Return-Path: X-Original-To: apmail-tomcat-users-archive@www.apache.org Delivered-To: apmail-tomcat-users-archive@www.apache.org Received: from mail.apache.org (hermes.apache.org [140.211.11.3]) by minotaur.apache.org (Postfix) with SMTP id 464227527 for ; Thu, 28 Jul 2011 03:27:19 +0000 (UTC) Received: (qmail 67072 invoked by uid 500); 28 Jul 2011 03:27:14 -0000 Delivered-To: apmail-tomcat-users-archive@tomcat.apache.org Received: (qmail 66123 invoked by uid 500); 28 Jul 2011 03:26:56 -0000 Mailing-List: contact users-help@tomcat.apache.org; run by ezmlm Precedence: bulk List-Help: List-Unsubscribe: List-Post: List-Id: Reply-To: "Tomcat Users List" Delivered-To: mailing list users@tomcat.apache.org Received: (qmail 66109 invoked by uid 99); 28 Jul 2011 03:26:51 -0000 Received: from nike.apache.org (HELO nike.apache.org) (192.87.106.230) by apache.org (qpsmtpd/0.29) with ESMTP; Thu, 28 Jul 2011 03:26:51 +0000 X-ASF-Spam-Status: No, hits=1.5 required=5.0 tests=FREEMAIL_FROM,HTML_MESSAGE,RCVD_IN_DNSWL_LOW,SPF_PASS,T_TO_NO_BRKTS_FREEMAIL X-Spam-Check-By: apache.org Received-SPF: pass (nike.apache.org: domain of sammaiahforu@googlemail.com designates 209.85.215.170 as permitted sender) Received: from [209.85.215.170] (HELO mail-ey0-f170.google.com) (209.85.215.170) by apache.org (qpsmtpd/0.29) with ESMTP; Thu, 28 Jul 2011 03:26:45 +0000 Received: by eyd10 with SMTP id 10so3615049eyd.29 for ; Wed, 27 Jul 2011 20:26:25 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=googlemail.com; s=gamma; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :content-type; bh=uCAoZSLQ2XNlhtJRK/sS5vssaIAp2BEj6r1uLjAfn5o=; b=P+anX/sEXTY8k1uQ6RMKe1xwenzpov7pK/g4uV/yvFODJmB9KqeHBlwgDAm2e2Gq1q Sjw4f2qiRLy/4dz2DcnBPHtokzAcNbd53i/zH+yXi3dx8f7zPfNVtiQMcVsXfeCnKvou sdpVr2aO1plCGkYu35MVfVOGN2GFPOOWTckcU= MIME-Version: 1.0 Received: by 10.213.15.72 with SMTP id j8mr114301eba.81.1311823585210; Wed, 27 Jul 2011 20:26:25 -0700 (PDT) Received: by 10.213.20.68 with HTTP; Wed, 27 Jul 2011 20:26:25 -0700 (PDT) In-Reply-To: References: Date: Wed, 27 Jul 2011 17:26:25 -1000 Message-ID: Subject: Re: Question: Tomcat SSL configuration issue From: Sammaiah Kyatham To: users@tomcat.apache.org Content-Type: multipart/alternative; boundary=00151749f7cecdf1f104a918baf5 X-Virus-Checked: Checked by ClamAV on apache.org --00151749f7cecdf1f104a918baf5 Content-Type: text/plain; charset=windows-1252 Content-Transfer-Encoding: quoted-printable Hello, Could you help me on this issue. I spent many hours with the various option= s > and couldn=92t resolve. > > > > I have configured the server.xml as per the tomcat configuration, however > I=92m getting below errors. > > > > keystoreFile=3D"C:\Program Files\Java\jre6\bin\hakioskcheckin2_key" > keystorePass=3D"PrivatePWD" keyAlias=3D"tomcat" maxThreads=3D"150" scheme= =3D"https" > secure=3D"true" clientAuth=3D"false" sslProtocol=3D"TLS" /> > > > > The exception in Catelina log: > > > > Jul 27, 2011 4:28:25 PM org.apache.coyote.http11.Http11Protocol init > > SEVERE: Error initializing endpoint > > java.io.IOException: Alias name tomcat does not identify a key entry > > at > org.apache.tomcat.util.net.jsse.JSSESocketFactory.getKeyManagers(JSSESock= etFactory.java:546) > > at > org.apache.tomcat.util.net.jsse.JSSESocketFactory.init(JSSESocketFactory.= java:481) > > at > org.apache.tomcat.util.net.jsse.JSSESocketFactory.createSocket(JSSESocket= Factory.java:156) > > at > org.apache.tomcat.util.net.JIoEndpoint.init(JIoEndpoint.java:538) > > at > org.apache.coyote.http11.Http11Protocol.init(Http11Protocol.java:176) > > at > org.apache.catalina.connector.Connector.initialize(Connector.java:1022) > > at > org.apache.catalina.core.StandardService.initialize(StandardService.java:= 703) > > at > org.apache.catalina.core.StandardServer.initialize(StandardServer.java:83= 8) > > at > org.apache.catalina.startup.Catalina.load(Catalina.java:538) > > at > org.apache.catalina.startup.Catalina.load(Catalina.java:562) > > at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method= ) > > at sun.reflect.NativeMethodAccessorImpl.invoke(Unknown Source= ) > > at sun.reflect.DelegatingMethodAccessorImpl.invoke(Unknown > Source) > > > > > > When list the key using keytool, It lists alias tomcat as > > keytool -list -keystore hakioskcheckin2_key -storepass XXXXXX > Keystore type: JKS > Keystore provider: SUN > > Your keystore contains 1 entry > > tomcat, Jul 26, 2011, trustedCertEntry, > Certificate fingerprint (MD5): -removed intentionally- > > > > *If I remove alias from server.xml then following exception is throwing* > > java.io.IOException: > jsse.invalid_ssl_conf > at > org.apache.tomcat.util.net.jsse.JSSESocketFactory.checkConfig(JSSESocketF= actory.java:755) > > at > org.apache.tomcat.util.net.jsse.JSSESocketFactory.init(JSSESocketFactory.= java:460) > > at > org.apache.tomcat.util.net.jsse.JSSESocketFactory.createSocket(JSSESocket= Factory.java:130) > > at org.apache.tomcat.util.net.JIoEndpoint.init(JIoEndpoint.java:538) > at org.apache.coyote.http11.Http11Protocol.init(Http11Protocol.java:176) > at org.apache.catalina.connector.Connector.initialize(Connector.java:1014= ) > > at > org.apache.catalina.core.StandardService.initialize(StandardService.java:= 680) > > at > org.apache.catalina.core.StandardServer.initialize(StandardServer.java:79= 5) > > at org.apache.catalina.startup.Catalina.load(Catalina.java:524) > at org.apache.catalina.startup.Catalina.load(Catalina.java:548) > at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) > --00151749f7cecdf1f104a918baf5--