tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Kevin Jenkins <rak...@jenkinssoftware.com>
Subject Re: SSLCertificateKeyFile cannot find file that exists
Date Wed, 27 Mar 2013 17:22:41 GMT
I finally got it working. For anyone else that has the same problem, the
solution is very simple and I don't know why there are huge walls of text
rather than just saying this

To enable APR:
1. Download tomcat-native-1.1.27-win32-bin from
http://apache.mirrors.lucidnetworks.net/tomcat/tomcat-connectors/native/1.1.27/binaries/
2. copy tcnative-1.dll to the Tomcat bin directory

Get a self-signed key here:
http://www.selfsignedcertificate.com/

Use this connector in server.xml
 <Connector port="8444" redirectPort="444"
protocol="org.apache.coyote.http11.Http11AprProtocol" SSLEnabled="true"
               maxThreads="150" scheme="https" secure="true"
               clientAuth="false" sslProtocol="SSLv3"

 SSLCertificateKeyFile="${catalina.base}\conf\13862451_localhost.key"

 SSLCertificateFile="${catalina.base}\conf\13862451_localhost.cert"
/>

At least I can do my work now.

Unrelated, I cannot start my connector on port 443 or 8443. I commented out
every other connector in server.xml but this still happens. As a workaround
I changed the port to 8444 but I'm not sure why I need to.

SEVERE: Failed to initialize end point associated with ProtocolHandler
["http-ap
r-8443"]
java.lang.Exception: Socket bind failed: [730048] Only one usage of each
socket
address (protocol/network address/port) is normally permitted.
        at org.apache.tomcat.util.net.AprEndpoint.bind(AprEndpoint.java:446)
        at
org.apache.tomcat.util.net.AbstractEndpoint.init(AbstractEndpoint.jav
a:610)1




On Wed, Mar 27, 2013 at 9:46 AM, Harris, Jeffrey E. <
Jeffrey.Harris@mantech.com> wrote:

>
>
> > -----Original Message-----
> > From: Kevin Jenkins [mailto:rakkar@jenkinssoftware.com]
> > Sent: Wednesday, March 27, 2013 12:13 PM
> > To: Tomcat Users List
> > Subject: Re: SSLCertificateKeyFile cannot find file that exists
> >
> > Thanks for the answer Jeffery.
> >
> > Regarding the APR connector, I'm guessing since you said that Tomcat
> > doesn't come with it built-in already?
> >
> > Under installation / windows I downloaded this:
> > http://tomcat.apache.org/tomcat-7.0-doc/apr.html
> > I'm looking here http://tomcat.apache.org/tomcat-7.0-doc/apr.html under
> > installation and it said to download binaries here:
> > http://www.motorlogy.com/apache//tomcat/tomcat-
> > connectors/native/1.1.27/binaries/
> >
> > So I did that, copied tcnative-1.dll to D:\Program
> > Files\Java\jdk1.6.0_37\bin
> >
> > But it still didn't work when I clicked startup.bat. There's no
> > instructions on how to actually install APR that I can find beyond
> > saying to download the library. Not sure what to do at this point.
> >
> > Regarding converting the the key file and certificate file to a JKS
> > store... how do I do that/ I did some searching and came up with a wall
> > of complicated instructions. I've already spent hours trying to figure
> > out how to create self-signed keys (which is why I just went to that
> > website to begin with).
> >
> >
> > On Wed, Mar 27, 2013 at 8:49 AM, Harris, Jeffrey E. <
> > Jeffrey.Harris@mantech.com> wrote:
> >
> > >
> > >
> > > > -----Original Message-----
> > > > From: Kevin Jenkins [mailto:rakkar@jenkinssoftware.com]
> > > > Sent: Wednesday, March 27, 2013 11:46 AM
> > > > To: users@tomcat.apache.org
> > > > Subject: SSLCertificateKeyFile cannot find file that exists
> > > >
> > > > I'm working on a project where I need to test C++ code against an
> > > > HTTPS web server. So I am trying to get Tomcat to work using HTTPS
> > > > on localhost.
> > > > Security does not matter right now, I just need to get an HTTPS
> > > > server online so I can debug the C++.
> > > >
> > > > So I went to http://www.selfsignedcertificate.com/ and under server
> > > > name entered localhost.
> > > >
> > > > It gave me 2 files:
> > > > 3589340_localhost.key
> > > > 3589340_localhost.cert
> > > >
> > > > I copied those files to D:\apache-tomcat-7.0.37\conf
> > > >
> > > > I added this line to d:/apache-tomcat-7.0.37/confg/server.xml
> > > >
> > > > <Connector port="443" protocol="HTTP/1.1" SSLEnabled="true"
> > > >                maxThreads="150" scheme="https" secure="true"
> > > >                clientAuth="false" sslProtocol="SSLv3"
> > > >
> > > >
> > SSLCertificateKeyFile="${catalina.base}\conf\3589340_localhost.key"
> > > >
> > > >  SSLCertificateFile="${catalina.base}\conf\3589340_localhost.cert"
> > > > />
> > > >
> > > > I double click "D:\apache-tomcat-7.0.37\bin\startup.bat"
> > > >
> > > > It doesn't work. I don't understand why it does it does not find a
> > > > matching property. The file is there on the harddrive.
> > > >
> > > > WARNING: [SetAllPropertiesRule]{Server/Service/Connector} Setting
> > > > property 'SSLC ertificateFile' to 'D:\apache-tomcat-
> > > > 7.0.37\conf\3589340_localhost.cert'
> > > > did not
> > > >  find a matching property.
> > > > Mar 27, 2013 8:44:44 AM org.apache.coyote.AbstractProtocol init
> > > > INFO: Initializing ProtocolHandler ["http-bio-8080"] Mar 27, 2013
> > > > 8:44:44 AM org.apache.coyote.AbstractProtocol init
> > > > INFO: Initializing ProtocolHandler ["http-bio-443"] Mar 27, 2013
> > > > 8:44:44 AM org.apache.coyote.AbstractProtocol init
> > > > SEVERE: Failed to initialize end point associated with
> > > > ProtocolHandler ["http-bi o-443"]
> > > > java.io.IOException: Keystore was tampered with, or password was
> > > > incorrect
> > > >         at
> > > >
> > sun.security.provider.JavaKeyStore.engineLoad(JavaKeyStore.java:771)
> > > >         at
> > > >
> > sun.security.provider.JavaKeyStore$JKS.engineLoad(JavaKeyStore.java:
> > > > 3
> > > > 8)
> > > >         at java.security.KeyStore.load(KeyStore.java:1185)
> > > >         at
> > > >
> > org.apache.tomcat.util.net.jsse.JSSESocketFactory.getStore(JSSESocke
> > > > t
> > > > Factory.java:372)
> > > >
> > > > Thanks in advance for the help.
> > >
> > > You need to either use the APR connector, or convert the key file and
> > > certificate file to a JKS store, and update your configuration.
> > >
> > > Jeffrey Harris
> > >
>
> See the Tomcat documentation (
> http://tomcat.apache.org/tomcat-7.0-doc/ssl-howto.html) and look in the
> section "Edit the Tomcat Configuration File" to enable APR.
>
> Jeffrey Harris
>
> This e-mail and any attachments are intended only for the use of the
> addressee(s) named herein and may contain proprietary information. If you
> are not the intended recipient of this e-mail or believe that you received
> this email in error, please take immediate action to notify the sender of
> the apparent error by reply e-mail; permanently delete the e-mail and any
> attachments from your computer; and do not disseminate, distribute, use, or
> copy this message and any attachments.
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
> For additional commands, e-mail: users-help@tomcat.apache.org
>
>

Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message