Any updates users of tomcat on this issue!!!

-----Original Message-----
From: Sashidharan Ramamurthy <***@ericsson.com>
Sent: Wednesday, October 17, 2018 4:22 PM
To: ***@tomcat.apache.org
Subject: FW: Issue while configuring keystore/SSL for Tomcat 8.5.33

Hi Tomcat user group,

We have installed and deployed Tomcat Version: 8.5.33 in our machine.

Software: AIX

We configured SSL at 8443 port using below command for creating keystore.

$JAVA_HOME/bin/keytool -genkey -alias iscpkey -keystore $outputfile -keyalg RSA -dname "CN=${site}, OU=Network Solutions, O=ISCP, L=Piscataway, C=US" -storepass "changeit" -keypass "changeit" -validity 10000

Though 8443 port no has started, we are unable to connect from SSL client. We are getting SSLException in our client.

We enabled java.net.debug with SSL logs.

Client Hello and Server Hello is done but fails soon afterwards in SSL with internal_error.

*** ServerHelloDone
https-jsse-nio-8443-exec-4, WRITE: TLSv1 Handshake, length = 1736 https-jsse-nio-8443-exec-5, READ: TLSv1 Alert, length = 2 https-jsse-nio-8443-exec-5, RECV TLSv1 ALERT: fatal, internal_error https-jsse-nio-8443-exec-5, fatal: engine already closed. Rethrowing javax.net.ssl.SSLException: Received fatal alert: internal_error https-jsse-nio-8443-exec-5, fatal: engine already closed. Rethrowing javax.net.ssl.SSLException: Received fatal alert: internal_error https-jsse-nio-8443-exec-5, called closeOutbound() https-jsse-nio-8443-exec-5, closeOutboundInternal() https-jsse-nio-8443-exec-5, SEND TLSv1 ALERT: warning, description = close_notify https-jsse-nio-8443-exec-5, WRITE: TLSv1 Alert, length = 2

We are unable to proceed further.

Can you let me know what could be the reason?

Also, if this is not the correct tomcat group, can you point me to correct group?

Thanks and Regards,
Sashi

---------------------------------------------------------------------
To unsubscribe, e-mail: users-***@tomcat.apache.org
For additional commands, e-mail: users-***@tomcat.apache.org