tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Felix Schumacher <felix.schumac...@internetallee.de>
Subject Re: Question: Tomcat SSL configuration issue
Date Thu, 28 Jul 2011 05:41:30 GMT


Sammaiah Kyatham <sammaiahforu@googlemail.com> schrieb:

>Hello,
>
Your keystore has no private key.
The output of keytool below shows only a certificate.
You can use keytool -importkeystore to import key and certificate at the same time.

Regards
 Felix
>Could you help me on this issue. I spent many hours with the various
>options
>> and couldn’t resolve.
>>
>>
>>
>> I have configured the server.xml as per the tomcat configuration,
>however
>> I’m getting below errors.
>>
>>
>>
>> <Connector port="8443" protocol="HTTP/1.1" SSLEnabled="true"
>> keystoreFile="C:\Program Files\Java\jre6\bin\hakioskcheckin2_key"
>> keystorePass="PrivatePWD" keyAlias="tomcat" maxThreads="150"
>scheme="https"
>> secure="true" clientAuth="false" sslProtocol="TLS" />
>>
>>
>>
>> The exception in Catelina log:
>>
>>
>>
>> Jul 27, 2011 4:28:25 PM org.apache.coyote.http11.Http11Protocol init
>>
>> SEVERE: Error initializing endpoint
>>
>> java.io.IOException: Alias name tomcat does not identify a key entry
>>
>>             at
>>
>org.apache.tomcat.util.net.jsse.JSSESocketFactory.getKeyManagers(JSSESocketFactory.java:546)
>>
>>             at
>>
>org.apache.tomcat.util.net.jsse.JSSESocketFactory.init(JSSESocketFactory.java:481)
>>
>>             at
>>
>org.apache.tomcat.util.net.jsse.JSSESocketFactory.createSocket(JSSESocketFactory.java:156)
>>
>>             at
>> org.apache.tomcat.util.net.JIoEndpoint.init(JIoEndpoint.java:538)
>>
>>             at
>> org.apache.coyote.http11.Http11Protocol.init(Http11Protocol.java:176)
>>
>>             at
>>
>org.apache.catalina.connector.Connector.initialize(Connector.java:1022)
>>
>>             at
>>
>org.apache.catalina.core.StandardService.initialize(StandardService.java:703)
>>
>>             at
>>
>org.apache.catalina.core.StandardServer.initialize(StandardServer.java:838)
>>
>>             at
>> org.apache.catalina.startup.Catalina.load(Catalina.java:538)
>>
>>             at
>> org.apache.catalina.startup.Catalina.load(Catalina.java:562)
>>
>>             at sun.reflect.NativeMethodAccessorImpl.invoke0(Native
>Method)
>>
>>             at sun.reflect.NativeMethodAccessorImpl.invoke(Unknown
>Source)
>>
>>             at
>sun.reflect.DelegatingMethodAccessorImpl.invoke(Unknown
>> Source)
>>
>>
>>
>>
>>
>> When list the key using keytool, It lists alias tomcat as
>>
>> keytool -list -keystore hakioskcheckin2_key -storepass XXXXXX
>> Keystore type: JKS
>> Keystore provider: SUN
>>
>> Your keystore contains 1 entry
>>
>> tomcat, Jul 26, 2011, trustedCertEntry,
>> Certificate fingerprint (MD5): -removed intentionally-
>>
>>
>>
>> *If I remove alias from server.xml then following exception is
>throwing*
>>
>>
>java.io.IOException<http://download.oracle.com/javase/6/docs/api/java/io/IOException.html>:
>> jsse.invalid_ssl_conf
>> at
>>
>org.apache.tomcat.util.net.jsse.JSSESocketFactory.checkConfig(JSSESocketFactory.java:755)
>>
>> at
>>
>org.apache.tomcat.util.net.jsse.JSSESocketFactory.init(JSSESocketFactory.java:460)
>>
>> at
>>
>org.apache.tomcat.util.net.jsse.JSSESocketFactory.createSocket(JSSESocketFactory.java:130)
>>
>> at org.apache.tomcat.util.net.JIoEndpoint.init(JIoEndpoint.java:538)
>> at
>org.apache.coyote.http11.Http11Protocol.init(Http11Protocol.java:176)
>> at
>org.apache.catalina.connector.Connector.initialize(Connector.java:1014)
>>
>> at
>>
>org.apache.catalina.core.StandardService.initialize(StandardService.java:680)
>>
>> at
>>
>org.apache.catalina.core.StandardServer.initialize(StandardServer.java:795)
>>
>> at org.apache.catalina.startup.Catalina.load(Catalina.java:524)
>> at org.apache.catalina.startup.Catalina.load(Catalina.java:548)
>> at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
>>



---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org


Mime
View raw message