Clever Geek Handbook

Embedded Tomcat allows SSL

I am trying to set up SSL for embedded Tomcat. Both connectors start up, but I only get http response. On https I get a chrome message "No data received on receipt" when I try http://localhost:9000/

Port open: I tried telnet telnet localhost 9000

and I have a connection. I have tried openssl s_client -connect localhost:9000

both the GET / method too and my servlet prints the expected result to me in the console. I don't understand why I am getting this error in browsers (chrome and Firefox) My OS is Ubuntu 14.04 and I tried with both Java 7 and Java 8 with the same result. Tomcat version is 8.0.23 from Maven repo Code:

public class Main {

public static void main(String[] args) throws Exception {
    Tomcat tomcat = new Tomcat();
    Service service = tomcat.getService();
    service.addConnector(getSslConnector());


    File base = new File(System.getProperty("java.io.tmpdir"));
    Context rootCtx = tomcat.addContext("/", base.getAbsolutePath());
    Tomcat.addServlet(rootCtx, "emptyServlet", new EmptyServlet());
    rootCtx.addServletMapping("/*", "emptyServlet");
    tomcat.start();
    tomcat.getServer().await();

}

private static Connector getSslConnector() {
    Connector connector = new Connector();
    connector.setPort(9000);
    connector.setSecure(true);
    connector.setScheme("https");
    connector.setAttribute("keyAlias", "tomcat");
    connector.setAttribute("keystorePass", "password");
    connector.setAttribute("keystoreType", "JKS");
    connector.setAttribute("keystoreFile",
            "keystore.jks");
    connector.setAttribute("clientAuth", "false");
    connector.setAttribute("protocol", "HTTP/1.1");
    connector.setAttribute("sslProtocol", "TLS");
    connector.setAttribute("maxThreads", "200");
    connector.setAttribute("protocol", "org.apache.coyote.http11.Http11AprProtocol");
    connector.setAttribute("SSLEnabled", true);
    return connector;
 }
}

You can find the key repository on github

I've already tried different keystores, but with the same result. Also, the keystore looks good: keytool -list -keystore keystore.jks

looks like what expected. thanks in advance

+3


source to share


1 answer


This turned out to be my mistake. The service was started but I kept on using http: // localhost: 9000 not https: // locahost: 9000 in my browser



0


source






More articles:


All Articles