1. What I want to do
I am currently creating a dynamic web application (JSP/Servlet), and try to setup SSL certificate in Tomcat (v8.5) to access from "https://[hostname]:8443/[AppName]".
2. Current Problem
I cannot reach the page "https://[hostname]:8443/[AppName]" and the following message is showing.
The connection timeout.
the response from the localhost server was not received at a certain time.
Cannot connect to my app using https
But somehow when I try to access the default Tomcat page, I can reach it successfully by "https://[hostname]:8443/"
Can connect to Tomcat default using https
And of course I could connect to my app using "http", like "http://[hostname]:8080/TennisDatabase"
Can connect using http
3. What I did
(1)Generated certificate.
keytool -genkey -alias tomcat -keyalg RSA -keypass [password] -keystore mycertificate.cer -storepass [password]
(2)Modify server.xml
<Connector port="8443" protocol="HTTP/1.1" SSLEnabled="true"
scheme="https"
secure="true"
clientAuth="false"
sslProtocol="TLS"
sslEnabledProtocols="TLSv1.2,TLSv1.1,TLSv1"
keystoreFile="conf/mycertificate.cer" keystorePass="[password]" />
(3)Allow port 8443 from iptables.
-A INPUT -m state --state NEW -m tcp -p tcp --dport 8443 -j ACCEPT
(4)Modify server.xml
Also changed permission of file to 755.
<security-constraint>
<web-resource-collection>
<web-resource-name>HTTPSOnly</web-resource-name>
<url-pattern>/*</url-pattern>
</web-resource-collection>
<user-data-constraint>
<transport-guarantee>CONFIDENTIAL</transport-guarantee>
</user-data-constraint>
(5)Restart Tomcat
4. Additional Info
When I try crul, I faced the following error.
$ curl -v --tlsv1.1 https://[hostname]:8443/[appname]
* About to connect() to [hostname] port 8443 (#0)
* Trying [IP address]... connected
* Connected to [hostname] ([IP address]) port 8443 (#0)
* Initializing NSS with certpath: sql:/etc/pki/nssdb
* CAfile: /etc/pki/tls/certs/ca-bundle.crt
CApath: none
* NSS error -5990
* Closing connection #0
* SSL connect error
curl: (35) SSL connect error
CentOS : 6.10
Tomcat : 8.5
与恶龙缠斗过久,自身亦成为恶龙;凝视深渊过久,深渊将回以凝视…