Tomcat SSL behind a firewall

I have a Tomcat 7 acting as a web server on a windows 2008 server.  It is using a certificate from GoDaddy for SSL.  Everything works fine internally.  I have a Watchguuard 1250 NAT rule pointing to the internal address.  DNS resolves just fine.  When trying to access the site from an external location, the web pages fail to load using IE8, Firefox loads okay, and Chrome gives "Err 113 ERR_SSL_VERSION_OR_CIPHER_MISMATCH".  So I am inclined to believe that it has something to do with the SSL and Watchguard.  I have a similar server using a self-signed certificate with no problem

          <Connector protocol="org.apache.coyote.http11.Http11AprProtocol"
                   port="8080" maxThreads="200"
                   scheme="https" secure="true" SSLEnabled="true"
                   SSLCertificateFile="C:\keystore\certfile.crt"
                   SSLCertificateKeyFile="C:\keystore\keyfile"
                   SSLPassword="hpassword"
                   SSLCertificateChainFile = "C:\keystore\chainfile"
                   keyAlias="keyalias"
                   SSLProtocol="TLSv1"/>

-Daniel

danielqAsked:
Who is Participating?
 
BrianConnect With a Mentor Commented:
Is there a policy, outgoing especially, that is stripping any packet information? Most proxy policies will at least change the machine name. This will then not match the name on the cert.
0
 
setasoujiroConnect With a Mentor Commented:
did you check the policy in watchguard?
if you chose a proxy, you can select either "https client" or "server" as proxy action?
0
 
danielqAuthor Commented:
Yes I chaned my rule from a proxy to a tcp/udp packer rule
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.