0

There is a tomcat6 server which is enabled for https access on port 8443 with settings on <connector> tag of server.xml file. It is as shown below: 

<Connector port="8443" 
           SSLEnabled="true"
           maxThreads="150" 
           minSpareThreads="25" 
           maxSpareThreads="75"
           enableLookups="true" 
           disableUploadTimeout="true"
           acceptCount="100" 
           debug="0" 
           connectionTimeout="60000" 
           scheme="https" 
           secure="true"
           clientAuth="false" 
           sslProtocol="TLS"
           keystoreFile="/etc/tomcat6/.keystore"
           keystorePass="changeit"
/>

I am trying to access port 8443 with https on a remote machine using this server via java code. I am getting java.net.ConnectException: Connection refused on catalina.out log. This exception is generated on the line connection.getResponseCode(); of the java code. It seems that the port is not open on the remote machine. I am able to access port 8443 on the server itself without any exception. Remote machine has no tomcat installed.

I want to open that port on the remote machine for https access by the java code. I am using ubuntu server 10.04 LTS as both server and remote machine. I cannot use firewalls(ufw or iptables due to restriction). I can use stunnel4 on both the machines.

ROMANIA_engineer
  • 54,432
  • 29
  • 203
  • 199
Manohar Bhattarai
  • 97
  • 1
  • 2
  • 9
  • The port *is* open but there is nothing listening to it. That's what 'connection refused' means. This connector configuration is irrelevant. And you can't open a port on a remote host. You have to get into that host so it is currently the local host, and then administrate its firewall. Still off topic after 12 years. – user207421 May 11 '20 at 03:08

1 Answers1

-1

First of all, please use: sudo nmap -v -A localhost to check whether port 8443 is open on the remote machine. The result should be something like:

Starting Nmap 5.21 ( http://nmap.org ) at 2012-06-26 04:27 UTC
NSE: Loaded 36 scripts for scanning.
Initiating SYN Stealth Scan at 04:27
Scanning localhost (127.0.0.1) [1000 ports]
Discovered open port 22/tcp on 127.0.0.1
Completed SYN Stealth Scan at 04:27, 0.02s elapsed (1000 total ports)
Initiating Service scan at 04:27
Scanning 1 service on localhost (127.0.0.1)
Completed Service scan at 04:27, 0.01s elapsed (1 service on 1 host)

if information for port 8443 is not appearing, something like:

Discovered open port 8443/tcp on 127.0.0.1

It means port 8443 is not enabled, you need to do something for it.

user207421
  • 305,947
  • 44
  • 307
  • 483
George Sun
  • 881
  • 1
  • 10
  • 20
  • This checks whether it is open on the *local* machine, and we already know from the connect refusal that it is open on the remote as well. – user207421 May 11 '20 at 03:10