You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@tomcat.apache.org by Jing Tao <ta...@nceas.ucsb.edu> on 2004/02/09 18:15:04 UTC

Couldn't find private key in this file

Hi, everyone:

Greetings!

I have a problem in configure SSL in tomcat 4.1. I generated the private 
key by type:
 keytool -genkey -alias devglobustomcat -keyalg RSA -validity 800 
-keystore cacerts

The keystore - cacerts is in /usr/java/j2sdk1.4.1_01/jre/lib/security. 

I type keytool -list -keystore cacerts and see the entry:
devglobustomcat, Feb 6, 2004, keyEntry,
Certificate fingerprint (MD5): 
87:C7:A6:A6:FA:F1:15:14:56:60:1A:C7:90:CA:B0:17

It seems the private key is in the keystore. I use the default password 
for keystore.

Then I configured the server.xml like:
<Connector className="org.apache.coyote.tomcat4.CoyoteConnector"
               port="8443" minProcessors="5" maxProcessors="75"
               enableLookups="true"
               acceptCount="100" debug="0" scheme="https" secure="true"
               useURIValidationHack="false" disableUploadTimeout="true">
      <Factory 
className="org.apache.coyote.tomcat4.CoyoteServerSocketFactory"
               clientAuth="false" 
keystoreFile="/usr/java/j2sdk1.4.1_01/jre/lib/security/cacerts" 
protocol="TLS" />
    </Connector>

But when I started tomcat by type "./startup.sh" and got an error:
[main] ERROR http11.Http11Protocol  - Error initializing endpoint
java.io.IOException: Couldn't find private key in this file
 at 
org.apache.tomcat.util.net.puretls.PureTLSSocketFactory.init(PureTLSSocketFactory.java:175)
        at 
org.apache.tomcat.util.net.puretls.PureTLSSocketFactory.createSocket(PureTLSSocketFactory.java:104)
        at 
org.apache.tomcat.util.net.PoolTcpEndpoint.initEndpoint(PoolTcpEndpoint.java:275)
        at 
org.apache.coyote.http11.Http11Protocol.init(Http11Protocol.java:150)
        at 
org.apache.coyote.tomcat4.CoyoteConnector.initialize(CoyoteConnector.java:1117)
        at 
org.apache.catalina.core.StandardService.initialize(StandardService.java:579)
        at 
org.apache.catalina.core.StandardServer.initialize(StandardServer.java:2246)
        at org.apache.catalina.startup.Catalina.start(Catalina.java:511)
        at org.apache.catalina.startup.Catalina.execute(Catalina.java:400)
        at org.apache.catalina.startup.Catalina.process(Catalina.java:180)
        at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
        at 
sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
        at 
sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
        at java.lang.reflect.Method.invoke(Method.java:324)
        at org.apache.catalina.startup.Bootstrap.main(Bootstrap.java:203)

I am confused because the key is there!

If I comment the port 8443 in server.xml, everything will be fine.

Did I miss something to config ssl? I read the doc and didn't find it.

By the way, the key was generated as root. Starting tomcat is as another 
user. The permission for carcerts is -r--r--r--.

Thanks in advance!

Jing

-- 
Jing Tao
National Center for Ecological
Analysis and Synthesis (NCEAS)
735 State St. Suite 204
Santa Barbara, CA 93101


---------------------------------------------------------------------
To unsubscribe, e-mail: tomcat-user-unsubscribe@jakarta.apache.org
For additional commands, e-mail: tomcat-user-help@jakarta.apache.org