tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From amine20 <amin...@hotmail.com>
Subject PLZ help: i've issue with SSL TOMCAT
Date Tue, 17 Apr 2012 10:51:31 GMT
hi
i'm new in tomcat/apache environement, i've succes to add ssl to apache2
using openssl, but i've tried to do the same in tomcat but unfortunatly
doesn't WORK.

this is an explanation of what i have did:
Step 1.Create a keystore file using Java           
/usr/lib/jvm/java-6-sun-1.6.0.26/jre/bin# keytool -genkey -alias tomcat
-keyalg RSA

root@CAS:/usr/lib/jvm/java-6-sun-1.6.0.26/jre/bin# keytool -genkey -alias
tomcat -keyalg RSA
Enter key store password: changeit
Enter key password for <tomcat>: changeit

You are about to enter information that will be incorporated into
your certificate request.  This information is what is called a
Distinguished Name or DN.  There are quite a few fields but you
can use supplied default values, displayed between brackets, by just
hitting <Enter>, or blank the field by entering the <.> character
before hitting <Enter>.

Common Name (hostname, IP, or your name): CAS
Organization Name (company) [The Sample Company]: crdp-nice.cndp.fr
Organizational Unit Name (department, division): IT
Locality Name (city, district) [Sydney]: FRANCE
State or Province Name (full name) [NSW]: TOULON
Country Name (2 letter code) [AU]: FR
------------------------------------------------->>> now my .keystore file
is in /root folder
root@CAS:/usr/lib/jvm/java-6-sun-1.6.0.26/jre/bin# ls -a /root |grep
.keystore
.keystore

Step 2.Configure Tomcat to use the keystore
a modify the server.xml file as shown:

    <Connector protocol="org.apache.coyote.http11.Http11Protocol"
               port="8443"  SSLEnabled="true"
               keystoreFile="/root/.keystore" keystorePass="changeit"
               maxThreads="150" scheme="https" secure="true"
               clientAuth="false" sslProtocol="TLS" />
 --------------------------------------
for testing:
 service tomcat6 restart
Stopping Tomcat servlet engine: tomcat6.
Starting Tomcat servlet engine: tomcat6.

we see tomcat can restart but in log file i got this:

17 avr. 2012 12:16:30 org.apache.catalina.startup.Catalina start
INFO: Server startup in 6026 ms
17 avr. 2012 12:19:20 org.apache.coyote.http11.Http11Protocol pause
INFO: Suspension de Coyote HTTP/1.1 sur http-8080
17 avr. 2012 12:19:20 org.apache.coyote.http11.Http11Protocol pause
INFO: Suspension de Coyote HTTP/1.1 sur http-8443
17 avr. 2012 12:19:21 org.apache.catalina.core.StandardService stop
INFO: Arrêt du service Catalina
17 avr. 2012 12:19:21 org.apache.catalina.loader.WebappClassLoader
clearReferencesThreads
GRAVE: The web application [/cas] appears to have started a thread named
[Thread-2] but has failed to stop it. This is very likely to create a memory
leak.
17 avr. 2012 12:19:21 org.apache.catalina.loader.WebappClassLoader
clearReferencesThreads
GRAVE: The web application [/cas] appears to have started a thread named
[scheduler_Worker-1] but has failed to stop it. This is very likely to
create a memory leak.
17 avr. 2012 12:19:21 org.apache.catalina.loader.WebappClassLoader
clearReferencesThreads
GRAVE: The web application [/cas] appears to have started a thread named
[scheduler_Worker-2] but has failed to stop it. This is very likely to
create a memory leak.
17 avr. 2012 12:19:21 org.apache.coyote.http11.Http11Protocol destroy
INFO: Arrêt de Coyote HTTP/1.1 sur http-8080
17 avr. 2012 12:19:21 org.apache.coyote.http11.Http11Protocol destroy
INFO: Arrêt de Coyote HTTP/1.1 sur http-8443
17 avr. 2012 12:19:23 org.apache.catalina.startup.ClassLoaderFactory
validateFile
ATTENTION: Problem with directory [/usr/share/tomcat6/server/classes],
exists: [false], isDirectory: [false], canRead: [false]
17 avr. 2012 12:19:23 org.apache.catalina.startup.ClassLoaderFactory
validateFile
ATTENTION: Problem with directory [/usr/share/tomcat6/server], exists:
[false], isDirectory: [false], canRead: [false]
17 avr. 2012 12:19:23 org.apache.catalina.startup.ClassLoaderFactory
validateFile
ATTENTION: Problem with directory [/usr/share/tomcat6/shared/classes],
exists: [false], isDirectory: [false], canRead: [false]
17 avr. 2012 12:19:23 org.apache.catalina.startup.ClassLoaderFactory
validateFile
ATTENTION: Problem with directory [/usr/share/tomcat6/shared], exists:
[false], isDirectory: [false], canRead: [false]
17 avr. 2012 12:19:24 org.apache.coyote.http11.Http11Protocol init
INFO: Initialisation de Coyote HTTP/1.1 sur http-8080
17 avr. 2012 12:19:24 org.apache.tomcat.util.net.jsse.JSSESocketFactory
getStore
GRAVE: Failed to load keystore type JKS with path /root/.keystore due to
/root/.keystore (Permission denied)
java.io.FileNotFoundException: /root/.keystore (Permission denied)
        at java.io.FileInputStream.open(Native Method)
        at java.io.FileInputStream.<init>(FileInputStream.java:120)
        at
org.apache.tomcat.util.net.jsse.JSSESocketFactory.getStore(JSSESocketFactory.java:405)
        at
org.apache.tomcat.util.net.jsse.JSSESocketFactory.getKeystore(JSSESocketFactory.java:296)
        at
org.apache.tomcat.util.net.jsse.JSSESocketFactory.getKeyManagers(JSSESocketFactory.java:544)
        at
org.apache.tomcat.util.net.jsse.JSSESocketFactory.init(JSSESocketFactory.java:481)
        at
org.apache.tomcat.util.net.jsse.JSSESocketFactory.createSocket(JSSESocketFactory.java:156)
        at org.apache.tomcat.util.net.JIoEndpoint.init(JIoEndpoint.java:538)
        at
org.apache.coyote.http11.Http11Protocol.init(Http11Protocol.java:176)
        at
org.apache.catalina.connector.Connector.initialize(Connector.java:1049)
        at
org.apache.catalina.core.StandardService.initialize(StandardService.java:703)
        at
org.apache.catalina.core.StandardServer.initialize(StandardServer.java:838)
        at org.apache.catalina.startup.Catalina.load(Catalina.java:538)
        at org.apache.catalina.startup.Catalina.load(Catalina.java:562)
        at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
        at
sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
        at
sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
        at java.lang.reflect.Method.invoke(Method.java:597)
        at org.apache.catalina.startup.Bootstrap.load(Bootstrap.java:261)
        at org.apache.catalina.startup.Bootstrap.main(Bootstrap.java:413)
17 avr. 2012 12:19:24 org.apache.coyote.http11.Http11Protocol init
GRAVE: Erreur à l'initialisation du point de contact
java.io.FileNotFoundException: /root/.keystore (Permission denied)
        at java.io.FileInputStream.open(Native Method)
        at java.io.FileInputStream.<init>(FileInputStream.java:120)
        at
org.apache.tomcat.util.net.jsse.JSSESocketFactory.getStore(JSSESocketFactory.java:405)
        at
org.apache.tomcat.util.net.jsse.JSSESocketFactory.getKeystore(JSSESocketFactory.java:296)
        at
org.apache.tomcat.util.net.jsse.JSSESocketFactory.getKeyManagers(JSSESocketFactory.java:544)
        at
org.apache.tomcat.util.net.jsse.JSSESocketFactory.init(JSSESocketFactory.java:481)
        at
org.apache.tomcat.util.net.jsse.JSSESocketFactory.createSocket(JSSESocketFactory.java:156)
        at org.apache.tomcat.util.net.JIoEndpoint.init(JIoEndpoint.java:538)
        at
org.apache.coyote.http11.Http11Protocol.init(Http11Protocol.java:176)
        at
org.apache.catalina.connector.Connector.initialize(Connector.java:1049)
        at
org.apache.catalina.core.StandardService.initialize(StandardService.java:703)
        at
org.apache.catalina.core.StandardServer.initialize(StandardServer.java:838)
        at org.apache.catalina.startup.Catalina.load(Catalina.java:538)
        at org.apache.catalina.startup.Catalina.load(Catalina.java:562)
        at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
        at
sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
        at
sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
        at java.lang.reflect.Method.invoke(Method.java:597)
        at org.apache.catalina.startup.Bootstrap.load(Bootstrap.java:261)
        at org.apache.catalina.startup.Bootstrap.main(Bootstrap.java:413)
17 avr. 2012 12:19:24 org.apache.catalina.core.StandardService initialize
GRAVE: Failed to initialize connector [Connector[HTTP/1.1-8443]]
LifecycleException:  L'initialisation du gestionnaire de protocole a
ÃSymbole C (copyright)chouÃSymbole C (copyright):
java.io.FileNotFoundException: /root/.keystore (Permission denied)
        at
org.apache.catalina.connector.Connector.initialize(Connector.java:1051)
        at
org.apache.catalina.core.StandardService.initialize(StandardService.java:703)
        at
org.apache.catalina.core.StandardServer.initialize(StandardServer.java:838)
        at org.apache.catalina.startup.Catalina.load(Catalina.java:538)
        at org.apache.catalina.startup.Catalina.load(Catalina.java:562)
        at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
        at
sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
        at
sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
        at java.lang.reflect.Method.invoke(Method.java:597)
        at org.apache.catalina.startup.Bootstrap.load(Bootstrap.java:261)
        at org.apache.catalina.startup.Bootstrap.main(Bootstrap.java:413)
17 avr. 2012 12:19:24 org.apache.catalina.startup.Catalina load
INFO: Initialization processed in 1130 ms
17 avr. 2012 12:19:24 org.apache.catalina.core.StandardService start
INFO: DÃSymbole C (copyright)marrage du service Catalina
17 avr. 2012 12:19:24 org.apache.catalina.core.StandardEngine start
INFO: Starting Servlet Engine: Apache Tomcat/6.0.35
17 avr. 2012 12:19:24 org.apache.catalina.startup.HostConfig
deployDescriptor
INFO: DÃSymbole C (copyright)ploiement du descripteur de configuration
ROOT.xml
17 avr. 2012 12:19:25 org.apache.catalina.startup.HostConfig deployWAR
INFO: DÃSymbole C (copyright)ploiement de l'archive cas.war de l'application
web
--------------
more info: i can load http page in port 8080 for tomcat,
 also i have and i can load https & https:443 pages for apache2
-------------
it's 3 days that im stucking her, thanks for help.

--
View this message in context: http://tomcat.10.n6.nabble.com/PLZ-help-i-ve-issue-with-SSL-TOMCAT-tp4889811p4889811.html
Sent from the Tomcat - User mailing list archive at Nabble.com.

---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org


Mime
View raw message