tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Andrew Eells <aee...@qmetric.co.uk>
Subject SSL configuration / APR / Tomcat 7.0.17
Date Tue, 30 Aug 2011 12:44:53 GMT
Tomcat 7.0.16
Linux x86_64 GNU/Linux (Amazon AWS 64-bit AMI)

APR is definitely correctly installed, without the SSL configuration I
receive the following log info:
INFO: Loaded APR based Apache Tomcat Native library 1.1.20.
30-Aug-2011 13:22:47 org.apache.catalina.core.AprLifecycleListener init
INFO: APR capabilities: IPv6 [true], sendfile [true], accept filters
[false], random [true].


I am unable to start Tomcat having followed the SSL How-to (
http://tomcat.apache.org/tomcat-7.0-doc/ssl-howto.html) and receive the
following stack trace on server start:

SEVERE: Failed to initialize connector [Connector[HTTP/1.1-8443]]
org.apache.catalina.LifecycleException: Protocol handler initialization
failed
at org.apache.catalina.connector.Connector.initInternal(Connector.java:912)
 at org.apache.catalina.util.LifecycleBase.init(LifecycleBase.java:101)
at
org.apache.catalina.core.StandardService.initInternal(StandardService.java:559)
 at org.apache.catalina.util.LifecycleBase.init(LifecycleBase.java:101)
at
org.apache.catalina.core.StandardServer.initInternal(StandardServer.java:781)
 at org.apache.catalina.util.LifecycleBase.init(LifecycleBase.java:101)
at org.apache.catalina.startup.Catalina.load(Catalina.java:572)
 at org.apache.catalina.startup.Catalina.load(Catalina.java:595)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
 at
sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:57)
at
sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
 at java.lang.reflect.Method.invoke(Method.java:616)
at org.apache.catalina.startup.Bootstrap.load(Bootstrap.java:262)
 at org.apache.catalina.startup.Bootstrap.main(Bootstrap.java:430)
Caused by: java.lang.Exception: Unable to load certificate key
/usr/local/tomcat/conf/my.pem (error:0906D06C:PEM routines:PEM_read_bio:no
start line)
 at org.apache.tomcat.jni.SSLContext.setCertificate(Native Method)
at org.apache.tomcat.util.net.AprEndpoint.bind(AprEndpoint.java:513)
 at
org.apache.tomcat.util.net.AbstractEndpoint.init(AbstractEndpoint.java:490)
at org.apache.coyote.AbstractProtocol.init(AbstractProtocol.java:364)
 at org.apache.catalina.connector.Connector.initInternal(Connector.java:910)
... 13 more

As per the documentation, my server.xml configuration is as follows:

<Listener className="org.apache.catalina.core.AprLifecycleListener"
SSLEngine="on" />

<Connector
           port="8443" maxThreads="200"
           scheme="https" secure="true" SSLEnabled="true"
           SSLCertificateFile="/usr/local/tomcat/conf/my.crt"
           SSLCertificateKeyFile="/usr/local/tomcat/conf/my.pem"
           clientAuth="optional" SSLProtocol="TLSv1"/>

I have tried removing redundant parameters as per the HTTP Connector SSL
Support (
http://tomcat.apache.org/tomcat-7.0-doc/config/http.html#SSL%20Support) but
still receive the same error.

Any pointers gratefully received.

Best regards,


-- 

*Andrew Eells*


32-38 Dukes Place, London, EC3A 7LP

tel:           +44 (0) 845 475 1415
mobile:    +44 (0) 772 555 1809
web:         www.qmetric.co.uk<http://www.google.com/url?q=http%3A%2F%2Fwww.qmetric.co.uk%2F&sa=D&sntz=1&usg=AFrqEzfNWYcveHajt6MLZJ_d6wzsSDVW3Q>
<http://www.google.com/url?q=http%3A%2F%2Fwww.qmetric.co.uk%2F&sa=D&sntz=1&usg=AFrqEzfNWYcveHajt6MLZJ_d6wzsSDVW3Q>


Follow me on:

 <http://www.linkedin.com/in/eells>   <http://www.twitter.com/tech_startup>
   <http://www.andrew-eells.com>

----------------------------------------------------------------------------------

The information in this email is confidential and may be legally privileged.  It is intended
solely for the addressee.  Access to this email by anyone else is unauthorised.  If you are
not the intended recipient, any disclosure, copying, distribution or any action taken or omitted
to be taken in reliance on it, is prohibited and may be unlawful.
 
QMetric Group Limited company number 07151701 the registered office of which is at 32-38 Dukes
Place, London, United Kingdom, EC3A 7LP.

Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message