You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@tomcat.apache.org by Kevin Jenkins <ra...@jenkinssoftware.com> on 2013/03/27 16:46:04 UTC
SSLCertificateKeyFile cannot find file that exists
I'm working on a project where I need to test C++ code against an HTTPS web
server. So I am trying to get Tomcat to work using HTTPS on localhost.
Security does not matter right now, I just need to get an HTTPS server
online so I can debug the C++.
So I went to http://www.selfsignedcertificate.com/ and under server name
entered localhost.
It gave me 2 files:
3589340_localhost.key
3589340_localhost.cert
I copied those files to D:\apache-tomcat-7.0.37\conf
I added this line to d:/apache-tomcat-7.0.37/confg/server.xml
<Connector port="443" protocol="HTTP/1.1" SSLEnabled="true"
maxThreads="150" scheme="https" secure="true"
clientAuth="false" sslProtocol="SSLv3"
SSLCertificateKeyFile="${catalina.base}\conf\3589340_localhost.key"
SSLCertificateFile="${catalina.base}\conf\3589340_localhost.cert"
/>
I double click "D:\apache-tomcat-7.0.37\bin\startup.bat"
It doesn't work. I don't understand why it does it does not find a matching
property. The file is there on the harddrive.
WARNING: [SetAllPropertiesRule]{Server/Service/Connector} Setting property
'SSLC
ertificateFile' to 'D:\apache-tomcat-7.0.37\conf\3589340_localhost.cert'
did not
find a matching property.
Mar 27, 2013 8:44:44 AM org.apache.coyote.AbstractProtocol init
INFO: Initializing ProtocolHandler ["http-bio-8080"]
Mar 27, 2013 8:44:44 AM org.apache.coyote.AbstractProtocol init
INFO: Initializing ProtocolHandler ["http-bio-443"]
Mar 27, 2013 8:44:44 AM org.apache.coyote.AbstractProtocol init
SEVERE: Failed to initialize end point associated with ProtocolHandler
["http-bi
o-443"]
java.io.IOException: Keystore was tampered with, or password was incorrect
at
sun.security.provider.JavaKeyStore.engineLoad(JavaKeyStore.java:771)
at
sun.security.provider.JavaKeyStore$JKS.engineLoad(JavaKeyStore.java:3
8)
at java.security.KeyStore.load(KeyStore.java:1185)
at
org.apache.tomcat.util.net.jsse.JSSESocketFactory.getStore(JSSESocket
Factory.java:372)
Thanks in advance for the help.
Re: SSLCertificateKeyFile cannot find file that exists
Posted by Kevin Jenkins <ra...@jenkinssoftware.com>.
Thanks, Skype was using that port.
On Wed, Mar 27, 2013 at 10:25 AM, Harris, Jeffrey E. <
Jeffrey.Harris@mantech.com> wrote:
>
>
> > -----Original Message-----
> > From: Kevin Jenkins [mailto:rakkar@jenkinssoftware.com]
> > Sent: Wednesday, March 27, 2013 1:23 PM
> > To: Tomcat Users List
> > Subject: Re: SSLCertificateKeyFile cannot find file that exists
> >
> > I finally got it working. For anyone else that has the same problem,
> > the solution is very simple and I don't know why there are huge walls
> > of text rather than just saying this
> >
> > To enable APR:
> > 1. Download tomcat-native-1.1.27-win32-bin from
> > http://apache.mirrors.lucidnetworks.net/tomcat/tomcat-
> > connectors/native/1.1.27/binaries/
> > 2. copy tcnative-1.dll to the Tomcat bin directory
> >
> > Get a self-signed key here:
> > http://www.selfsignedcertificate.com/
> >
> > Use this connector in server.xml
> > <Connector port="8444" redirectPort="444"
> > protocol="org.apache.coyote.http11.Http11AprProtocol" SSLEnabled="true"
> > maxThreads="150" scheme="https" secure="true"
> > clientAuth="false" sslProtocol="SSLv3"
> >
> > SSLCertificateKeyFile="${catalina.base}\conf\13862451_localhost.key"
> >
> > SSLCertificateFile="${catalina.base}\conf\13862451_localhost.cert"
> > />
> >
> > At least I can do my work now.
> >
> > Unrelated, I cannot start my connector on port 443 or 8443. I commented
> > out every other connector in server.xml but this still happens. As a
> > workaround I changed the port to 8444 but I'm not sure why I need to.
> >
> > SEVERE: Failed to initialize end point associated with ProtocolHandler
> > ["http-ap r-8443"]
> > java.lang.Exception: Socket bind failed: [730
> 048] Only one usage of
> > each socket address (protocol/network address/port) is normally
> > permitted.
> > at
> > org.apache.tomcat.util.net.AprEndpoint.bind(AprEndpoint.java:446)
> > at
> > org.apache.tomcat.util.net.AbstractEndpoint.init(AbstractEndpoint.jav
> > a:610)1
> >
>
> Check your port usage. There is probably another application running on
> those ports.
> On Windows, you can use the netstat -a -b -n and look for listeners on
> those ports.
>
> Jeffrey Harris
>
> This e-mail and any attachments are intended only for the use of the
> addressee(s) named herein and may contain proprietary information. If you
> are not the intended recipient of this e-mail or believe that you received
> this email in error, please take immediate action to notify the sender of
> the apparent error by reply e-mail; permanently delete the e-mail and any
> attachments from your computer; and do not disseminate, distribute, use, or
> copy this message and any attachments.
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
> For additional commands, e-mail: users-help@tomcat.apache.org
>
>
RE: SSLCertificateKeyFile cannot find file that exists
Posted by "Harris, Jeffrey E." <Je...@ManTech.com>.
> -----Original Message-----
> From: Kevin Jenkins [mailto:rakkar@jenkinssoftware.com]
> Sent: Wednesday, March 27, 2013 1:23 PM
> To: Tomcat Users List
> Subject: Re: SSLCertificateKeyFile cannot find file that exists
>
> I finally got it working. For anyone else that has the same problem,
> the solution is very simple and I don't know why there are huge walls
> of text rather than just saying this
>
> To enable APR:
> 1. Download tomcat-native-1.1.27-win32-bin from
> http://apache.mirrors.lucidnetworks.net/tomcat/tomcat-
> connectors/native/1.1.27/binaries/
> 2. copy tcnative-1.dll to the Tomcat bin directory
>
> Get a self-signed key here:
> http://www.selfsignedcertificate.com/
>
> Use this connector in server.xml
> <Connector port="8444" redirectPort="444"
> protocol="org.apache.coyote.http11.Http11AprProtocol" SSLEnabled="true"
> maxThreads="150" scheme="https" secure="true"
> clientAuth="false" sslProtocol="SSLv3"
>
> SSLCertificateKeyFile="${catalina.base}\conf\13862451_localhost.key"
>
> SSLCertificateFile="${catalina.base}\conf\13862451_localhost.cert"
> />
>
> At least I can do my work now.
>
> Unrelated, I cannot start my connector on port 443 or 8443. I commented
> out every other connector in server.xml but this still happens. As a
> workaround I changed the port to 8444 but I'm not sure why I need to.
>
> SEVERE: Failed to initialize end point associated with ProtocolHandler
> ["http-ap r-8443"]
> java.lang.Exception: Socket bind failed: [730
048] Only one usage of
> each socket address (protocol/network address/port) is normally
> permitted.
> at
> org.apache.tomcat.util.net.AprEndpoint.bind(AprEndpoint.java:446)
> at
> org.apache.tomcat.util.net.AbstractEndpoint.init(AbstractEndpoint.jav
> a:610)1
>
Check your port usage. There is probably another application running on those ports.
On Windows, you can use the netstat -a -b -n and look for listeners on those ports.
Jeffrey Harris
This e-mail and any attachments are intended only for the use of the addressee(s) named herein and may contain proprietary information. If you are not the intended recipient of this e-mail or believe that you received this email in error, please take immediate action to notify the sender of the apparent error by reply e-mail; permanently delete the e-mail and any attachments from your computer; and do not disseminate, distribute, use, or copy this message and any attachments.
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org
Re: SSLCertificateKeyFile cannot find file that exists
Posted by Kevin Jenkins <ra...@jenkinssoftware.com>.
I finally got it working. For anyone else that has the same problem, the
solution is very simple and I don't know why there are huge walls of text
rather than just saying this
To enable APR:
1. Download tomcat-native-1.1.27-win32-bin from
http://apache.mirrors.lucidnetworks.net/tomcat/tomcat-connectors/native/1.1.27/binaries/
2. copy tcnative-1.dll to the Tomcat bin directory
Get a self-signed key here:
http://www.selfsignedcertificate.com/
Use this connector in server.xml
<Connector port="8444" redirectPort="444"
protocol="org.apache.coyote.http11.Http11AprProtocol" SSLEnabled="true"
maxThreads="150" scheme="https" secure="true"
clientAuth="false" sslProtocol="SSLv3"
SSLCertificateKeyFile="${catalina.base}\conf\13862451_localhost.key"
SSLCertificateFile="${catalina.base}\conf\13862451_localhost.cert"
/>
At least I can do my work now.
Unrelated, I cannot start my connector on port 443 or 8443. I commented out
every other connector in server.xml but this still happens. As a workaround
I changed the port to 8444 but I'm not sure why I need to.
SEVERE: Failed to initialize end point associated with ProtocolHandler
["http-ap
r-8443"]
java.lang.Exception: Socket bind failed: [730048] Only one usage of each
socket
address (protocol/network address/port) is normally permitted.
at org.apache.tomcat.util.net.AprEndpoint.bind(AprEndpoint.java:446)
at
org.apache.tomcat.util.net.AbstractEndpoint.init(AbstractEndpoint.jav
a:610)1
On Wed, Mar 27, 2013 at 9:46 AM, Harris, Jeffrey E. <
Jeffrey.Harris@mantech.com> wrote:
>
>
> > -----Original Message-----
> > From: Kevin Jenkins [mailto:rakkar@jenkinssoftware.com]
> > Sent: Wednesday, March 27, 2013 12:13 PM
> > To: Tomcat Users List
> > Subject: Re: SSLCertificateKeyFile cannot find file that exists
> >
> > Thanks for the answer Jeffery.
> >
> > Regarding the APR connector, I'm guessing since you said that Tomcat
> > doesn't come with it built-in already?
> >
> > Under installation / windows I downloaded this:
> > http://tomcat.apache.org/tomcat-7.0-doc/apr.html
> > I'm looking here http://tomcat.apache.org/tomcat-7.0-doc/apr.html under
> > installation and it said to download binaries here:
> > http://www.motorlogy.com/apache//tomcat/tomcat-
> > connectors/native/1.1.27/binaries/
> >
> > So I did that, copied tcnative-1.dll to D:\Program
> > Files\Java\jdk1.6.0_37\bin
> >
> > But it still didn't work when I clicked startup.bat. There's no
> > instructions on how to actually install APR that I can find beyond
> > saying to download the library. Not sure what to do at this point.
> >
> > Regarding converting the the key file and certificate file to a JKS
> > store... how do I do that/ I did some searching and came up with a wall
> > of complicated instructions. I've already spent hours trying to figure
> > out how to create self-signed keys (which is why I just went to that
> > website to begin with).
> >
> >
> > On Wed, Mar 27, 2013 at 8:49 AM, Harris, Jeffrey E. <
> > Jeffrey.Harris@mantech.com> wrote:
> >
> > >
> > >
> > > > -----Original Message-----
> > > > From: Kevin Jenkins [mailto:rakkar@jenkinssoftware.com]
> > > > Sent: Wednesday, March 27, 2013 11:46 AM
> > > > To: users@tomcat.apache.org
> > > > Subject: SSLCertificateKeyFile cannot find file that exists
> > > >
> > > > I'm working on a project where I need to test C++ code against an
> > > > HTTPS web server. So I am trying to get Tomcat to work using HTTPS
> > > > on localhost.
> > > > Security does not matter right now, I just need to get an HTTPS
> > > > server online so I can debug the C++.
> > > >
> > > > So I went to http://www.selfsignedcertificate.com/ and under server
> > > > name entered localhost.
> > > >
> > > > It gave me 2 files:
> > > > 3589340_localhost.key
> > > > 3589340_localhost.cert
> > > >
> > > > I copied those files to D:\apache-tomcat-7.0.37\conf
> > > >
> > > > I added this line to d:/apache-tomcat-7.0.37/confg/server.xml
> > > >
> > > > <Connector port="443" protocol="HTTP/1.1" SSLEnabled="true"
> > > > maxThreads="150" scheme="https" secure="true"
> > > > clientAuth="false" sslProtocol="SSLv3"
> > > >
> > > >
> > SSLCertificateKeyFile="${catalina.base}\conf\3589340_localhost.key"
> > > >
> > > > SSLCertificateFile="${catalina.base}\conf\3589340_localhost.cert"
> > > > />
> > > >
> > > > I double click "D:\apache-tomcat-7.0.37\bin\startup.bat"
> > > >
> > > > It doesn't work. I don't understand why it does it does not find a
> > > > matching property. The file is there on the harddrive.
> > > >
> > > > WARNING: [SetAllPropertiesRule]{Server/Service/Connector} Setting
> > > > property 'SSLC ertificateFile' to 'D:\apache-tomcat-
> > > > 7.0.37\conf\3589340_localhost.cert'
> > > > did not
> > > > find a matching property.
> > > > Mar 27, 2013 8:44:44 AM org.apache.coyote.AbstractProtocol init
> > > > INFO: Initializing ProtocolHandler ["http-bio-8080"] Mar 27, 2013
> > > > 8:44:44 AM org.apache.coyote.AbstractProtocol init
> > > > INFO: Initializing ProtocolHandler ["http-bio-443"] Mar 27, 2013
> > > > 8:44:44 AM org.apache.coyote.AbstractProtocol init
> > > > SEVERE: Failed to initialize end point associated with
> > > > ProtocolHandler ["http-bi o-443"]
> > > > java.io.IOException: Keystore was tampered with, or password was
> > > > incorrect
> > > > at
> > > >
> > sun.security.provider.JavaKeyStore.engineLoad(JavaKeyStore.java:771)
> > > > at
> > > >
> > sun.security.provider.JavaKeyStore$JKS.engineLoad(JavaKeyStore.java:
> > > > 3
> > > > 8)
> > > > at java.security.KeyStore.load(KeyStore.java:1185)
> > > > at
> > > >
> > org.apache.tomcat.util.net.jsse.JSSESocketFactory.getStore(JSSESocke
> > > > t
> > > > Factory.java:372)
> > > >
> > > > Thanks in advance for the help.
> > >
> > > You need to either use the APR connector, or convert the key file and
> > > certificate file to a JKS store, and update your configuration.
> > >
> > > Jeffrey Harris
> > >
>
> See the Tomcat documentation (
> http://tomcat.apache.org/tomcat-7.0-doc/ssl-howto.html) and look in the
> section "Edit the Tomcat Configuration File" to enable APR.
>
> Jeffrey Harris
>
> This e-mail and any attachments are intended only for the use of the
> addressee(s) named herein and may contain proprietary information. If you
> are not the intended recipient of this e-mail or believe that you received
> this email in error, please take immediate action to notify the sender of
> the apparent error by reply e-mail; permanently delete the e-mail and any
> attachments from your computer; and do not disseminate, distribute, use, or
> copy this message and any attachments.
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
> For additional commands, e-mail: users-help@tomcat.apache.org
>
>
RE: SSLCertificateKeyFile cannot find file that exists
Posted by "Harris, Jeffrey E." <Je...@ManTech.com>.
> -----Original Message-----
> From: Kevin Jenkins [mailto:rakkar@jenkinssoftware.com]
> Sent: Wednesday, March 27, 2013 12:13 PM
> To: Tomcat Users List
> Subject: Re: SSLCertificateKeyFile cannot find file that exists
>
> Thanks for the answer Jeffery.
>
> Regarding the APR connector, I'm guessing since you said that Tomcat
> doesn't come with it built-in already?
>
> Under installation / windows I downloaded this:
> http://tomcat.apache.org/tomcat-7.0-doc/apr.html
> I'm looking here http://tomcat.apache.org/tomcat-7.0-doc/apr.html under
> installation and it said to download binaries here:
> http://www.motorlogy.com/apache//tomcat/tomcat-
> connectors/native/1.1.27/binaries/
>
> So I did that, copied tcnative-1.dll to D:\Program
> Files\Java\jdk1.6.0_37\bin
>
> But it still didn't work when I clicked startup.bat. There's no
> instructions on how to actually install APR that I can find beyond
> saying to download the library. Not sure what to do at this point.
>
> Regarding converting the the key file and certificate file to a JKS
> store... how do I do that/ I did some searching and came up with a wall
> of complicated instructions. I've already spent hours trying to figure
> out how to create self-signed keys (which is why I just went to that
> website to begin with).
>
>
> On Wed, Mar 27, 2013 at 8:49 AM, Harris, Jeffrey E. <
> Jeffrey.Harris@mantech.com> wrote:
>
> >
> >
> > > -----Original Message-----
> > > From: Kevin Jenkins [mailto:rakkar@jenkinssoftware.com]
> > > Sent: Wednesday, March 27, 2013 11:46 AM
> > > To: users@tomcat.apache.org
> > > Subject: SSLCertificateKeyFile cannot find file that exists
> > >
> > > I'm working on a project where I need to test C++ code against an
> > > HTTPS web server. So I am trying to get Tomcat to work using HTTPS
> > > on localhost.
> > > Security does not matter right now, I just need to get an HTTPS
> > > server online so I can debug the C++.
> > >
> > > So I went to http://www.selfsignedcertificate.com/ and under server
> > > name entered localhost.
> > >
> > > It gave me 2 files:
> > > 3589340_localhost.key
> > > 3589340_localhost.cert
> > >
> > > I copied those files to D:\apache-tomcat-7.0.37\conf
> > >
> > > I added this line to d:/apache-tomcat-7.0.37/confg/server.xml
> > >
> > > <Connector port="443" protocol="HTTP/1.1" SSLEnabled="true"
> > > maxThreads="150" scheme="https" secure="true"
> > > clientAuth="false" sslProtocol="SSLv3"
> > >
> > >
> SSLCertificateKeyFile="${catalina.base}\conf\3589340_localhost.key"
> > >
> > > SSLCertificateFile="${catalina.base}\conf\3589340_localhost.cert"
> > > />
> > >
> > > I double click "D:\apache-tomcat-7.0.37\bin\startup.bat"
> > >
> > > It doesn't work. I don't understand why it does it does not find a
> > > matching property. The file is there on the harddrive.
> > >
> > > WARNING: [SetAllPropertiesRule]{Server/Service/Connector} Setting
> > > property 'SSLC ertificateFile' to 'D:\apache-tomcat-
> > > 7.0.37\conf\3589340_localhost.cert'
> > > did not
> > > find a matching property.
> > > Mar 27, 2013 8:44:44 AM org.apache.coyote.AbstractProtocol init
> > > INFO: Initializing ProtocolHandler ["http-bio-8080"] Mar 27, 2013
> > > 8:44:44 AM org.apache.coyote.AbstractProtocol init
> > > INFO: Initializing ProtocolHandler ["http-bio-443"] Mar 27, 2013
> > > 8:44:44 AM org.apache.coyote.AbstractProtocol init
> > > SEVERE: Failed to initialize end point associated with
> > > ProtocolHandler ["http-bi o-443"]
> > > java.io.IOException: Keystore was tampered with, or password was
> > > incorrect
> > > at
> > >
> sun.security.provider.JavaKeyStore.engineLoad(JavaKeyStore.java:771)
> > > at
> > >
> sun.security.provider.JavaKeyStore$JKS.engineLoad(JavaKeyStore.java:
> > > 3
> > > 8)
> > > at java.security.KeyStore.load(KeyStore.java:1185)
> > > at
> > >
> org.apache.tomcat.util.net.jsse.JSSESocketFactory.getStore(JSSESocke
> > > t
> > > Factory.java:372)
> > >
> > > Thanks in advance for the help.
> >
> > You need to either use the APR connector, or convert the key file and
> > certificate file to a JKS store, and update your configuration.
> >
> > Jeffrey Harris
> >
See the Tomcat documentation (http://tomcat.apache.org/tomcat-7.0-doc/ssl-howto.html) and look in the section "Edit the Tomcat Configuration File" to enable APR.
Jeffrey Harris
This e-mail and any attachments are intended only for the use of the addressee(s) named herein and may contain proprietary information. If you are not the intended recipient of this e-mail or believe that you received this email in error, please take immediate action to notify the sender of the apparent error by reply e-mail; permanently delete the e-mail and any attachments from your computer; and do not disseminate, distribute, use, or copy this message and any attachments.
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org
Re: SSLCertificateKeyFile cannot find file that exists
Posted by Kevin Jenkins <ra...@jenkinssoftware.com>.
Thanks for the answer Jeffery.
Regarding the APR connector, I'm guessing since you said that Tomcat
doesn't come with it built-in already?
Under installation / windows I downloaded this:
http://tomcat.apache.org/tomcat-7.0-doc/apr.html
I'm looking here http://tomcat.apache.org/tomcat-7.0-doc/apr.html under
installation and it said to download binaries here:
http://www.motorlogy.com/apache//tomcat/tomcat-connectors/native/1.1.27/binaries/
So I did that, copied tcnative-1.dll to D:\Program
Files\Java\jdk1.6.0_37\bin
But it still didn't work when I clicked startup.bat. There's no
instructions on how to actually install APR that I can find beyond saying
to download the library. Not sure what to do at this point.
Regarding converting the the key file and certificate file to a JKS
store... how do I do that/ I did some searching and came up with a wall of
complicated instructions. I've already spent hours trying to figure out how
to create self-signed keys (which is why I just went to that website to
begin with).
On Wed, Mar 27, 2013 at 8:49 AM, Harris, Jeffrey E. <
Jeffrey.Harris@mantech.com> wrote:
>
>
> > -----Original Message-----
> > From: Kevin Jenkins [mailto:rakkar@jenkinssoftware.com]
> > Sent: Wednesday, March 27, 2013 11:46 AM
> > To: users@tomcat.apache.org
> > Subject: SSLCertificateKeyFile cannot find file that exists
> >
> > I'm working on a project where I need to test C++ code against an HTTPS
> > web server. So I am trying to get Tomcat to work using HTTPS on
> > localhost.
> > Security does not matter right now, I just need to get an HTTPS server
> > online so I can debug the C++.
> >
> > So I went to http://www.selfsignedcertificate.com/ and under server
> > name entered localhost.
> >
> > It gave me 2 files:
> > 3589340_localhost.key
> > 3589340_localhost.cert
> >
> > I copied those files to D:\apache-tomcat-7.0.37\conf
> >
> > I added this line to d:/apache-tomcat-7.0.37/confg/server.xml
> >
> > <Connector port="443" protocol="HTTP/1.1" SSLEnabled="true"
> > maxThreads="150" scheme="https" secure="true"
> > clientAuth="false" sslProtocol="SSLv3"
> >
> > SSLCertificateKeyFile="${catalina.base}\conf\3589340_localhost.key"
> >
> > SSLCertificateFile="${catalina.base}\conf\3589340_localhost.cert"
> > />
> >
> > I double click "D:\apache-tomcat-7.0.37\bin\startup.bat"
> >
> > It doesn't work. I don't understand why it does it does not find a
> > matching property. The file is there on the harddrive.
> >
> > WARNING: [SetAllPropertiesRule]{Server/Service/Connector} Setting
> > property 'SSLC ertificateFile' to 'D:\apache-tomcat-
> > 7.0.37\conf\3589340_localhost.cert'
> > did not
> > find a matching property.
> > Mar 27, 2013 8:44:44 AM org.apache.coyote.AbstractProtocol init
> > INFO: Initializing ProtocolHandler ["http-bio-8080"] Mar 27, 2013
> > 8:44:44 AM org.apache.coyote.AbstractProtocol init
> > INFO: Initializing ProtocolHandler ["http-bio-443"] Mar 27, 2013
> > 8:44:44 AM org.apache.coyote.AbstractProtocol init
> > SEVERE: Failed to initialize end point associated with ProtocolHandler
> > ["http-bi o-443"]
> > java.io.IOException: Keystore was tampered with, or password was
> > incorrect
> > at
> > sun.security.provider.JavaKeyStore.engineLoad(JavaKeyStore.java:771)
> > at
> > sun.security.provider.JavaKeyStore$JKS.engineLoad(JavaKeyStore.java:3
> > 8)
> > at java.security.KeyStore.load(KeyStore.java:1185)
> > at
> > org.apache.tomcat.util.net.jsse.JSSESocketFactory.getStore(JSSESocket
> > Factory.java:372)
> >
> > Thanks in advance for the help.
>
> You need to either use the APR connector, or convert the key file and
> certificate file to a JKS store, and update your configuration.
>
> Jeffrey Harris
>
> This e-mail and any attachments are intended only for the use of the
> addressee(s) named herein and may contain proprietary information. If you
> are not the intended recipient of this e-mail or believe that you received
> this email in error, please take immediate action to notify the sender of
> the apparent error by reply e-mail; permanently delete the e-mail and any
> attachments from your computer; and do not disseminate, distribute, use, or
> copy this message and any attachments.
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
> For additional commands, e-mail: users-help@tomcat.apache.org
>
>
RE: SSLCertificateKeyFile cannot find file that exists
Posted by "Harris, Jeffrey E." <Je...@ManTech.com>.
> -----Original Message-----
> From: Kevin Jenkins [mailto:rakkar@jenkinssoftware.com]
> Sent: Wednesday, March 27, 2013 11:46 AM
> To: users@tomcat.apache.org
> Subject: SSLCertificateKeyFile cannot find file that exists
>
> I'm working on a project where I need to test C++ code against an HTTPS
> web server. So I am trying to get Tomcat to work using HTTPS on
> localhost.
> Security does not matter right now, I just need to get an HTTPS server
> online so I can debug the C++.
>
> So I went to http://www.selfsignedcertificate.com/ and under server
> name entered localhost.
>
> It gave me 2 files:
> 3589340_localhost.key
> 3589340_localhost.cert
>
> I copied those files to D:\apache-tomcat-7.0.37\conf
>
> I added this line to d:/apache-tomcat-7.0.37/confg/server.xml
>
> <Connector port="443" protocol="HTTP/1.1" SSLEnabled="true"
> maxThreads="150" scheme="https" secure="true"
> clientAuth="false" sslProtocol="SSLv3"
>
> SSLCertificateKeyFile="${catalina.base}\conf\3589340_localhost.key"
>
> SSLCertificateFile="${catalina.base}\conf\3589340_localhost.cert"
> />
>
> I double click "D:\apache-tomcat-7.0.37\bin\startup.bat"
>
> It doesn't work. I don't understand why it does it does not find a
> matching property. The file is there on the harddrive.
>
> WARNING: [SetAllPropertiesRule]{Server/Service/Connector} Setting
> property 'SSLC ertificateFile' to 'D:\apache-tomcat-
> 7.0.37\conf\3589340_localhost.cert'
> did not
> find a matching property.
> Mar 27, 2013 8:44:44 AM org.apache.coyote.AbstractProtocol init
> INFO: Initializing ProtocolHandler ["http-bio-8080"] Mar 27, 2013
> 8:44:44 AM org.apache.coyote.AbstractProtocol init
> INFO: Initializing ProtocolHandler ["http-bio-443"] Mar 27, 2013
> 8:44:44 AM org.apache.coyote.AbstractProtocol init
> SEVERE: Failed to initialize end point associated with ProtocolHandler
> ["http-bi o-443"]
> java.io.IOException: Keystore was tampered with, or password was
> incorrect
> at
> sun.security.provider.JavaKeyStore.engineLoad(JavaKeyStore.java:771)
> at
> sun.security.provider.JavaKeyStore$JKS.engineLoad(JavaKeyStore.java:3
> 8)
> at java.security.KeyStore.load(KeyStore.java:1185)
> at
> org.apache.tomcat.util.net.jsse.JSSESocketFactory.getStore(JSSESocket
> Factory.java:372)
>
> Thanks in advance for the help.
You need to either use the APR connector, or convert the key file and certificate file to a JKS store, and update your configuration.
Jeffrey Harris
This e-mail and any attachments are intended only for the use of the addressee(s) named herein and may contain proprietary information. If you are not the intended recipient of this e-mail or believe that you received this email in error, please take immediate action to notify the sender of the apparent error by reply e-mail; permanently delete the e-mail and any attachments from your computer; and do not disseminate, distribute, use, or copy this message and any attachments.
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org