tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Satish Mittal <satish.mit...@gmail.com>
Subject Tomcat 7 not working with javax.net.ssl.keyStorePassword property
Date Tue, 22 Nov 2011 20:42:54 GMT
Hi All,

I have observed a regression between tomcat 5 and tomcat 7.

In my tomcat webapp, before I spawn another tomcat webapp process, I pass
on the keystore password by setting the system property
"javax.net.ssl.keyStorePassword" to keystore password, instead of writing
the keystore password in plain-text as an attribute in server.xml.

This used to work in tomcat 5. However in tomcat 7, the same
webapp/keystore throws the following error:

Nov 22, 2011 8:04:45 PM org.apache.coyote.AbstractProtocol init
SEVERE: Failed to initialize end point associated with ProtocolHandler
["http-bio-8096"]
java.io.IOException: Keystore was tampered with, or password was incorrect
at sun.security.provider.JavaKeyStore.engineLoad(JavaKeyStore.java:771)
 at sun.security.provider.JavaKeyStore$JKS.engineLoad(JavaKeyStore.java:38)
at java.security.KeyStore.load(KeyStore.java:1185)
 at
org.apache.tomcat.util.net.jsse.JSSESocketFactory.getStore(JSSESocketFactory.java:407)
at
org.apache.tomcat.util.net.jsse.JSSESocketFactory.getKeystore(JSSESocketFactory.java:306)
 at
org.apache.tomcat.util.net.jsse.JSSESocketFactory.getKeyManagers(JSSESocketFactory.java:565)
at
org.apache.tomcat.util.net.jsse.JSSESocketFactory.getKeyManagers(JSSESocketFactory.java:505)
 at
org.apache.tomcat.util.net.jsse.JSSESocketFactory.init(JSSESocketFactory.java:449)
at
org.apache.tomcat.util.net.jsse.JSSESocketFactory.createSocket(JSSESocketFactory.java:158)
 at org.apache.tomcat.util.net.JIoEndpoint.bind(JIoEndpoint.java:373)
at
org.apache.tomcat.util.net.AbstractEndpoint.init(AbstractEndpoint.java:498)
 at org.apache.coyote.AbstractProtocol.init(AbstractProtocol.java:369)
at
org.apache.coyote.http11.AbstractHttp11JsseProtocol.init(AbstractHttp11JsseProtocol.java:119)
 at org.apache.catalina.connector.Connector.initInternal(Connector.java:909)
at org.apache.catalina.util.LifecycleBase.init(LifecycleBase.java:102)
 at
org.apache.catalina.core.StandardService.initInternal(StandardService.java:559)
at org.apache.catalina.util.LifecycleBase.init(LifecycleBase.java:102)
 at
org.apache.catalina.core.StandardServer.initInternal(StandardServer.java:781)
at org.apache.catalina.util.LifecycleBase.init(LifecycleBase.java:102)
 at org.apache.catalina.startup.Catalina.load(Catalina.java:573)
at org.apache.catalina.startup.Catalina.load(Catalina.java:596)
 at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at
sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
 at
sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
at java.lang.reflect.Method.invoke(Method.java:597)
 at org.apache.catalina.startup.Bootstrap.load(Bootstrap.java:281)
at org.apache.catalina.startup.Bootstrap.main(Bootstrap.java:449)
 at java.lang.Thread.run(Thread.java:619)
Caused by: java.security.UnrecoverableKeyException: Password verification
failed
at sun.security.provider.JavaKeyStore.engineLoad(JavaKeyStore.java:769)
 ... 28 more
Nov 22, 2011 8:04:47 PM org.apache.catalina.core.StandardService
initInternal
SEVERE: Failed to initialize connector [Connector[HTTP/1.1-8096]]
org.apache.catalina.LifecycleException: Failed to initialize component
[Connector[HTTP/1.1-8096]]
at org.apache.catalina.util.LifecycleBase.init(LifecycleBase.java:106)
 at
org.apache.catalina.core.StandardService.initInternal(StandardService.java:559)
at org.apache.catalina.util.LifecycleBase.init(LifecycleBase.java:102)
 at
org.apache.catalina.core.StandardServer.initInternal(StandardServer.java:781)
at org.apache.catalina.util.LifecycleBase.init(LifecycleBase.java:102)
 at org.apache.catalina.startup.Catalina.load(Catalina.java:573)
at org.apache.catalina.startup.Catalina.load(Catalina.java:596)
 at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at
sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
 at
sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
at java.lang.reflect.Method.invoke(Method.java:597)
 at org.apache.catalina.startup.Bootstrap.load(Bootstrap.java:281)
at org.apache.catalina.startup.Bootstrap.main(Bootstrap.java:449)
 at java.lang.Thread.run(Thread.java:619)
Caused by: org.apache.catalina.LifecycleException: Protocol handler
initialization failed
at org.apache.catalina.connector.Connector.initInternal(Connector.java:911)
 at org.apache.catalina.util.LifecycleBase.init(LifecycleBase.java:102)
... 14 more
Caused by: java.io.IOException: Keystore was tampered with, or password was
incorrect
at sun.security.provider.JavaKeyStore.engineLoad(JavaKeyStore.java:771)
 at sun.security.provider.JavaKeyStore$JKS.engineLoad(JavaKeyStore.java:38)
at java.security.KeyStore.load(KeyStore.java:1185)
 at
org.apache.tomcat.util.net.jsse.JSSESocketFactory.getStore(JSSESocketFactory.java:407)
at
org.apache.tomcat.util.net.jsse.JSSESocketFactory.getKeystore(JSSESocketFactory.java:306)
 at
org.apache.tomcat.util.net.jsse.JSSESocketFactory.getKeyManagers(JSSESocketFactory.java:565)
at
org.apache.tomcat.util.net.jsse.JSSESocketFactory.getKeyManagers(JSSESocketFactory.java:505)
 at
org.apache.tomcat.util.net.jsse.JSSESocketFactory.init(JSSESocketFactory.java:449)
at
org.apache.tomcat.util.net.jsse.JSSESocketFactory.createSocket(JSSESocketFactory.java:158)
 at org.apache.tomcat.util.net.JIoEndpoint.bind(JIoEndpoint.java:373)
at
org.apache.tomcat.util.net.AbstractEndpoint.init(AbstractEndpoint.java:498)
 at org.apache.coyote.AbstractProtocol.init(AbstractProtocol.java:369)
at
org.apache.coyote.http11.AbstractHttp11JsseProtocol.init(AbstractHttp11JsseProtocol.java:119)
 at org.apache.catalina.connector.Connector.initInternal(Connector.java:909)
... 15 more
Caused by: java.security.UnrecoverableKeyException: Password verification
failed
at sun.security.provider.JavaKeyStore.engineLoad(JavaKeyStore.java:769)
 ... 28 more

Due to this error, the HTTPS connector is not initializing. The keystore is
perfectly valid, since it works with tomcat 5.

Has anyone else observed this issue with tomcat 7? Any ideas/pointers how
to fix it?

Thanks in advance,
Satish Mittal

-- 
"The happiest of people donĀ“t necessarily have the best of everything, they
just make the most of everything that comes along their way."

Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message