Have you verified that the keypair configured for the listener does exists
on the instance?
Possibly it's not a secure socket yet ... you may verify this by doing a
telnet to that port and fire a HTTP-request manually...
telnet <ip-of-your-instance> 28181
if you get a 'connect' enter
GET / HTTP/1.0
<CRLF>
<CRLF>
if you don't get a 'connect', you may try 'openssl' client to see if
ssl-handshake works
openssl s_client -connect <ip-of-your-instance>:28181
-Bernhard
On Mon, Jan 9, 2012 at 5:21 PM, <forums_at_java.net> wrote:
> Hi All,
>
> I have a cluster and an instance created with the default http-listener-1
> and
> http-listener-2 under Configurations->My-cluster-**config->Network
> Config->Network Listeners.
>
> Below are the configurations of http-listener-2
>
> Name: http-listener-2 Protocol: http-listener-2 [1] Status: Enabled
> Security:
> Enabled JK Listener: Enabled If selected, listener is an Apache mod-jk
> listener Port: The port on which the network listener is listening
> Address: The IP address on which the network listener is listening
> Transport: tcp [2] Thread Pool: The thread pool associated
> Note: HTTP_SSL_LISTENER_PORT=28181 which is defined
> Clusters->My-cluster->**Properties
>
> SSL3: Enabled TLS: Enabled Client Authentication: Enabled Requires the
> client
> to authenticate itself to the server. Certificate NickName: Takes a
> single value, identifies the server's keypair and certificate. Key Store:
> Name of the keystore file (for example, keystore.jks) Trust Algorithm:
> Name of the trust management algorithm (for example, PKIX) to use for
> certification path validation Max Certificate Length: Maximum number of
> non-self-issued intermediate certificates that can exist in a certification
> path (valid only if Trust Algorithm is PKIX) Trust Store: Name of the
> truststore file (for example, cacerts.jks)
>
>
>
>
> I have an application deployed and when I click "Launch" link from
> Applications->my-app, I can see the following two links:
>
> http://xxx.yyy.com:28080/my-**app <http://xxx.yyy.com:28080/my-app>
> (works fine)
> https://xxx.yyy.com:28181/my-**app <https://xxx.yyy.com:28181/my-app>
> (doesn't work -- the message in Firefox is
> "the connection has timed out. The server at xxx.yyy.com is taking too
> long
> to respond." No message shows up in server.log)
>
>
>
> I replaced "${HTTP_SSL_LISTENER_PORT}" by "28181" directly in
> Configurations->My-cluster-**config->Network Config->Network
> Listeners->Port,
> restarted domain, cluster and instance, the 28181 link is still not
> working.
>
> I also tried to create aonther http-listener for https with a different
> port,
> it is not working either.
>
>
>
> Any help will be appreciated!
>
>
>
>
>
>
>
>
>
>
> [1] https://cygnus.**soleocommunications.com:4848/**
> web/grizzly/protocolEdit.jsf?**name=http-listener-2&**
> configName=access-manager-**cluster-config<https://cygnus.soleocommunications.com:4848/web/grizzly/protocolEdit.jsf?name=http-listener-2&configName=access-manager-cluster-config>
> [2] https://cygnus.**soleocommunications.com:4848/**
> web/grizzly/transportEdit.jsf?**name=tcp&configName=**
> access-manager-cluster-config<https://cygnus.soleocommunications.com:4848/web/grizzly/transportEdit.jsf?name=tcp&configName=access-manager-cluster-config>
>
> --
>
> [Message sent by forum member 'wlin']
>
> View Post: http://forums.java.net/node/**881572<http://forums.java.net/node/881572>
>
>
>
--
IT-Consulting Bernhard Thalmayr
- Painstaking Minds -
83620 Vagen (Munich area)
Germany