java - Tomcat 7 ssl_error_no_cypher_overlap -
i bought ssl certificate certum.pl run java (jdk 1.8) web application on tomcat 7 using ssl , https.
i created jks file using keytool:
keytool -importcert -file "certificate.cer" -keystore "file.jks" -alias "mycert" -keyalg rsa -keysize 2048
my tomcat configuration:
<listener classname="org.apache.catalina.core.aprlifecyclelistener" sslengine="on"/> <connector executor="tomcatthreadpool" port="80" protocol="http/1.1" connectiontimeout="20000" redirectport="443"/> <connector protocol="org.apache.coyote.http11.http11protocol" port="443" maxthreads="200" connectionuploadtimeout="36000000" disableuploadtimeout="false" connectiontimeout="60000" scheme="https" secure="true" sslenabled="true" keystorefile="${catalina.home}/conf/file.jks" keystorepass="pass" clientauth="false" sslprotocol="tls" maxpostsize="52428800" ciphers="tls_rsa_with_aes_128_cbc_sha256, tls_ecdhe_rsa_with_aes_128_cbc_sha256, tls_ecdhe_rsa_with_aes_128_cbc_sha, tls_ecdhe_rsa_with_aes_256_cbc_sha384, tls_ecdhe_rsa_with_aes_256_cbc_sha, tls_rsa_with_aes_128_cbc_sha256, tls_rsa_with_aes_128_cbc_sha, tls_rsa_with_aes_256_cbc_sha256, tls_rsa_with_aes_256_cbc_sha" />
when calling https://mywebsite/
in firefox, throws 'ssl_error_no_cypher_overlap' , in chrome 'err_ssl_version_or_cipher_mismatch'.
note: works self-signed keystore when use verified certificate it's not working.
i'm struggling issue 2 days :(
any appreciated in advance.
Comments
Post a Comment