tomcat-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From bugzi...@apache.org
Subject DO NOT REPLY [Bug 37238] New: - Unable to start HTTPS listener using PKCS12 format certificate.
Date Tue, 25 Oct 2005 06:31:07 GMT
DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG·
RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT
<http://issues.apache.org/bugzilla/show_bug.cgi?id=37238>.
ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND·
INSERTED IN THE BUG DATABASE.

http://issues.apache.org/bugzilla/show_bug.cgi?id=37238

           Summary: Unable to start HTTPS listener using PKCS12 format
                    certificate.
           Product: Tomcat 5
           Version: 5.0.25
          Platform: PC
        OS/Version: Windows XP
            Status: NEW
          Severity: critical
          Priority: P2
         Component: Connector:HTTP
        AssignedTo: tomcat-dev@jakarta.apache.org
        ReportedBy: jagadish.nagarajaiah@gmail.com


After moving keystore from JKS format to PKCS12 format, tomcat server fails to
listen for https and logs following:

=========================================
INFO: Starting Coyote HTTP/1.1 on http-80
Oct 19, 2005 2:47:27 AM org.apache.coyote.http11.Http11Protocol start
SEVERE: Error starting endpoint
java.io.IOException: DerInputStream.getLength(): lengthTag=79, too big.
        at sun.security.util.DerInputStream.getLength(DerInputStream.java:530)
        at sun.security.util.DerValue.<init>(DerValue.java:234)
        at sun.security.util.DerInputStream.readVector(DerInputStream.java:359)
        at sun.security.util.DerInputStream.getSequence(DerInputStream.java:267)
        at
com.sun.net.ssl.internal.ssl.PKCS12KeyStore.engineLoad(PKCS12KeyStore.java:1222)
        at java.security.KeyStore.load(KeyStore.java:1150)
        at
org.apache.tomcat.util.net.jsse.JSSESocketFactory.getStore(JSSESocketFactory.java:278)
        at
org.apache.tomcat.util.net.jsse.JSSESocketFactory.getKeystore(JSSESocketFactory.java:220)
        at
org.apache.tomcat.util.net.jsse.JSSE14SocketFactory.getKeyManagers(JSSE14SocketFactory.java:143)
        at
org.apache.tomcat.util.net.jsse.JSSE14SocketFactory.init(JSSE14SocketFactory.java:109)
        at
org.apache.tomcat.util.net.jsse.JSSESocketFactory.createSocket(JSSESocketFactory.java:88)
        at
org.apache.tomcat.util.net.PoolTcpEndpoint.initEndpoint(PoolTcpEndpoint.java:253)
        at
org.apache.tomcat.util.net.PoolTcpEndpoint.startEndpoint(PoolTcpEndpoint.java:275)
        at org.apache.coyote.http11.Http11Protocol.start(Http11Protocol.java:177)
        at
org.apache.coyote.tomcat5.CoyoteConnector.start(CoyoteConnector.java:1500)
        at org.apache.catalina.core.StandardService.start(StandardService.java:485)
        at org.apache.catalina.core.StandardServer.start(StandardServer.java:2298)
        at org.apache.catalina.startup.Catalina.start(Catalina.java:556)
        at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
        at
sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
        at
sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
        at java.lang.reflect.Method.invoke(Method.java:585)
        at org.apache.catalina.startup.Bootstrap.start(Bootstrap.java:284)
        at org.apache.catalina.startup.Bootstrap.main(Bootstrap.java:422)
========================================================


Here is our configuration file:
===========================================================
<Connector acceptCount="100" clientAuth="false"
            connectionTimeout="20000" debug="0"
            disableUploadTimeout="true" enableLookups="false"
            keystoreFile="tmce.p12" keystorePass="xxx"
            keystoreType="PKCS12" maxSpareThreads="50" maxThreads="200"
            minSpareThreads="15" port="443" redirectPort="8443"
            scheme="https" secure="true" sslProtocol="TLS"/>
===============================================================

-- 
Configure bugmail: http://issues.apache.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.

---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@tomcat.apache.org
For additional commands, e-mail: dev-help@tomcat.apache.org


Mime
View raw message