You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@tomcat.apache.org by Sa...@wellsfargo.com.INVALID on 2022/09/05 12:11:00 UTC
Issue with SSL connector in tomcat 10.0.23
Hi Team,
We are facing issues with the Tomcat 10.0.23 version while starting as it's not accepting few of the SSL parameters. PFB error message
05-Sep-2022 04:51:01.144 SEVERE [main] org.apache.catalina.util.LifecycleBase.handleSubClassException Failed to initialize component [Connector[HTTP/1.1-8004]]
org.apache.catalina.LifecycleException: Protocol handler initialization failed
at org.apache.catalina.connector.Connector.initInternal(Connector.java:1055)
at org.apache.catalina.util.LifecycleBase.init(LifecycleBase.java:136)
at org.apache.catalina.core.StandardService.initInternal(StandardService.java:556)
at org.apache.catalina.util.LifecycleBase.init(LifecycleBase.java:136)
at org.apache.catalina.core.StandardServer.initInternal(StandardServer.java:1045)
at org.apache.catalina.util.LifecycleBase.init(LifecycleBase.java:136)
at org.apache.catalina.startup.Catalina.load(Catalina.java:747)
at org.apache.catalina.startup.Catalina.load(Catalina.java:769)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
at java.lang.reflect.Method.invoke(Method.java:498)
at org.apache.catalina.startup.Bootstrap.load(Bootstrap.java:305)
at org.apache.catalina.startup.Bootstrap.main(Bootstrap.java:475)
Caused by: java.lang.IllegalArgumentException: No SSLHostConfig element was found with the hostName [_default_] to match the defaultSSLHostConfigName for the connector [https-jsse-nio-8004]
at org.apache.tomcat.util.net.AbstractJsseEndpoint.initialiseSsl(AbstractJsseEndpoint.java:76)
at org.apache.tomcat.util.net.NioEndpoint.bind(NioEndpoint.java:206)
at org.apache.tomcat.util.net.AbstractEndpoint.bindWithCleanup(AbstractEndpoint.java:1192)
at org.apache.tomcat.util.net.AbstractEndpoint.init(AbstractEndpoint.java:1205)
at org.apache.coyote.AbstractProtocol.init(AbstractProtocol.java:580)
at org.apache.coyote.http11.AbstractHttp11Protocol.init(AbstractHttp11Protocol.java:82)
at org.apache.catalina.connector.Connector.initInternal(Connector.java:1052)
... 13 more
Also, We are seeing some warning messages below:
05-Sep-2022 04:51:00.733 WARNING [main] org.apache.tomcat.util.digester.SetPropertiesRule.begin Match [Server/Service/Connector] failed to set property [sslProtocol] to [TLS]
05-Sep-2022 04:51:00.733 WARNING [main] org.apache.tomcat.util.digester.SetPropertiesRule.begin Match [Server/Service/Connector] failed to set property [sslEnabledProtocols] to [TLSv1.2]
05-Sep-2022 04:51:00.733 WARNING [main] org.apache.tomcat.util.digester.SetPropertiesRule.begin Match [Server/Service/Connector] failed to set property [ciphers] to [SSL_RSA_WITH_3DES_EDE_CBC_SHA,TLS_RSA_WITH_AES_128_CBC_SHA, TLS_RSA_WITH_AES_128_CBC_SHA256, TLS_RSA_WITH_AES_128_GCM_SHA256, TLS_RSA_WITH_AES_256_CBC_SHA, TLS_RSA_WITH_AES_256_CBC_SHA256, TLS_RSA_WITH_AES_256_GCM_SHA384]
Regards,
Saicharan Burle
CTO | Middleware Product Engineering
G=ETI DPS Middleware Prod Eng
Block B1A Divyasree Orion | Hyderabad - 500081 | India
MAC O2806-010 | Cell +91 9966964321
MPE Service Desk: https://devops-servicedesk.wellsfargo.net/servicedesk/customer/portal/14/group/385?groupId=385
Enterprise Middleware Services: https://wim-wiki.wellsfargo.com/pages/viewpage.action?spaceKey=MPE&title=Middleware+Product+Engineering+Team+Home
Normal Working hours: 4:00 AM to 1:00 PM EST
Upcoming PTO:
Be Green, Leave it on Screen!!!
[http://f.connect.wellsfargoemail.com/i/38/2082566297/EML-224071_4726581_6304406_logo-stagecoach-eml_511x80.png]
Re: Issue with SSL connector in tomcat 10.0.23
Posted by Mark Thomas <ma...@apache.org>.
On 05/09/2022 14:37, Saicharan.Burle@wellsfargo.com.INVALID wrote:
> Thanks Thomas,
>
> Now that we don't see the error but seeing one warning message for below:
>
> WARNING [main] org.apache.tomcat.util.digester.SetPropertiesRule.begin Match [Server/Service/Connector] failed to set property [clientAuth] to [false]
>
> I don't find any equivalent attribute for clientAuth in the documentation.
It is certificateVerification on the Connector.
Mark
>
> PFB snippet of our server.xml file
>
> <Connector port="8004" protocol="org.apache.coyote.http11.Http11NioProtocol" SSLEnabled="true" maxThreads="150" scheme="https" secure="true" clientAuth="false" defaultSSLHostConfigName="xxxxx">
> <SSLHostConfig hostName="xxxxx" protocols="TLSv1.2" ciphers="SSL_RSA_WITH_3DES_EDE_CBC_SHA,TLS_RSA_WITH_AES_128_CBC_SHA, TLS_RSA_WITH_AES_128_CBC_SHA256, TLS_RSA_WITH_AES_128_GCM_SHA256, TLS_RSA_WITH_AES_256_CBC_SHA, TLS_RSA_WITH_AES_256_CBC_SHA256, TLS_RSA_WITH_AES_256_GCM_SHA384" > <Certificate certificateKeystoreFile="D:\apps\tomcat\certs\xxxxx.jks" certificateKeystorePassword="xxxxx" type="RSA" />
>
> Thanks,
> Saicharan Burle
>
> -----Original Message-----
> From: Thomas Hoffmann (Speed4Trade GmbH) <Th...@speed4trade.com.INVALID>
> Sent: Monday, September 5, 2022 5:56 PM
> To: Tomcat Users List <us...@tomcat.apache.org>
> Subject: AW: Issue with SSL connector in tomcat 10.0.23
>
> Hello,
>
>> -----Ursprüngliche Nachricht-----
>> Von: Saicharan.Burle@wellsfargo.com.INVALID
>> <Sa...@wellsfargo.com.INVALID>
>> Gesendet: Montag, 5. September 2022 14:11
>> An: users@tomcat.apache.org
>> Betreff: Issue with SSL connector in tomcat 10.0.23
>>
>> Hi Team,
>>
>> We are facing issues with the Tomcat 10.0.23 version while starting as
>> it's not accepting few of the SSL parameters. PFB error message
>>
>> 05-Sep-2022 04:51:01.144 SEVERE [main]
>> org.apache.catalina.util.LifecycleBase.handleSubClassException Failed
>> to initialize component [Connector[HTTP/1.1-8004]]
>> org.apache.catalina.LifecycleException: Protocol
>> handler initialization failed
>> at
>> org.apache.catalina.connector.Connector.initInternal(Connector.java:1055)
>> at
>> org.apache.catalina.util.LifecycleBase.init(LifecycleBase.java:136)
>> at
>> org.apache.catalina.core.StandardService.initInternal(StandardService.
>> java:556
>> )
>> at
>> org.apache.catalina.util.LifecycleBase.init(LifecycleBase.java:136)
>> at
>> org.apache.catalina.core.StandardServer.initInternal(StandardServer.java:1045)
>> at
>> org.apache.catalina.util.LifecycleBase.init(LifecycleBase.java:136)
>> at
>> org.apache.catalina.startup.Catalina.load(Catalina.java:747)
>> at
>> org.apache.catalina.startup.Catalina.load(Catalina.java:769)
>> at
>> sun.reflect.NativeMethodAccessorImpl.invoke0(Native
>> Method)
>> at
>> sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:
>> 62)
>> at
>> sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccess
>> orI
>> mpl.java:43)
>> at java.lang.reflect.Method.invoke(Method.java:498)
>> at
>> org.apache.catalina.startup.Bootstrap.load(Bootstrap.java:305)
>> at
>> org.apache.catalina.startup.Bootstrap.main(Bootstrap.java:475)
>> Caused by: java.lang.IllegalArgumentException: No
>> SSLHostConfig element was found with the hostName [_default_] to match
>> the defaultSSLHostConfigName for the connector [https-jsse-nio-8004]
>> at
>> org.apache.tomcat.util.net.AbstractJsseEndpoint.initialiseSsl(Abstract
>> JsseEndpoi
>> nt.java:76)
>> at
>> org.apache.tomcat.util.net.NioEndpoint.bind(NioEndpoint.java:206)
>> at
>> org.apache.tomcat.util.net.AbstractEndpoint.bindWithCleanup(AbstractEn
>> dpoin
>> t.java:1192)
>> at
>> org.apache.tomcat.util.net.AbstractEndpoint.init(AbstractEndpoint.java:1205)
>> at
>> org.apache.coyote.AbstractProtocol.init(AbstractProtocol.java:580)
>> at
>> org.apache.coyote.http11.AbstractHttp11Protocol.init(AbstractHttp11Pro
>> tocol.j
>> ava:82)
>> at
>> org.apache.catalina.connector.Connector.initInternal(Connector.java:1052)
>> ... 13 more
>>
>> Also, We are seeing some warning messages below:
>>
>> 05-Sep-2022 04:51:00.733 WARNING [main]
>> org.apache.tomcat.util.digester.SetPropertiesRule.begin Match
>> [Server/Service/Connector] failed to set property [sslProtocol] to
>> [TLS]
>> 05-Sep-2022 04:51:00.733 WARNING [main]
>> org.apache.tomcat.util.digester.SetPropertiesRule.begin Match
>> [Server/Service/Connector] failed to set property
>> [sslEnabledProtocols] to [TLSv1.2]
>> 05-Sep-2022 04:51:00.733 WARNING [main]
>> org.apache.tomcat.util.digester.SetPropertiesRule.begin Match
>> [Server/Service/Connector] failed to set property [ciphers] to
>> [SSL_RSA_WITH_3DES_EDE_CBC_SHA,TLS_RSA_WITH_AES_128_CBC_SHA,
>> TLS_RSA_WITH_AES_128_CBC_SHA256,
>> TLS_RSA_WITH_AES_128_GCM_SHA256, TLS_RSA_WITH_AES_256_CBC_SHA,
>> TLS_RSA_WITH_AES_256_CBC_SHA256, TLS_RSA_WITH_AES_256_GCM_SHA384]
>>
>>
>> Regards,
>> Saicharan Burle
>
> The error message / stack contains the relevant information:
> The SSLHostConfig element is missing in your server.xml , see example and documentation here: https://urldefense.com/v3/__https://tomcat.apache.org/tomcat-9.0-doc/ssl-howto.html__;!!F9svGWnIaVPGSwU!rsDRG3kDTM6T-vUZGUT_gMmz77ubkv-rS7DqfghFB4CIqzaqDP4OnrwxC45q1tk2iZhrbDUZzOU7xgyE19QXFnny1Baxd4_hkKaTdW0VFlEHAQ$
> The property sslProtocol is not valid in the element "Connector"
> The property sslEnabledProtocols is not valid for the element "Connector"
>
> If you have upgraded tomcat, some attributes and elements have changed when using SSL / HTTPS.
>
> Greetings,
> Thomas
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
> For additional commands, e-mail: users-help@tomcat.apache.org
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
> For additional commands, e-mail: users-help@tomcat.apache.org
>
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org
AW: Issue with SSL connector in tomcat 10.0.23
Posted by "Thomas Hoffmann (Speed4Trade GmbH)" <Th...@speed4trade.com.INVALID>.
Hello Saicharan,
> -----Ursprüngliche Nachricht-----
> Von: Saicharan.Burle@wellsfargo.com.INVALID
> <Sa...@wellsfargo.com.INVALID>
> Gesendet: Montag, 5. September 2022 15:37
> An: users@tomcat.apache.org
> Betreff: RE: Issue with SSL connector in tomcat 10.0.23
>
> Thanks Thomas,
>
> Now that we don't see the error but seeing one warning message for below:
>
> WARNING [main] org.apache.tomcat.util.digester.SetPropertiesRule.begin
> Match [Server/Service/Connector] failed to set property [clientAuth] to [false]
>
> I don't find any equivalent attribute for clientAuth in the documentation.
>
> PFB snippet of our server.xml file
>
> <Connector port="8004"
> protocol="org.apache.coyote.http11.Http11NioProtocol" SSLEnabled="true"
> maxThreads="150" scheme="https" secure="true" clientAuth="false"
> defaultSSLHostConfigName="xxxxx">
> <SSLHostConfig hostName="xxxxx" protocols="TLSv1.2"
> ciphers="SSL_RSA_WITH_3DES_EDE_CBC_SHA,TLS_RSA_WITH_AES_128_CBC_
> SHA, TLS_RSA_WITH_AES_128_CBC_SHA256,
> TLS_RSA_WITH_AES_128_GCM_SHA256, TLS_RSA_WITH_AES_256_CBC_SHA,
> TLS_RSA_WITH_AES_256_CBC_SHA256,
> TLS_RSA_WITH_AES_256_GCM_SHA384" > <Certificate
> certificateKeystoreFile="D:\apps\tomcat\certs\xxxxx.jks"
> certificateKeystorePassword="xxxxx" type="RSA" />
>
> Thanks,
> Saicharan Burle
Just remove the clientAuth Attribute. Default value is false anyway and it is only used for client certificates which is rarely used.
> -----Original Message-----
> From: Thomas Hoffmann (Speed4Trade GmbH)
> <Th...@speed4trade.com.INVALID>
> Sent: Monday, September 5, 2022 5:56 PM
> To: Tomcat Users List <us...@tomcat.apache.org>
> Subject: AW: Issue with SSL connector in tomcat 10.0.23
>
> Hello,
>
> > -----Ursprüngliche Nachricht-----
> > Von: Saicharan.Burle@wellsfargo.com.INVALID
> > <Sa...@wellsfargo.com.INVALID>
> > Gesendet: Montag, 5. September 2022 14:11
> > An: users@tomcat.apache.org
> > Betreff: Issue with SSL connector in tomcat 10.0.23
> >
> > Hi Team,
> >
> > We are facing issues with the Tomcat 10.0.23 version while starting as
> > it's not accepting few of the SSL parameters. PFB error message
> >
> > 05-Sep-2022 04:51:01.144 SEVERE [main]
> > org.apache.catalina.util.LifecycleBase.handleSubClassException Failed
> > to initialize component [Connector[HTTP/1.1-8004]]
> > org.apache.catalina.LifecycleException: Protocol
> > handler initialization failed
> > at
> > org.apache.catalina.connector.Connector.initInternal(Connector.java:1055)
> > at
> > org.apache.catalina.util.LifecycleBase.init(LifecycleBase.java:136)
> > at
> > org.apache.catalina.core.StandardService.initInternal(StandardService.
> > java:556
> > )
> > at
> > org.apache.catalina.util.LifecycleBase.init(LifecycleBase.java:136)
> > at
> >
> org.apache.catalina.core.StandardServer.initInternal(StandardServer.java:1045)
> > at
> > org.apache.catalina.util.LifecycleBase.init(LifecycleBase.java:136)
> > at
> > org.apache.catalina.startup.Catalina.load(Catalina.java:747)
> > at
> > org.apache.catalina.startup.Catalina.load(Catalina.java:769)
> > at
> > sun.reflect.NativeMethodAccessorImpl.invoke0(Native
> > Method)
> > at
> >
> sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:
> > 62)
> > at
> > sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccess
> > orI
> > mpl.java:43)
> > at java.lang.reflect.Method.invoke(Method.java:498)
> > at
> > org.apache.catalina.startup.Bootstrap.load(Bootstrap.java:305)
> > at
> > org.apache.catalina.startup.Bootstrap.main(Bootstrap.java:475)
> > Caused by: java.lang.IllegalArgumentException: No
> > SSLHostConfig element was found with the hostName [_default_] to match
> > the defaultSSLHostConfigName for the connector [https-jsse-nio-8004]
> > at
> > org.apache.tomcat.util.net.AbstractJsseEndpoint.initialiseSsl(Abstract
> > JsseEndpoi
> > nt.java:76)
> > at
> > org.apache.tomcat.util.net.NioEndpoint.bind(NioEndpoint.java:206)
> > at
> > org.apache.tomcat.util.net.AbstractEndpoint.bindWithCleanup(AbstractEn
> > dpoin
> > t.java:1192)
> > at
> > org.apache.tomcat.util.net.AbstractEndpoint.init(AbstractEndpoint.java:1205)
> > at
> > org.apache.coyote.AbstractProtocol.init(AbstractProtocol.java:580)
> > at
> > org.apache.coyote.http11.AbstractHttp11Protocol.init(AbstractHttp11Pro
> > tocol.j
> > ava:82)
> > at
> > org.apache.catalina.connector.Connector.initInternal(Connector.java:1052)
> > ... 13 more
> >
> > Also, We are seeing some warning messages below:
> >
> > 05-Sep-2022 04:51:00.733 WARNING [main]
> > org.apache.tomcat.util.digester.SetPropertiesRule.begin Match
> > [Server/Service/Connector] failed to set property [sslProtocol] to
> > [TLS]
> > 05-Sep-2022 04:51:00.733 WARNING [main]
> > org.apache.tomcat.util.digester.SetPropertiesRule.begin Match
> > [Server/Service/Connector] failed to set property
> > [sslEnabledProtocols] to [TLSv1.2]
> > 05-Sep-2022 04:51:00.733 WARNING [main]
> > org.apache.tomcat.util.digester.SetPropertiesRule.begin Match
> > [Server/Service/Connector] failed to set property [ciphers] to
> > [SSL_RSA_WITH_3DES_EDE_CBC_SHA,TLS_RSA_WITH_AES_128_CBC_SHA,
> > TLS_RSA_WITH_AES_128_CBC_SHA256,
> > TLS_RSA_WITH_AES_128_GCM_SHA256, TLS_RSA_WITH_AES_256_CBC_SHA,
> > TLS_RSA_WITH_AES_256_CBC_SHA256,
> TLS_RSA_WITH_AES_256_GCM_SHA384]
> >
> >
> > Regards,
> > Saicharan Burle
>
> The error message / stack contains the relevant information:
> The SSLHostConfig element is missing in your server.xml , see example and
> documentation here:
> https://urldefense.com/v3/__https://tomcat.apache.org/tomcat-9.0-doc/ssl-
> howto.html__;!!F9svGWnIaVPGSwU!rsDRG3kDTM6T-vUZGUT_gMmz77ubkv-
> rS7DqfghFB4CIqzaqDP4OnrwxC45q1tk2iZhrbDUZzOU7xgyE19QXFnny1Baxd4_h
> kKaTdW0VFlEHAQ$
> The property sslProtocol is not valid in the element "Connector"
> The property sslEnabledProtocols is not valid for the element "Connector"
>
> If you have upgraded tomcat, some attributes and elements have changed
> when using SSL / HTTPS.
>
> Greetings,
> Thomas
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
> For additional commands, e-mail: users-help@tomcat.apache.org
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
> For additional commands, e-mail: users-help@tomcat.apache.org
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org
RE: Issue with SSL connector in tomcat 10.0.23
Posted by Sa...@wellsfargo.com.INVALID.
Thanks Thomas,
Now that we don't see the error but seeing one warning message for below:
WARNING [main] org.apache.tomcat.util.digester.SetPropertiesRule.begin Match [Server/Service/Connector] failed to set property [clientAuth] to [false]
I don't find any equivalent attribute for clientAuth in the documentation.
PFB snippet of our server.xml file
<Connector port="8004" protocol="org.apache.coyote.http11.Http11NioProtocol" SSLEnabled="true" maxThreads="150" scheme="https" secure="true" clientAuth="false" defaultSSLHostConfigName="xxxxx">
<SSLHostConfig hostName="xxxxx" protocols="TLSv1.2" ciphers="SSL_RSA_WITH_3DES_EDE_CBC_SHA,TLS_RSA_WITH_AES_128_CBC_SHA, TLS_RSA_WITH_AES_128_CBC_SHA256, TLS_RSA_WITH_AES_128_GCM_SHA256, TLS_RSA_WITH_AES_256_CBC_SHA, TLS_RSA_WITH_AES_256_CBC_SHA256, TLS_RSA_WITH_AES_256_GCM_SHA384" > <Certificate certificateKeystoreFile="D:\apps\tomcat\certs\xxxxx.jks" certificateKeystorePassword="xxxxx" type="RSA" />
Thanks,
Saicharan Burle
-----Original Message-----
From: Thomas Hoffmann (Speed4Trade GmbH) <Th...@speed4trade.com.INVALID>
Sent: Monday, September 5, 2022 5:56 PM
To: Tomcat Users List <us...@tomcat.apache.org>
Subject: AW: Issue with SSL connector in tomcat 10.0.23
Hello,
> -----Ursprüngliche Nachricht-----
> Von: Saicharan.Burle@wellsfargo.com.INVALID
> <Sa...@wellsfargo.com.INVALID>
> Gesendet: Montag, 5. September 2022 14:11
> An: users@tomcat.apache.org
> Betreff: Issue with SSL connector in tomcat 10.0.23
>
> Hi Team,
>
> We are facing issues with the Tomcat 10.0.23 version while starting as
> it's not accepting few of the SSL parameters. PFB error message
>
> 05-Sep-2022 04:51:01.144 SEVERE [main]
> org.apache.catalina.util.LifecycleBase.handleSubClassException Failed
> to initialize component [Connector[HTTP/1.1-8004]]
> org.apache.catalina.LifecycleException: Protocol
> handler initialization failed
> at
> org.apache.catalina.connector.Connector.initInternal(Connector.java:1055)
> at
> org.apache.catalina.util.LifecycleBase.init(LifecycleBase.java:136)
> at
> org.apache.catalina.core.StandardService.initInternal(StandardService.
> java:556
> )
> at
> org.apache.catalina.util.LifecycleBase.init(LifecycleBase.java:136)
> at
> org.apache.catalina.core.StandardServer.initInternal(StandardServer.java:1045)
> at
> org.apache.catalina.util.LifecycleBase.init(LifecycleBase.java:136)
> at
> org.apache.catalina.startup.Catalina.load(Catalina.java:747)
> at
> org.apache.catalina.startup.Catalina.load(Catalina.java:769)
> at
> sun.reflect.NativeMethodAccessorImpl.invoke0(Native
> Method)
> at
> sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:
> 62)
> at
> sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccess
> orI
> mpl.java:43)
> at java.lang.reflect.Method.invoke(Method.java:498)
> at
> org.apache.catalina.startup.Bootstrap.load(Bootstrap.java:305)
> at
> org.apache.catalina.startup.Bootstrap.main(Bootstrap.java:475)
> Caused by: java.lang.IllegalArgumentException: No
> SSLHostConfig element was found with the hostName [_default_] to match
> the defaultSSLHostConfigName for the connector [https-jsse-nio-8004]
> at
> org.apache.tomcat.util.net.AbstractJsseEndpoint.initialiseSsl(Abstract
> JsseEndpoi
> nt.java:76)
> at
> org.apache.tomcat.util.net.NioEndpoint.bind(NioEndpoint.java:206)
> at
> org.apache.tomcat.util.net.AbstractEndpoint.bindWithCleanup(AbstractEn
> dpoin
> t.java:1192)
> at
> org.apache.tomcat.util.net.AbstractEndpoint.init(AbstractEndpoint.java:1205)
> at
> org.apache.coyote.AbstractProtocol.init(AbstractProtocol.java:580)
> at
> org.apache.coyote.http11.AbstractHttp11Protocol.init(AbstractHttp11Pro
> tocol.j
> ava:82)
> at
> org.apache.catalina.connector.Connector.initInternal(Connector.java:1052)
> ... 13 more
>
> Also, We are seeing some warning messages below:
>
> 05-Sep-2022 04:51:00.733 WARNING [main]
> org.apache.tomcat.util.digester.SetPropertiesRule.begin Match
> [Server/Service/Connector] failed to set property [sslProtocol] to
> [TLS]
> 05-Sep-2022 04:51:00.733 WARNING [main]
> org.apache.tomcat.util.digester.SetPropertiesRule.begin Match
> [Server/Service/Connector] failed to set property
> [sslEnabledProtocols] to [TLSv1.2]
> 05-Sep-2022 04:51:00.733 WARNING [main]
> org.apache.tomcat.util.digester.SetPropertiesRule.begin Match
> [Server/Service/Connector] failed to set property [ciphers] to
> [SSL_RSA_WITH_3DES_EDE_CBC_SHA,TLS_RSA_WITH_AES_128_CBC_SHA,
> TLS_RSA_WITH_AES_128_CBC_SHA256,
> TLS_RSA_WITH_AES_128_GCM_SHA256, TLS_RSA_WITH_AES_256_CBC_SHA,
> TLS_RSA_WITH_AES_256_CBC_SHA256, TLS_RSA_WITH_AES_256_GCM_SHA384]
>
>
> Regards,
> Saicharan Burle
The error message / stack contains the relevant information:
The SSLHostConfig element is missing in your server.xml , see example and documentation here: https://urldefense.com/v3/__https://tomcat.apache.org/tomcat-9.0-doc/ssl-howto.html__;!!F9svGWnIaVPGSwU!rsDRG3kDTM6T-vUZGUT_gMmz77ubkv-rS7DqfghFB4CIqzaqDP4OnrwxC45q1tk2iZhrbDUZzOU7xgyE19QXFnny1Baxd4_hkKaTdW0VFlEHAQ$
The property sslProtocol is not valid in the element "Connector"
The property sslEnabledProtocols is not valid for the element "Connector"
If you have upgraded tomcat, some attributes and elements have changed when using SSL / HTTPS.
Greetings,
Thomas
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org
AW: Issue with SSL connector in tomcat 10.0.23
Posted by "Thomas Hoffmann (Speed4Trade GmbH)" <Th...@speed4trade.com.INVALID>.
Hello,
> -----Ursprüngliche Nachricht-----
> Von: Saicharan.Burle@wellsfargo.com.INVALID
> <Sa...@wellsfargo.com.INVALID>
> Gesendet: Montag, 5. September 2022 14:11
> An: users@tomcat.apache.org
> Betreff: Issue with SSL connector in tomcat 10.0.23
>
> Hi Team,
>
> We are facing issues with the Tomcat 10.0.23 version while starting as it's not
> accepting few of the SSL parameters. PFB error message
>
> 05-Sep-2022 04:51:01.144 SEVERE [main]
> org.apache.catalina.util.LifecycleBase.handleSubClassException Failed to
> initialize component [Connector[HTTP/1.1-8004]]
> org.apache.catalina.LifecycleException: Protocol handler initialization
> failed
> at
> org.apache.catalina.connector.Connector.initInternal(Connector.java:1055)
> at
> org.apache.catalina.util.LifecycleBase.init(LifecycleBase.java:136)
> at
> org.apache.catalina.core.StandardService.initInternal(StandardService.java:556
> )
> at
> org.apache.catalina.util.LifecycleBase.init(LifecycleBase.java:136)
> at
> org.apache.catalina.core.StandardServer.initInternal(StandardServer.java:1045)
> at
> org.apache.catalina.util.LifecycleBase.init(LifecycleBase.java:136)
> at
> org.apache.catalina.startup.Catalina.load(Catalina.java:747)
> at
> org.apache.catalina.startup.Catalina.load(Catalina.java:769)
> at sun.reflect.NativeMethodAccessorImpl.invoke0(Native
> Method)
> at
> sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:
> 62)
> at
> sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorI
> mpl.java:43)
> at java.lang.reflect.Method.invoke(Method.java:498)
> at
> org.apache.catalina.startup.Bootstrap.load(Bootstrap.java:305)
> at
> org.apache.catalina.startup.Bootstrap.main(Bootstrap.java:475)
> Caused by: java.lang.IllegalArgumentException: No SSLHostConfig
> element was found with the hostName [_default_] to match the
> defaultSSLHostConfigName for the connector [https-jsse-nio-8004]
> at
> org.apache.tomcat.util.net.AbstractJsseEndpoint.initialiseSsl(AbstractJsseEndpoi
> nt.java:76)
> at
> org.apache.tomcat.util.net.NioEndpoint.bind(NioEndpoint.java:206)
> at
> org.apache.tomcat.util.net.AbstractEndpoint.bindWithCleanup(AbstractEndpoin
> t.java:1192)
> at
> org.apache.tomcat.util.net.AbstractEndpoint.init(AbstractEndpoint.java:1205)
> at
> org.apache.coyote.AbstractProtocol.init(AbstractProtocol.java:580)
> at
> org.apache.coyote.http11.AbstractHttp11Protocol.init(AbstractHttp11Protocol.j
> ava:82)
> at
> org.apache.catalina.connector.Connector.initInternal(Connector.java:1052)
> ... 13 more
>
> Also, We are seeing some warning messages below:
>
> 05-Sep-2022 04:51:00.733 WARNING [main]
> org.apache.tomcat.util.digester.SetPropertiesRule.begin Match
> [Server/Service/Connector] failed to set property [sslProtocol] to [TLS]
> 05-Sep-2022 04:51:00.733 WARNING [main]
> org.apache.tomcat.util.digester.SetPropertiesRule.begin Match
> [Server/Service/Connector] failed to set property [sslEnabledProtocols] to
> [TLSv1.2]
> 05-Sep-2022 04:51:00.733 WARNING [main]
> org.apache.tomcat.util.digester.SetPropertiesRule.begin Match
> [Server/Service/Connector] failed to set property [ciphers] to
> [SSL_RSA_WITH_3DES_EDE_CBC_SHA,TLS_RSA_WITH_AES_128_CBC_SHA,
> TLS_RSA_WITH_AES_128_CBC_SHA256,
> TLS_RSA_WITH_AES_128_GCM_SHA256, TLS_RSA_WITH_AES_256_CBC_SHA,
> TLS_RSA_WITH_AES_256_CBC_SHA256,
> TLS_RSA_WITH_AES_256_GCM_SHA384]
>
>
> Regards,
> Saicharan Burle
The error message / stack contains the relevant information:
The SSLHostConfig element is missing in your server.xml , see example and documentation here: https://tomcat.apache.org/tomcat-9.0-doc/ssl-howto.html
The property sslProtocol is not valid in the element "Connector"
The property sslEnabledProtocols is not valid for the element "Connector"
If you have upgraded tomcat, some attributes and elements have changed when using SSL / HTTPS.
Greetings,
Thomas
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org