tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From James Snider <James.Sni...@hbcs.org>
Subject RE: Errors when trying to configure SSL for Apache Tomcat 7
Date Wed, 17 Apr 2013 20:10:19 GMT

Hi Chris,

Thanks for your help!

I have reinstalled Apache Tomcat with the tcnative library and I am not receiving the SSL
certificate errors as seen earlier.  But I am now receiving the following errors upon startup:


Apr 17, 2013 3:13:58 PM org.apache.catalina.startup.SetAllPropertiesRule begin
WARNING: [SetAllPropertiesRule]{Server/Service/Connector} Setting property 'maxSpareThreads'
to '75' did not find a matching property.
Apr 17, 2013 3:13:58 PM org.apache.catalina.startup.SetAllPropertiesRule begin
WARNING: [SetAllPropertiesRule]{Server/Service/Connector} Setting property 'SSLEngine' to
'on' did not find a matching property.
Apr 17, 2013 3:13:58 PM org.apache.catalina.core.AprLifecycleListener initializeSSL
INFO: OpenSSL successfully initialized (OpenSSL 1.0.1d 5 Feb 2013)
Apr 17, 2013 3:13:58 PM org.apache.coyote.AbstractProtocol init
INFO: Initializing ProtocolHandler ["http-apr-80"]
Apr 17, 2013 3:13:59 PM org.apache.coyote.AbstractProtocol init
INFO: Initializing ProtocolHandler ["http-apr-443"]
Apr 17, 2013 3:13:59 PM org.apache.coyote.AbstractProtocol init
SEVERE: Failed to initialize end point associated with ProtocolHandler ["http-apr-443"]
java.lang.Exception: Unable to load certificate key C:\Program Files\Apache Software Foundation\Tomcat
7.0\conf\CRT\hncshvm.hbcs.org.key (error:02001003:system library:fopen:No such process)
	at org.apache.tomcat.jni.SSLContext.setCertificate(Native Method)
	at org.apache.tomcat.util.net.AprEndpoint.bind(AprEndpoint.java:590)
	at org.apache.tomcat.util.net.AbstractEndpoint.init(AbstractEndpoint.java:610)
	at org.apache.coyote.AbstractProtocol.init(AbstractProtocol.java:429)
	at org.apache.catalina.connector.Connector.initInternal(Connector.java:981)
	at org.apache.catalina.util.LifecycleBase.init(LifecycleBase.java:102)
	at org.apache.catalina.core.StandardService.initInternal(StandardService.java:559)
	at org.apache.catalina.util.LifecycleBase.init(LifecycleBase.java:102)
	at org.apache.catalina.core.StandardServer.initInternal(StandardServer.java:814)
	at org.apache.catalina.util.LifecycleBase.init(LifecycleBase.java:102)
	at org.apache.catalina.startup.Catalina.load(Catalina.java:633)
	at org.apache.catalina.startup.Catalina.load(Catalina.java:658)
	at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
	at sun.reflect.NativeMethodAccessorImpl.invoke(Unknown Source)
	at sun.reflect.DelegatingMethodAccessorImpl.invoke(Unknown Source)
	at java.lang.reflect.Method.invoke(Unknown Source)
	at org.apache.catalina.startup.Bootstrap.load(Bootstrap.java:281)
	at org.apache.catalina.startup.Bootstrap.main(Bootstrap.java:455)

Apr 17, 2013 3:13:59 PM org.apache.catalina.core.StandardService initInternal
SEVERE: Failed to initialize connector [Connector[HTTP/1.1-443]]
org.apache.catalina.LifecycleException: Failed to initialize component [Connector[HTTP/1.1-443]]
	at org.apache.catalina.util.LifecycleBase.init(LifecycleBase.java:106)
	at org.apache.catalina.core.StandardService.initInternal(StandardService.java:559)
	at org.apache.catalina.util.LifecycleBase.init(LifecycleBase.java:102)
	at org.apache.catalina.core.StandardServer.initInternal(StandardServer.java:814)
	at org.apache.catalina.util.LifecycleBase.init(LifecycleBase.java:102)
	at org.apache.catalina.startup.Catalina.load(Catalina.java:633)
	at org.apache.catalina.startup.Catalina.load(Catalina.java:658)
	at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
	at sun.reflect.NativeMethodAccessorImpl.invoke(Unknown Source)
	at sun.reflect.DelegatingMethodAccessorImpl.invoke(Unknown Source)
	at java.lang.reflect.Method.invoke(Unknown Source)
	at org.apache.catalina.startup.Bootstrap.load(Bootstrap.java:281)
	at org.apache.catalina.startup.Bootstrap.main(Bootstrap.java:455)
Caused by: org.apache.catalina.LifecycleException: Protocol handler initialization failed
	at org.apache.catalina.connector.Connector.initInternal(Connector.java:983)
	at org.apache.catalina.util.LifecycleBase.init(LifecycleBase.java:102)
	... 12 more
Caused by: java.lang.Exception: Unable to load certificate key C:\Program Files\Apache Software
Foundation\Tomcat 7.0\conf\CRT\hncshvm.hbcs.org.key (error:02001003:system library:fopen:No
such process)
	at org.apache.tomcat.jni.SSLContext.setCertificate(Native Method)
	at org.apache.tomcat.util.net.AprEndpoint.bind(AprEndpoint.java:590)
	at org.apache.tomcat.util.net.AbstractEndpoint.init(AbstractEndpoint.java:610)
	at org.apache.coyote.AbstractProtocol.init(AbstractProtocol.java:429)
	at org.apache.catalina.connector.Connector.initInternal(Connector.java:981)
	... 13 more


To answer your questions I have Tomcat installed in the C:\Program Files\Apache Software Foudnation\Tomcat
directory.  I am using a windows server 2003 R2 x64 bit OS AND Have java version 1.7 installed.




-----Original Message-----
From: Christopher Schultz [mailto:chris@christopherschultz.net] 
Sent: Wednesday, April 17, 2013 12:08 PM
To: Tomcat Users List
Subject: Re: Errors when trying to configure SSL for Apache Tomcat 7

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

James,

On 4/17/13 10:12 AM, James Snider wrote:
> After reviewing the APR<Connector> documentation, I am still receiving 
> the errors involving the SSL Certificate and do not understand where 
> the issue is being generated.  I have attached a copy of my current 
> server.xml file and screenshots of the errors I am receiving upon 
> start up.

Server.xml came over, but the screenshots did not: this list strips most attachments.

> Can you give me more insight on resolving this issue?

Your configuration in your two environments is identical (server.xml is nominally the same)
but your two environments are not identical. To
wit: your broken environment is missing the tcnative library. Your log file even told you
so:

> Apr 12, 2013 4:05:59 PM
> org.apache.catalina.core.AprLifecycleListener init INFO: The APR based 
> Apache Tomcat Native library which allows optimal performance in 
> production environments was not found on the java.library.path:
> C:\Program Files\Apache Software Foundation\Tomcat 
> 7.0\bin;C:\WINDOWS\Sun\Java\bin;C:\WINDOWS\system32;C:\WINDOWS;C:\Prog
> ram 
> Files\Java\jdk1.7.0_17\bin;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;.

While
> 
that is an INFO message and does not in and of itself represent a problem, you are clearly
trying to use the APR connector which requires this library to be present:

> Apr 12, 2013 4:05:59 PM
> org.apache.catalina.startup.SetAllPropertiesRule begin WARNING:
> [SetAllPropertiesRule]{Server/Service/Connector} Setting property 
> 'SSLCertificateFile' to 'C:\Program Files\Apache Software 
> Foundation\Tomcat 7.0\conf\CRT\ www.companyx.com.crt' did not find a 
> matching property.

The SSLCertificateFile <Connector> attribute is only valid for APR connectors. Thus,
you need tcnative to be installed and have a matching architecture to your JVM.

> Is there a support # I can call to have a technician walk me through 
> troubleshooting this or any professional services I can contact?

Apache is an all-volunteer organization and this (and other) mailing lists are provided at
no cost to you. Any subscriber to this list may feel free to give you advice but that advice
comes with no warranty and no guarantee of success. It also comes with no cost. You get what
you pay for.

If you want to pay someone to help you *right now*, consider looking at the list of Tomcat
consultants which you can find here:
http://wiki.apache.org/tomcat/SupportAndTraining

Honestly, this is something you can fix yourself by asking yourself these questions:

1. Where is Tomcat installed? Is there a tcnative*.dll file somewhere inside that directory
(or subdirectories)? If it's not there, your installation is broken and you should try again.
Chuck suggested that already.

2. What JVM are you running? What is the architecture (ia32, ia64, or x86_64)? What is the
architecture of the .dll file you found above? If they don't match, then you need to make
them match. Re-installing Tomcat and ensuring that you choose the JVM you intend to use during
installation should ensure that you have the right flavor library in the right place.

- -chris
-----BEGIN PGP SIGNATURE-----
Version: GnuPG/MacGPG2 v2.0.17 (Darwin)
Comment: GPGTools - http://gpgtools.org
Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/

iQIcBAEBCAAGBQJRbsjCAAoJEBzwKT+lPKRYUsoQALblluwq86M7OrTW2BpAO6Vp
y/aiM8v4m/S65GQLSlVN9WLKy2T3/JMdEGoCRwvqZL+Fq60ZojI2Wmdd+gAuJQ0G
Xk0Mc7s192PNr39+pvejpW9B2obVJbPCCdvI9YvglpnWExfFS8z6NjZolUeDT4cG
Qng1a2tgEYb5hu4MIyl4bRZuj2I/ROKPDIKj+ZVuMKXePI3M7GyWZfangtfAkYsV
pWRrevb6lCD9JwQgvaCP+T9L58kD0AzoRUQW66wMHlaFP45ft7LrO2oEbKzMD8tP
LGsD0t1PC1Zma064VM135b7ddw+6Ne/XuLZVOLnAL9ow0dCk6DfTFC0w1yMPG5r0
EV71dOPZmeLxlqjEn8w3XqTVk3Ya2OhIdkFSlLyAtwy4dJqDQWlCx4YtQZAx7PHp
i6xu7Bq8OB22I4IAqX2d5mzvWPfPFFY0HvxczXfOZihHvKIaBazC07Qvo9SOweAR
uAU5+mmg17TNDvdYONwxYOjGnQr7p4L5EZO41ZkzsZX9e5lULlg2w5houU20PYad
Y3hkIkebDXcz4o0aKh6yRf7TAQN3drYaM0LubEChSYJvO/w21z65oXrgERU+0OEU
TrpY7WpTC20j+WkWBlogwCaspw9b0SyHUGpSpFvzY3SO+2WbjbLM2hw/10nZQ4ZV
ujxF4wBleJPKdDfKRDuR
=4nOC
-----END PGP SIGNATURE-----

---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org

       ------------------  CONFIDENTIALITY NOTICE  ---------------

  This message, including any attachments, is for the sole use of the
intended recipient(s) and may contain privileged confidential information
protected by law. Any unauthorized review, use, disclosure or distribution
of this message is prohibited. If you are not the intended recipient, please
contact the sender by reply e-mail and destroy all copies of this message.

       ------------------  CONFIDENTIALITY NOTICE  ---------------
Mime
View raw message