I setup a keystore and got a SSL cert from openssl.com. The exact steps I followed are here: https://drive.google.com/file/d/0B6PUGo7cBLcDTzdkc0pzT2pTMk0/view?usp=sharing
Unfortunately even after following their instructions for tomcat exactly and working with customer support my https connection times out.
It seems like tomcat is up and running, listening on port 443, but I don't know how to debug deeper. Http requests are served just fine, so I know tomcat itself is working just fine.
[ec2-user@ip- logs]$ sudo netstat -tunlp | grep 443
tcp6 0 0 :::443 :::* LISTEN 19407/java
[ec2-user@ip- logs]$ ps -ef | grep java
root 19407 1 1 23:03 pts/0 00:00:06 /usr/java/jre1.8.0_60//bin/java
-Djava.util.logging.config.file=/usr/apache-tomcat-8.0.26//conf/logging.properties
-Djava.util.logging.manager=org.apache.juli.ClassLoaderLogManager -Djava.endorsed.dirs=/usr/apache-tomcat-8.0.26//endorsed -classpath /usr/apache-tomcat-8.0.26//bin/bootstrap.jar:/usr/apache-tomcat-8.0.26//bin/tomcat-juli.jar -Dcatalina.base=/usr/apache-tomcat-8.0.26/ -Dcatalina.home=/usr/apache-tomcat-8.0.26/ -Djava.io.tmpdir=/usr/apache-tomcat-8.0.26//temp org.apache.catalina.startup.Bootstrap start ec2-user 19449 18021 0 23:13 pts/0 00:00:00 grep --color=auto java
My connector is configured as:
<Connector port="443" protocol="org.apache.coyote.http11.Http11Protocol"
maxThreads="150" SSLEnabled="true" scheme="https" secure="true"
clientAuth="false" sslProtocol="TLS" KeystoreFile="/home/ec2-user/.keystore" KeystorePass="password" />
Please help!
When I configure tomcat, if there's a delay before I see any response, it is almost always because the PORT is blocked for some reason. Are you positive port 443 is open through the firewall (assuming this is being done on an external server)?
If your standard port works fine but 443 just sits and spins for a period of time before failing, I'd put my money on a blocked port.