tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Igor Cicimov <icici...@gmail.com>
Subject Re: More, Re: Problem bringing up SSL with a CA certificate
Date Thu, 19 Jan 2012 00:14:09 GMT
>
> Caused by: java.io.IOException: SSL configuration is invalid due to No
> available certificate or key corresponds to the SSL cipher suites which are
> enabled.


Are you sure you have downloaded the correct intermediate certs?

 *Note:* When executing the command to import the SSL certificate, you must
specify the actual *Alias* used when you initially created the keystore. If
you are unsure of this, run the following sample command to see the
contents of your keystore: *keytool -list -v -keystore keystorefile.kdb*
*
*
Did you use the same alias as the alias you used to create the keystore
when you imported the certificate? Is your tomcat connector config pointing
to the correct keysore file location?

Igor

On Thu, Jan 19, 2012 at 9:46 AM, James Lampert <jamesl@touchtonecorp.com>wrote:

> I've now got the CA certificates the customer representative is trying to
> use here, and I'm attempting to test them on our box.
>
> I followed these instructions:
>
> https://search.thawte.com/**support/ssl-digital-**certificates/index?page=
> **content&actp=CROSSLINK&id=**SO15518<https://search.thawte.com/support/ssl-digital-certificates/index?page=content&actp=CROSSLINK&id=SO15518>
>
> rather than the ones here:
>
> http://tomcat.apache.org/**tomcat-7.0-doc/ssl-howto.html#**
> Importing_the_Certificate<http://tomcat.apache.org/tomcat-7.0-doc/ssl-howto.html#Importing_the_Certificate>
>
> which appear to be somewhat out of date, as Thawte calls for both primary
> and secondary x.509 certificates to be loaded into the keystore.
>
> With no explicit alias reference, and the three certificates placed in the
> keystore, in the order specified by Thawte, I get:
>
>  SEVERE: Failed to initialize end point associated with ProtocolHandler
>> ["http-bio-8443"]                                           Throwable
>> occurred: java.io.IOException: SSL configuration is invalid due to No
>> available certificate or key corresponds to the SSL cipher suites which are
>> enabled.
>>  at org.apache.tomcat.util.net.**jsse.JSSESocketFactory.**
>> checkConfig(JSSESocketFactory.**java:822)
>>         at org.apache.tomcat.util.net.**jsse.JSSESocketFactory.init(**JSSESocketFactory.java:470)
>>                                              at
>> org.apache.tomcat.util.net.**jsse.JSSESocketFactory.**createSocket(**JSSESocketFactory.java:158)
>>                                      at org.apache.tomcat.util.net.**
>> JIoEndpoint.bind(JIoEndpoint.**java:369)
>>                               at org.apache.tomcat.util.net.**
>> AbstractEndpoint.init(**AbstractEndpoint.java:553)
>>                               at org.apache.coyote.**
>> AbstractProtocol.init(**AbstractProtocol.java:369)
>>                                        at org.apache.coyote.http11.**
>> AbstractHttp11JsseProtocol.**init(**AbstractHttp11JsseProtocol.**java:119)
>>                                   at org.apache.catalina.connector.**
>> Connector.initInternal(**Connector.java:937)
>>                       at org.apache.catalina.util.**LifecycleBase.init(**LifecycleBase.java:102)
>>                                                        at
>> org.apache.catalina.core.**StandardService.initInternal(**StandardService.java:559)
>>                                            at org.apache.catalina.util.**
>> LifecycleBase.init(**LifecycleBase.java:102)
>>                            at org.apache.catalina.core.**
>> StandardServer.initInternal(**StandardServer.java:781)
>>                            at org.apache.catalina.util.**
>> LifecycleBase.init(**LifecycleBase.java:102)
>>                            at org.apache.catalina.startup.**
>> Catalina.load(Catalina.java:**573)
>>                         at org.apache.catalina.startup.**
>> Catalina.load(Catalina.java:**598)
>>                         at sun.reflect.**NativeMethodAccessorImpl.**invoke0(Native
>> Method)                                                                at
>> sun.reflect.**NativeMethodAccessorImpl.**invoke(**
>> NativeMethodAccessorImpl.java:**60)
>>          at sun.reflect.**DelegatingMethodAccessorImpl.**invoke(**
>> DelegatingMethodAccessorImpl.**java:37)
>>      at java.lang.reflect.Method.**invoke(Method.java:611)
>>                                                             at
>> org.apache.catalina.startup.**Bootstrap.load(Bootstrap.java:**281)
>>                                                       at
>> org.apache.catalina.startup.**Bootstrap.main(Bootstrap.java:**449)
>>                                                      Caused by:
>> javax.net.ssl.SSLException: No available certificate or key corresponds to
>> the SSL cipher suites which are enabled.
>>  at com.ibm.jsse2.rc.a(rc.java:53)
>>                                                       at
>> com.ibm.jsse2.rc.accept(rc.**java:13)
>>                                                      at
>> org.apache.tomcat.util.net.**jsse.JSSESocketFactory.**
>> checkConfig(JSSESocketFactory.**java:818)
>>    ... 20 more
>>                                             Jan 18, 2012 2:21:43 PM
>> org.apache.catalina.core.**StandardService initInternal
>>                        SEVERE: Failed to initialize connector
>> [Connector[HTTP/1.1-8443]]
>>    Throwable occurred: org.apache.catalina.**LifecycleException: Failed
>> to initialize component [Connector[HTTP/1.1-8443]]
>>  at org.apache.catalina.util.**LifecycleBase.init(**LifecycleBase.java:106)
>>                                               at org.apache.catalina.core.
>> **StandardService.initInternal(**StandardService.java:559)
>>                     at org.apache.catalina.util.**LifecycleBase.init(**LifecycleBase.java:102)
>>                                               at org.apache.catalina.core.
>> **StandardServer.initInternal(**StandardServer.java:781)
>>                     at org.apache.catalina.util.**LifecycleBase.init(**LifecycleBase.java:102)
>>                                               at
>> org.apache.catalina.startup.**Catalina.load(Catalina.java:**573)
>>                                              at org.apache.catalina.startup.
>> **Catalina.load(Catalina.java:**598)
>>                  at sun.reflect.**NativeMethodAccessorImpl.**invoke0(Native
>> Method)                                                       at
>> sun.reflect.**NativeMethodAccessorImpl.**invoke(**
>> NativeMethodAccessorImpl.java:**60)
>> at sun.reflect.**DelegatingMethodAccessorImpl.**invoke(**
>> DelegatingMethodAccessorImpl.**java:37)                             at
>> java.lang.reflect.Method.**invoke(Method.java:611)
>>                                            at org.apache.catalina.startup.
>> **Bootstrap.load(Bootstrap.java:**281)
>>                  at org.apache.catalina.startup.**
>> Bootstrap.main(Bootstrap.java:**449)
>>               Caused by: org.apache.catalina.**LifecycleException:
>> Protocol handler initialization failed                             at
>> org.apache.catalina.connector.**Connector.initInternal(**Connector.java:939)
>>                                                         at
>> org.apache.catalina.util.**LifecycleBase.init(**LifecycleBase.java:102)
>>                                                              ... 12 more
>>
>>                                          Caused by: java.io.IOException:
>> SSL configuration is invalid due to No available certificate or key
>> corresponds to the SSL cipher suites which are enabled.
>>  at org.apache.tomcat.util.net.**jsse.JSSESocketFactory.**
>> checkConfig(JSSESocketFactory.**java:822)
>>          at org.apache.tomcat.util.net.**jsse.JSSESocketFactory.init(**JSSESocketFactory.java:470)
>>                                               at
>> org.apache.tomcat.util.net.**jsse.JSSESocketFactory.**createSocket(**JSSESocketFactory.java:158)
>>                                       at org.apache.tomcat.util.net.**
>> JIoEndpoint.bind(JIoEndpoint.**java:369)
>>                                at org.apache.tomcat.util.net.**
>> AbstractEndpoint.init(**AbstractEndpoint.java:553)
>>                                at org.apache.coyote.**
>> AbstractProtocol.init(**AbstractProtocol.java:369)
>>                                         at org.apache.coyote.http11.**
>> AbstractHttp11JsseProtocol.**init(**AbstractHttp11JsseProtocol.**java:119)
>>                                    at org.apache.catalina.connector.**
>> Connector.initInternal(**Connector.java:937)
>>                             ... 13 more
>>
>>        Caused by: javax.net.ssl.SSLException: No available certificate or
>> key corresponds to the SSL cipher suites which are enabled.       at
>> com.ibm.jsse2.rc.a(rc.java:53)
>>                                                       at
>> com.ibm.jsse2.rc.accept(rc.**java:13)
>>                                                            at
>> org.apache.tomcat.util.net.**jsse.JSSESocketFactory.**
>> checkConfig(JSSESocketFactory.**java:818)
>>          ... 20 more
>>
>>
>
> I haven't heard a single response to my earlier query, and none of this
> makes any sense.
>
> --
> JHHL
>
>
> ------------------------------**------------------------------**---------
> To unsubscribe, e-mail: users-unsubscribe@tomcat.**apache.org<users-unsubscribe@tomcat.apache.org>
> For additional commands, e-mail: users-help@tomcat.apache.org
>
>

Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message