You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@tomcat.apache.org by Qadeer Khan <qk...@redhat.com> on 2016/02/14 19:50:02 UTC
tomcat 7/modcluster ssl issue
Hello,
I am trying to hookup ssl connection between mod_Cluster load balancer and tomcat 7 and seems to be following everything but when I start tomcat server, I am getting the following error in my catalina.out. My password is for the keystore is "tomcat". I have checked and rechecked. Any thoughts???
java.lang.IllegalStateException: java.io.IOException: Keystore was tampered with, or password was incorrect
at org.jboss.modcluster.mcmp.impl.JSSESocketFactory.<init>(JSSESocketFactory.java:113)
at org.jboss.modcluster.mcmp.impl.DefaultMCMPHandler$Proxy.<init>(DefaultMCMPHandler.java:790)
at org.jboss.modcluster.mcmp.impl.DefaultMCMPHandler.add(DefaultMCMPHandler.java:196)
at org.jboss.modcluster.mcmp.impl.DefaultMCMPHandler.init(DefaultMCMPHandler.java:143)
at org.jboss.modcluster.ModClusterService.init(ModClusterService.java:142)
at org.jboss.modcluster.container.catalina.CatalinaEventHandlerAdapter.init(CatalinaEventHandlerAdapter.java:272)
at org.jboss.modcluster.container.catalina.CatalinaEventHandlerAdapter.lifecycleEvent(CatalinaEventHandlerAdapter.java:210)
at org.jboss.modcluster.container.catalina.standalone.ModClusterListener.lifecycleEvent(ModClusterListener.java:136)
at org.apache.catalina.util.LifecycleSupport.fireLifecycleEvent(LifecycleSupport.java:117)
at org.apache.catalina.util.LifecycleBase.fireLifecycleEvent(LifecycleBase.java:90)
at org.apache.catalina.util.LifecycleBase.setStateInternal(LifecycleBase.java:402)
at org.apache.catalina.util.LifecycleBase.init(LifecycleBase.java:110)
at org.apache.catalina.startup.Catalina.load(Catalina.java:576)
at org.apache.catalina.startup.Catalina.load(Catalina.java:599)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
at java.lang.reflect.Method.invoke(Method.java:497)
at org.apache.catalina.startup.Bootstrap.load(Bootstrap.java:310)
at org.apache.catalina.startup.Bootstrap.main(Bootstrap.java:484)
Here is relevant info from my server.xml
<Listener className="org.jboss.modcluster.container.catalina.standalone.ModClusterListener" stickySession="true" stickySessionForce="false" stickySessionRemove="true" advertise="false" proxyList="localhost:6666"
ssl="true"
sslKeyStorePass="tomcat"
sslKeyStore="keystore/keystore.jks"
sslKeyStoreType="JKS"
sslProtocol="TLS"
<Connector port="8443" protocol="org.apache.coyote.http11.Http11NioProtocol" maxThreads="150"
SSLEnabled="true" scheme="https" secure="true" clientAuth="true"
keystoreFile="keystore/keystore.jks"
keystorePass="tomcat"
keystoreType="JKS"
sslProtocol="TLS" />
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org
Re: tomcat 7/modcluster ssl issue
Posted by Christopher Schultz <ch...@christopherschultz.net>.
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Qadeer,
On 2/14/16 1:50 PM, Qadeer Khan wrote:
>
> Hello,
>
> I am trying to hookup ssl connection between mod_Cluster load
> balancer and tomcat 7 and seems to be following everything but when
> I start tomcat server, I am getting the following error in my
> catalina.out. My password is for the keystore is "tomcat". I have
> checked and rechecked. Any thoughts???
>
> java.lang.IllegalStateException: java.io.IOException: Keystore was
> tampered with, or password was incorrect at
> org.jboss.modcluster.mcmp.impl.JSSESocketFactory.<init>(JSSESocketFact
ory.java:113)
>
>
at
org.jboss.modcluster.mcmp.impl.DefaultMCMPHandler$Proxy.<init>(DefaultMC
MPHandler.java:790)
> at
> org.jboss.modcluster.mcmp.impl.DefaultMCMPHandler.add(DefaultMCMPHandl
er.java:196)
>
>
at
org.jboss.modcluster.mcmp.impl.DefaultMCMPHandler.init(DefaultMCMPHandle
r.java:143)
> at
> org.jboss.modcluster.ModClusterService.init(ModClusterService.java:142
)
>
>
at
org.jboss.modcluster.container.catalina.CatalinaEventHandlerAdapter.init
(CatalinaEventHandlerAdapter.java:272)
> at
> org.jboss.modcluster.container.catalina.CatalinaEventHandlerAdapter.li
fecycleEvent(CatalinaEventHandlerAdapter.java:210)
>
>
at
org.jboss.modcluster.container.catalina.standalone.ModClusterListener.li
fecycleEvent(ModClusterListener.java:136)
> at
> org.apache.catalina.util.LifecycleSupport.fireLifecycleEvent(Lifecycle
Support.java:117)
>
>
at
org.apache.catalina.util.LifecycleBase.fireLifecycleEvent(LifecycleBase.
java:90)
> at
> org.apache.catalina.util.LifecycleBase.setStateInternal(LifecycleBase.
java:402)
>
>
at org.apache.catalina.util.LifecycleBase.init(LifecycleBase.java:110)
> at org.apache.catalina.startup.Catalina.load(Catalina.java:576) at
> org.apache.catalina.startup.Catalina.load(Catalina.java:599) at
> sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) at
> sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.j
ava:62)
>
>
at
sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessor
Impl.java:43)
> at java.lang.reflect.Method.invoke(Method.java:497) at
> org.apache.catalina.startup.Bootstrap.load(Bootstrap.java:310) at
> org.apache.catalina.startup.Bootstrap.main(Bootstrap.java:484)
>
>
> Here is relevant info from my server.xml
>
> <Listener
> className="org.jboss.modcluster.container.catalina.standalone.ModClust
erListener"
> stickySession="true" stickySessionForce="false"
> stickySessionRemove="true" advertise="false"
> proxyList="localhost:6666" ssl="true" sslKeyStorePass="tomcat"
> sslKeyStore="keystore/keystore.jks" sslKeyStoreType="JKS"
> sslProtocol="TLS"
>
> <Connector port="8443"
> protocol="org.apache.coyote.http11.Http11NioProtocol"
> maxThreads="150" SSLEnabled="true" scheme="https" secure="true"
> clientAuth="true" keystoreFile="keystore/keystore.jks"
> keystorePass="tomcat" keystoreType="JKS" sslProtocol="TLS" />
This looks like it might be a JBoss issue, since everything involved
is provided by JBoss.
- -chris
-----BEGIN PGP SIGNATURE-----
Comment: GPGTools - http://gpgtools.org
Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/
iEYEARECAAYFAlbDl5cACgkQ9CaO5/Lv0PBGsQCfd7lU3g6rr4XvIFDM/EI4z2CM
taUAn1GUWU4hREoeScVgJyMvbJZ7Cy8q
=cYRw
-----END PGP SIGNATURE-----
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org