tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Harris, Jeffrey E." <Jeffrey.Har...@ManTech.com>
Subject RE: SSLCertificateKeyFile cannot find file that exists
Date Wed, 27 Mar 2013 16:46:56 GMT


> -----Original Message-----
> From: Kevin Jenkins [mailto:rakkar@jenkinssoftware.com]
> Sent: Wednesday, March 27, 2013 12:13 PM
> To: Tomcat Users List
> Subject: Re: SSLCertificateKeyFile cannot find file that exists
>
> Thanks for the answer Jeffery.
>
> Regarding the APR connector, I'm guessing since you said that Tomcat
> doesn't come with it built-in already?
>
> Under installation / windows I downloaded this:
> http://tomcat.apache.org/tomcat-7.0-doc/apr.html
> I'm looking here http://tomcat.apache.org/tomcat-7.0-doc/apr.html under
> installation and it said to download binaries here:
> http://www.motorlogy.com/apache//tomcat/tomcat-
> connectors/native/1.1.27/binaries/
>
> So I did that, copied tcnative-1.dll to D:\Program
> Files\Java\jdk1.6.0_37\bin
>
> But it still didn't work when I clicked startup.bat. There's no
> instructions on how to actually install APR that I can find beyond
> saying to download the library. Not sure what to do at this point.
>
> Regarding converting the the key file and certificate file to a JKS
> store... how do I do that/ I did some searching and came up with a wall
> of complicated instructions. I've already spent hours trying to figure
> out how to create self-signed keys (which is why I just went to that
> website to begin with).
>
>
> On Wed, Mar 27, 2013 at 8:49 AM, Harris, Jeffrey E. <
> Jeffrey.Harris@mantech.com> wrote:
>
> >
> >
> > > -----Original Message-----
> > > From: Kevin Jenkins [mailto:rakkar@jenkinssoftware.com]
> > > Sent: Wednesday, March 27, 2013 11:46 AM
> > > To: users@tomcat.apache.org
> > > Subject: SSLCertificateKeyFile cannot find file that exists
> > >
> > > I'm working on a project where I need to test C++ code against an
> > > HTTPS web server. So I am trying to get Tomcat to work using HTTPS
> > > on localhost.
> > > Security does not matter right now, I just need to get an HTTPS
> > > server online so I can debug the C++.
> > >
> > > So I went to http://www.selfsignedcertificate.com/ and under server
> > > name entered localhost.
> > >
> > > It gave me 2 files:
> > > 3589340_localhost.key
> > > 3589340_localhost.cert
> > >
> > > I copied those files to D:\apache-tomcat-7.0.37\conf
> > >
> > > I added this line to d:/apache-tomcat-7.0.37/confg/server.xml
> > >
> > > <Connector port="443" protocol="HTTP/1.1" SSLEnabled="true"
> > >                maxThreads="150" scheme="https" secure="true"
> > >                clientAuth="false" sslProtocol="SSLv3"
> > >
> > >
> SSLCertificateKeyFile="${catalina.base}\conf\3589340_localhost.key"
> > >
> > >  SSLCertificateFile="${catalina.base}\conf\3589340_localhost.cert"
> > > />
> > >
> > > I double click "D:\apache-tomcat-7.0.37\bin\startup.bat"
> > >
> > > It doesn't work. I don't understand why it does it does not find a
> > > matching property. The file is there on the harddrive.
> > >
> > > WARNING: [SetAllPropertiesRule]{Server/Service/Connector} Setting
> > > property 'SSLC ertificateFile' to 'D:\apache-tomcat-
> > > 7.0.37\conf\3589340_localhost.cert'
> > > did not
> > >  find a matching property.
> > > Mar 27, 2013 8:44:44 AM org.apache.coyote.AbstractProtocol init
> > > INFO: Initializing ProtocolHandler ["http-bio-8080"] Mar 27, 2013
> > > 8:44:44 AM org.apache.coyote.AbstractProtocol init
> > > INFO: Initializing ProtocolHandler ["http-bio-443"] Mar 27, 2013
> > > 8:44:44 AM org.apache.coyote.AbstractProtocol init
> > > SEVERE: Failed to initialize end point associated with
> > > ProtocolHandler ["http-bi o-443"]
> > > java.io.IOException: Keystore was tampered with, or password was
> > > incorrect
> > >         at
> > >
> sun.security.provider.JavaKeyStore.engineLoad(JavaKeyStore.java:771)
> > >         at
> > >
> sun.security.provider.JavaKeyStore$JKS.engineLoad(JavaKeyStore.java:
> > > 3
> > > 8)
> > >         at java.security.KeyStore.load(KeyStore.java:1185)
> > >         at
> > >
> org.apache.tomcat.util.net.jsse.JSSESocketFactory.getStore(JSSESocke
> > > t
> > > Factory.java:372)
> > >
> > > Thanks in advance for the help.
> >
> > You need to either use the APR connector, or convert the key file and
> > certificate file to a JKS store, and update your configuration.
> >
> > Jeffrey Harris
> >

See the Tomcat documentation (http://tomcat.apache.org/tomcat-7.0-doc/ssl-howto.html) and
look in the section "Edit the Tomcat Configuration File" to enable APR.

Jeffrey Harris

This e-mail and any attachments are intended only for the use of the addressee(s) named herein
and may contain proprietary information. If you are not the intended recipient of this e-mail
or believe that you received this email in error, please take immediate action to notify the
sender of the apparent error by reply e-mail; permanently delete the e-mail and any attachments
from your computer; and do not disseminate, distribute, use, or copy this message and any
attachments.

---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org


Mime
View raw message