tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Bill Barker" <wbar...@wilshire.com>
Subject Re: Error: No available certificate or key corresponds to the SSL cipher suites which are enabled.
Date Sun, 10 Sep 2006 21:54:38 GMT
I don't know if it's just copy/paste errors, but from what you've written, 
you've imported the ca cert twice, and into a different keystore file than 
you used to generate the key.

What does > keytool -list say?

"Jeanna Geier" <jgeier@apt-cafm.com> wrote in message 
news:007001c6d378$7214f470$6700a8c0@geier...
Hi All-

I'm running into an odd problem and am hoping that someone out there can 
help me!

I'm trying to configure and run SSL; I am able to create, startup and run 
everyting when I am using a self-signed certificate. (Yeah!)

However, when I attempt to use a trial certificate from thawte (which is 
where we want to get to), I am getting an error.  Here's what I'v done 
(http://tomcat.apache.org/tomcat-5.0-doc/ssl-howto.html):

  - created a local Certificate: >keytool -genkey -alias tomcat -keyalg RSA

  I didn't get a 'chain certificate' with my free trial, so for the next 
step, I imported the certificate I got from Thawte:

  - keytool -import -alias root -keystore C:\Documents and 
Settings\HP_Administrator\.keystore -trustcacerts -file 
C:\thawte_ca_cert.cert

  Then I imported the new certificate under my tomcat user:

  - keytool -import -alias tomcat -keystore C:\Documents and 
Settings\HP_Administrator\.keystore -trustcacerts -file 
C:\thawte_ca_cert.cert


According to the directions, that should be it; however, when I go to start 
Tomcat, I get the following error:

        at 
org.apache.tomcat.util.net.jsse.JSSESocketFactory.acceptSocket(JSSESocketFactory.java:113)
        at 
org.apache.tomcat.util.net.PoolTcpEndpoint.acceptSocket(PoolTcpEndpoint.java:368)
        at 
org.apache.tomcat.util.net.TcpWorkerThread.runIt(PoolTcpEndpoint.java:549)
        at 
org.apache.tomcat.util.threads.ThreadPool$ControlRunnable.run(ThreadPool.java:683)
        at java.lang.Thread.run(Thread.java:595)
Sep 8, 2006 1:34:04 PM org.apache.tomcat.util.net.PoolTcpEndpoint 
acceptSocket
WARNING: Reinitializing ServerSocket
Sep 8, 2006 1:34:04 PM org.apache.tomcat.util.net.PoolTcpEndpoint 
acceptSocket
SEVERE: Endpoint [SSL: 
ServerSocket[addr=0.0.0.0/0.0.0.0,port=0,localport=443]] ignored exception: 
java.net.SocketException: SSL handshake errorjavax.net.ssl.SSLException: No 
available certificate or key corresponds to the SSL cipher suites which are 
enabled.
java.net.SocketException: SSL handshake errorjavax.net.ssl.SSLException: No 
available certificate or key corresponds to the SSL cipher suites which are 
enabled.

When I search/google on this, it says that one cause could be "different 
passwords has been used for the certificate and the Keystore. In this case, 
use the Keytool to change the password of the certificate to match the 
password of the Keystore." - but that's not the case.

Please, any help you can offer would be greatly appreciated.  Thanks!
-Jeanna 




---------------------------------------------------------------------
To start a new topic, e-mail: users@tomcat.apache.org
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org


Mime
View raw message