tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Ken Johanson <tomcat-u...@kensystem.com>
Subject Re: Tomcat + APR: 'Invalid Server SSL Protocol' (was 'Tomcat + APR .. Socket bind failed')
Date Tue, 20 Oct 2009 03:18:13 GMT 
Ken Johanson wrote:
> Ken Johanson wrote:
> <snip>
> 
>> After doing a kill, then startup I now get:
>>
>> java.lang.Exception: Invalid Server SSL Protocol
>>         at org.apache.tomcat.jni.SSLContext.make(Native Method)
>>         at 
>> org.apache.tomcat.util.net.AprEndpoint.init(AprEndpoint.java:693)
>>         at 
>> org.apache.coyote.http11.Http11AprProtocol.init(Http11AprProtocol.java:107) 
>>
>>         at 
>> org.apache.catalina.connector.Connector.initialize(Connector.java:1058)
>> ...........
>> Oct 15, 2009 10:10:44 PM org.apache.catalina.startup.Catalina load
>> SEVERE: Catalina.start
>> LifecycleException:  Protocol handler initialization failed: 
>> java.lang.Exception: Invalid Server SSL Protocol
>>         at
>> ......
>>
>> But I can't see where I'm deviating from docs with:
>> <Connector
>>     port="8443"
>>     enableLookups="false"
>>     SSLEnabled="true" scheme="https" secure="true"
>>     SSLCertificateFile="${catalina.base}/conf/cert.pem"
>>     SSLCertificateKeyFile="${catalina.base}/conf/key.pem"
>>     disableUploadTimeout="true"
>>     SSLVerifyClient="optional"
>>     sslProtocol="TLS"
>> />
>>
>> BTW I'm now tryng recent apache-tomcat-6.0.20 and rebuilt 
>> tomcat-native-1.1.16.
>>
>> Any insight would be immensely appreciated!
>>
>> Best regards,
>> -Ken
>>
>>
> 
> Presumably the shutdown failure is caused by this NPE interrupting the 
> call:
> 
> Oct 15, 2009 10:19:29 PM org.apache.coyote.http11.Http11AprProtocol destroy
> INFO: Stopping Coyote HTTP/1.1 on http-8080
> Oct 15, 2009 10:19:29 PM org.apache.catalina.connector.MapperListener 
> destroy
> WARNING: Error unregistering MBeanServerDelegate
> java.lang.NullPointerException
>         at 
> org.apache.catalina.connector.MapperListener.destroy(MapperListener.java:171) 
> 
>         at 
> org.apache.catalina.connector.Connector.stop(Connector.java:1179)
>         at 
> org.apache.catalina.core.StandardService.stop(StandardService.java:593)
> 

For the benefit of others:
the solution to this was to add the element:

<Listener className="org.apache.catalina.core.AprLifecycleListener" 
SSLEngine="on"/>

as a child node of the 'Server' element.

This fact IS listed here:
http://tomcat.apache.org/tomcat-6.0-doc/apr.html

although it might be argued it is not clear that the Listener is 
REQUIRED for SSL to work under APR (listener may imply to some people 
that a user listener is offered for those who wish to intercept SSL 
session events)

Regards,
-Ken



---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org
Mime
View raw message