Return-Path: X-Original-To: apmail-geronimo-user-archive@www.apache.org Delivered-To: apmail-geronimo-user-archive@www.apache.org Received: from mail.apache.org (hermes.apache.org [140.211.11.3]) by minotaur.apache.org (Postfix) with SMTP id D751C10CF1 for ; Sat, 3 Aug 2013 15:23:04 +0000 (UTC) Received: (qmail 82700 invoked by uid 500); 3 Aug 2013 15:23:03 -0000 Delivered-To: apmail-geronimo-user-archive@geronimo.apache.org Received: (qmail 82653 invoked by uid 500); 3 Aug 2013 15:22:57 -0000 Mailing-List: contact user-help@geronimo.apache.org; run by ezmlm Precedence: bulk list-help: list-unsubscribe: List-Post: Reply-To: user@geronimo.apache.org List-Id: Delivered-To: mailing list user@geronimo.apache.org Received: (qmail 82646 invoked by uid 99); 3 Aug 2013 15:22:56 -0000 Received: from athena.apache.org (HELO athena.apache.org) (140.211.11.136) by apache.org (qpsmtpd/0.29) with ESMTP; Sat, 03 Aug 2013 15:22:56 +0000 X-ASF-Spam-Status: No, hits=-0.7 required=5.0 tests=RCVD_IN_DNSWL_LOW X-Spam-Check-By: apache.org Received-SPF: error (athena.apache.org: local policy) Received: from [209.85.215.45] (HELO mail-la0-f45.google.com) (209.85.215.45) by apache.org (qpsmtpd/0.29) with ESMTP; Sat, 03 Aug 2013 15:22:51 +0000 Received: by mail-la0-f45.google.com with SMTP id fj20so1125441lab.18 for ; Sat, 03 Aug 2013 08:22:09 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20120113; h=message-id:date:from:user-agent:mime-version:to:subject :content-type:content-transfer-encoding:x-gm-message-state; bh=zlgSl5IdCi6WnXH5yRKbkut0jGd2ee/P6XqwLm5mMfk=; b=dLg0hDmSh2WnW/Kt5qSrxZltn6SDsNpY3+LTtQ/KELd6/xZxYlNI5ai2KmJGJREJVc hOG8XzpHWkWqgI7pdj8v1wQiXniHX8nEdkUarZomhHKon/jOAM0YWHMfwS2/tnFK4adq 6hBi5H0mSezGOCIu9AULfKAnMzbR76chWR0RCCvM0zpXdHxnJW/X3EbhwQNE1gqU1RUF EjSCIOxQUnpyfOCFJ73iyIMVaPlnhffk9hwgUVFmvbtViya3u5gWpfaBp6fZV93vd+1P xeAB+NHwexfhbUhp2lLNHT0DwVWLL2R2HuzrHAO4O/edUWztB5R4H/J7xki2dRDLJS/J s+Eg== X-Received: by 10.112.167.228 with SMTP id zr4mr5423535lbb.96.1375543328996; Sat, 03 Aug 2013 08:22:08 -0700 (PDT) Received: from [192.168.1.4] (163-119-178-94.pool.ukrtel.net. [94.178.119.163]) by mx.google.com with ESMTPSA id 8sm5376776lbq.4.2013.08.03.08.22.07 for (version=TLSv1 cipher=ECDHE-RSA-RC4-SHA bits=128/128); Sat, 03 Aug 2013 08:22:08 -0700 (PDT) Message-ID: <51FD201D.6080808@opensourcestrategies.com> Date: Sat, 03 Aug 2013 18:22:05 +0300 From: Oleg Andreyev User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:17.0) Gecko/20130623 Thunderbird/17.0.7 MIME-Version: 1.0 To: user@geronimo.apache.org Subject: Unable to set up ssl Content-Type: text/plain; charset=KOI8-U; format=flowed Content-Transfer-Encoding: 7bit X-Gm-Message-State: ALoCoQmIo8v4DHtmEym23y7ZWiJWIaNDMebYwgq6AbD3uL4ajcLvme9+wvRj6Hwkz5XOxuHhEL8a X-Virus-Checked: Checked by ClamAV on apache.org Hi, Last days I tried to set up SSL on Geronimo 3.0.1 and finally had to admit defeat. My steps: - Downloaded 3.0.1 (Linux x64, Web profile, run with Oracle JDK 1.6.0_14) - Changed ports to 80/443 in config-substitution.properties - Log in to Web console - Created new keystore, enabled it, generated key, CSR, imported answer from CA No errors so far. The key looks like: Version: 3 Subject: CN=xxx.yyyyy.com, OU=Domain Control Validated Issuer: SERIALNUMBER=10688435, CN=Starfield Secure Certification Authority, OU=http://certificates.starfieldtech.com/repository, O="Starfield Technologies, Inc.", L=Scottsdale, ST=Arizona, C=US Serial Number: 2292395462585499 Valid From: Fri Aug 02 20:15:19 EDT 2013 Valid To: Wed Jul 30 16:46:03 EDT 2014 Signature Alg: SHA1withRSA Public Key Alg: RSA critical ext: 2.5.29.15 critical ext: 2.5.29.19 non-critical ext: 2.5.29.14 non-critical ext: 1.3.6.1.5.5.7.1.1 non-critical ext: 2.5.29.31 non-critical ext: 2.5.29.32 non-critical ext: 2.5.29.37 non-critical ext: 2.5.29.35 non-critical ext: 2.5.29.17 Also I have changed Web servers/TomcatWebSSLConnector to set correct keystoreFile and keystore password and stop/start it. So, I tried connect with https and after some time "The connection was reset". And I see error in geronimo log: 2013-08-02 20:19:22,861 ERROR [JIoEndpoint] java.lang.NullPointerException at org.apache.tomcat.util.net.JIoEndpoint.processSocket(JIoEndpoint.java:525) at org.apache.tomcat.util.net.JIoEndpoint$Acceptor.run(JIoEndpoint.java:230) at java.lang.Thread.run(Thread.java:619) I describe this attempts because it is most appropriate to documentation but I tried different JDK, geronimo 3.0.0, keystore created by keytool and so on. Any clue?