Tomcat 5.5/Java 5 and SSL...

Steve Longdo — Mon, 12 Dec 2005 20:30:00 +0000

I ran into a puzzling situation trying to setup Yale's CAS and the Spring Framework/Acegi contacts sample application on my workstation. I had CAS deployed on Tomcat 5.5 and the Acegi sample application deployed on BEA WebLogic 9.0, both running under Sun's JDK 1.5.0_06. I kept getting errors like:

Your CAS credentials were rejected.

Reason: HTTPS hostname wrong: <localhost> should be <127.0.0.1>

I couldn't figure this out because the server.xml for Tomcat included both the keystoreFile and truststoreFile parameters for the SSL connection. The JVM JRE cacerts file included self-signed certs for both the BEA server and the Tomcat server which should be picked up system wide whether or not I specifically include it in the server.xml file. I am not sure why but putting the following option on the Tomcat command line solved the problem:

-Djavax.net.ssl.trustStore="C:\Program Files\Java\jre1.5.0_06\lib\security\cacerts"

You can also see from this that it is a Windows workstation... I am documenting this for the benefit of other programmers and Google (which doesn't have much of anything about this particular problem).

"Tomcat 5.5/Java 5 and SSL..." by eel

Thu, 15 Dec 2005 22:35:09 +0000

nice xmas theme but it's still wierd in ie. fyi...

"Tomcat 5.5/Java 5 and SSL..." by Steve

Tue, 13 Dec 2005 18:33:01 +0000

Thanks Sen-dog! If only my employer would see the light as well. I hope to be doing some Rails informational posting in the very near future...

"Tomcat 5.5/Java 5 and SSL..." by Sen Binclair

Tue, 13 Dec 2005 18:28:50 +0000

gem install rails

Musings of a Trained Monkey: Tomcat 5.5/Java 5 and SSL...

Tomcat 5.5/Java 5 and SSL...

"Tomcat 5.5/Java 5 and SSL..." by eel

"Tomcat 5.5/Java 5 and SSL..." by Steve

"Tomcat 5.5/Java 5 and SSL..." by Sen Binclair