tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Josh Gooding <josh.good...@gmail.com>
Subject Re: Need some SSL Config help.
Date Tue, 11 Aug 2009 20:47:56 GMT
ok back to the topic at hand here.  I have removed httpd from my server,
installed APR, and have gotten my cert file from my hosting company.  it is
in pfx format.  Now I found some information on the net:

http://tp.its.yale.edu/pipermail/cas/2005-July/001337.html

It was saying that I can just use the pfx file with tomcat 5.5, so I put the
file in my $CATALINA_HOME directory just as a test, modified my server.xml
file to accept SSL:

*<Connector protocol="HTTP/1.1"
            port="443" maxThreads="200"
            scheme="https" secure="true" SSLEnabled="true"
            keystoreFile="C:/Program
Files/[*****]/apache-tomcat-6.0.18/[*****].com.pfx"
            keystorePass="[*************]" keystoreType="pkcs12"
clientAuth="false" sslProtocol="TLS" />*

*and.... blamo I get these exceptions:*

*Aug 11, 2009 4:13:50 PM org.apache.coyote.http11.Http11AprProtocol init
SEVERE: Error initializing endpoint
java.lang.Exception: No Certificate file specified or invalid file format
    at org.apache.tomcat.jni.SSLContext.setCertificate(Native Method)
    at org.apache.tomcat.util.net.AprEndpoint.init(AprEndpoint.java:684)
    at
org.apache.coyote.http11.Http11AprProtocol.init(Http11AprProtocol.java:107)
    at
org.apache.catalina.connector.Connector.initialize(Connector.java:1058)
    at
org.apache.catalina.core.StandardService.initialize(StandardService.java:677)
    at
org.apache.catalina.core.StandardServer.initialize(StandardServer.java:795)
    at org.apache.catalina.startup.Catalina.load(Catalina.java:530)
    at org.apache.catalina.startup.Catalina.load(Catalina.java:550)
    at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
    at
sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
    at
sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
    at java.lang.reflect.Method.invoke(Method.java:597)
    at org.apache.catalina.startup.Bootstrap.load(Bootstrap.java:260)
    at org.apache.catalina.startup.Bootstrap.main(Bootstrap.java:412)
Aug 11, 2009 4:13:50 PM org.apache.catalina.startup.Catalina load
SEVERE: Catalina.start
LifecycleException:  Protocol handler initialization failed:
java.lang.Exception: No Certificate file specified or invalid file format
    at
org.apache.catalina.connector.Connector.initialize(Connector.java:1060)
    at
org.apache.catalina.core.StandardService.initialize(StandardService.java:677)
    at
org.apache.catalina.core.StandardServer.initialize(StandardServer.java:795)
    at org.apache.catalina.startup.Catalina.load(Catalina.java:530)
    at org.apache.catalina.startup.Catalina.load(Catalina.java:550)
    at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
    at
sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
    at
sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
    at java.lang.reflect.Method.invoke(Method.java:597)
    at org.apache.catalina.startup.Bootstrap.load(Bootstrap.java:260)
    at org.apache.catalina.startup.Bootstrap.main(Bootstrap.java:412)
*
*and these to boot.... says it cannot bind to port 443 (or 8443 either)*

*Aug 11, 2009 4:13:51 PM org.apache.coyote.http11.Http11AprProtocol start
SEVERE: Error starting endpoint
java.lang.Exception: Socket bind failed: [730048] Only one usage of each
socket address (protocol/network address/port) is normally permitted.
    at org.apache.tomcat.util.net.AprEndpoint.init(AprEndpoint.java:612)
    at org.apache.tomcat.util.net.AprEndpoint.start(AprEndpoint.java:717)
    at
org.apache.coyote.http11.Http11AprProtocol.start(Http11AprProtocol.java:137)
    at org.apache.catalina.connector.Connector.start(Connector.java:1131)
    at
org.apache.catalina.core.StandardService.start(StandardService.java:531)
    at
org.apache.catalina.core.StandardServer.start(StandardServer.java:710)
    at org.apache.catalina.startup.Catalina.start(Catalina.java:578)
    at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
    at
sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
    at
sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
    at java.lang.reflect.Method.invoke(Method.java:597)
    at org.apache.catalina.startup.Bootstrap.start(Bootstrap.java:288)
    at org.apache.catalina.startup.Bootstrap.main(Bootstrap.java:413)
Aug 11, 2009 4:13:51 PM org.apache.catalina.startup.Catalina start
SEVERE: Catalina.start:
LifecycleException:  service.getName(): "Catalina";  Protocol handler start
failed: java.lang.Exception: Socket bind failed: [730048] Only one usage of
each socket address (protocol/network address/port) is normally permitted.
    at org.apache.catalina.connector.Connector.start(Connector.java:1138)
    at
org.apache.catalina.core.StandardService.start(StandardService.java:531)
    at
org.apache.catalina.core.StandardServer.start(StandardServer.java:710)
    at org.apache.catalina.startup.Catalina.start(Catalina.java:578)
    at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
    at
sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
    at
sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
    at java.lang.reflect.Method.invoke(Method.java:597)
    at org.apache.catalina.startup.Bootstrap.start(Bootstrap.java:288)
    at org.apache.catalina.startup.Bootstrap.main(Bootstrap.java:413)*


So it looks like I cannot use a pfx file with tomcat 6.0.18.  Am I able to
use the pfx file with tomcat 6?  The socket bind issue I have no clue, it
looks like something is already running on port 443, but that is
impossible.  I only have the tomcat server running, IIS is disabled and
httpd has been removed from the system completely.  I also tried port 8443
but I am getting the same error message.

Any insight would be most appreciated.

Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message