Configuring SSL with Tomcat7 Server

Question

I have a SSL Certificate (Cert1.cer file)

I created a keystore file using

  keytool -import -alias es-staging.cdac.in -keystore key2 -file Cert1.cer

I updated my server.xml with

        <Connector port="8443" protocol="HTTP/1.1" SSLEnabled="true"
           maxThreads="150" scheme="https" secure="true"
           clientAuth="false" sslProtocol="TLS" 
     keystoreFile="/var/lib/tomcat7/webapps/key/key2"
     keystorePass="changeit" 
      sslEnabledProtocols="TLSv1.2,TLSv1.1,TLSv1" 
      ciphers="TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256, TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA,TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384, TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA,TLS_ECDHE_RSA_WITH_RC4_128_SHA, TLS_RSA_WITH_AES_128_CBC_SHA256,TLS_RSA_WITH_AES_128_CBC_SHA,TLS_RSA_WITH_AES_256_CBC_SHA256, TLS_RSA_WITH_AES_256_CBC_SHA,SSL_RSA_WITH_RC4_128_SHA"
     />  

Then I Restarted the tomcat server

And tried to access https://52.39.134.231:8443/

My Browser(Mozilla FireFox) is showing

I tried to access "(Not secure) Try loading 52.39.134.231 using outdated security "

But its still redirecting me to same page

Where am I going wrong?

Answer 1

The error message says that Firefox and Tomcat don't have a mutual cipher they could agree on. Well, there are ciphers that both Tomcat and Firefox are supporting in your case, but those have been disabled in Firefox for security reasons.

The ciphers you configured are pretty strong and restricting. Are you sure that all of them are supported by the underlying JDK version?