matrix a: := `<|>`(`<,>`(1, .5, -2), `<,>`(.5, 9/4+b, 5+3*b), `<,>`(-2, 5+3*b, 18+9*b+4*a)); b:= transpose(a); when exectute sheet dont translated values, there same input. matrix looks same input matrix plus function term. you can see picture in following link: why arent functions executed? meanwhile b:=a^+ doing right way , transposed matrix. other functions return function body instead needed values... if using 2d input mode (the default) space you've got between transpose , bracketed (b) interpreted multiplcation. rid of such space. also, either load package @ start of document like, with(linearalgebra): before calling transpose command package, or call it's full name like, linearalgebra:-transpose(b);
Read more