You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@tomcat.apache.org by bu...@apache.org on 2003/01/21 16:26:28 UTC

DO NOT REPLY [Bug 16297] New: - PureTLS failing to initialize

DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG 
RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT
<http://nagoya.apache.org/bugzilla/show_bug.cgi?id=16297>.
ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND 
INSERTED IN THE BUG DATABASE.

http://nagoya.apache.org/bugzilla/show_bug.cgi?id=16297

PureTLS failing to initialize

           Summary: PureTLS failing to initialize
           Product: Tomcat 4
           Version: 4.1.19
          Platform: PC
        OS/Version: Linux
            Status: NEW
          Severity: Major
          Priority: Other
         Component: Connector:Coyote HTTP/1.1
        AssignedTo: tomcat-dev@jakarta.apache.org
        ReportedBy: remm@apache.org


I'm running Linux (RH 7.3, with IBM 1.4.0 or Sun 1.4.1) with PureTLS 0.9b3.

I read on the PureTLS website (err, sorry webpage) that it supported OpenSSL
certs. So I should be able to reuse the certs I generated for mod_ssl ?
Anyway, that's for later. In order to avoid making mistakes, I reused the .pem
files I found in the distribution.
After tweaking my server.xml to point at the right files (of course, I had to
read the sources to know how to do it), I got the following exceptions:

- with IBM JDK:
Caused by: java.lang.InternalError: java.security.NoSuchAlgorithmException:
class configured for Cipher: com.ibm.crypto.
provider.DESedeCipher is not a subclass of xjava.security.Cipher
        at COM.claymoresystems.crypto.PEMData.readPEMObject(Unknown Source)
        at
COM.claymoresystems.crypto.EAYEncryptedPrivateKey.createPrivateKey(Unknown Source)
        at COM.claymoresystems.ptls.SSLContext.loadEAYKeyFile(Unknown Source)
        at COM.claymoresystems.ptls.SSLContext.loadEAYKeyFile(Unknown Source)
        at
org.apache.tomcat.util.net.puretls.PureTLSSocketFactory.init(PureTLSSocketFactory.java:165)
        at
org.apache.tomcat.util.net.puretls.PureTLSSocketFactory.createSocket(PureTLSSocketFactory.java:104)
        at
org.apache.tomcat.util.net.PoolTcpEndpoint.initEndpoint(PoolTcpEndpoint.java:275)

- with Sun JDK:
java.io.IOException: PKCS#5: Invalid number of padding bytes
        at
org.apache.tomcat.util.net.puretls.PureTLSSocketFactory.init(PureTLSSocketFactory.java:175)
        at
org.apache.tomcat.util.net.puretls.PureTLSSocketFactory.createSocket(PureTLSSocketFactory.java:104)
        at
org.apache.tomcat.util.net.PoolTcpEndpoint.initEndpoint(PoolTcpEndpoint.java:275)
        at org.apache.coyote.http11.Http11Protocol.init(Http11Protocol.java:150)

The connector configuration is:
    <Connector className="org.apache.coyote.tomcat4.CoyoteConnector"
               port="8443" minProcessors="5" maxProcessors="75"
               enableLookups="true"
               acceptCount="100" debug="0" scheme="https" secure="true"
               useURIValidationHack="false" disableUploadTimeout="true">
      <Factory className="org.apache.coyote.tomcat4.CoyoteServerSocketFactory"
               keystoreFile="conf/server.pem" randomFile="conf/random.pem" 
               rootFile="conf/root.pem" clientAuth="false" protocol="TLS"
SSLImplementation="org.apache.tomcat.util.net.puretls.PureTLSImplementation"/>
    </Connector>

--
To unsubscribe, e-mail:   <ma...@jakarta.apache.org>
For additional commands, e-mail: <ma...@jakarta.apache.org>