You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@tomcat.apache.org by Ivano Luberti <lu...@archicoop.it.INVALID> on 2023/07/09 19:56:58 UTC
Re: problem with SSL connection java.security.NoSuchAlgorithmException: Error constructing implementation
Hi all.
Finally found out the issue.
And had nothing to do with tomcat.
There are two web applications under this particular instance of tomcat
Both of them contain an http client that issues https connections.
Application A sets explicitly the certificate store type to PKCS
Application B does not, so is expecting JKS.
The JDK instance has a JKS certificate store.
Launching application A causes an exception when it tries to connect via
HTTPS
Application B then fails because finds in SystemProperty that the
certificate store is PKCS but actually it is JKS.
I'm writing this to underline that as predictable it was not a problem
with tomcat
Thanks to everyone spent time into this, especially Chris
Il 27/06/2023 16:35, Christopher Schultz ha scritto:
> Ivano,
>
> On 6/27/23 09:15, Ivano Luberti wrote:
>> We had another Linux server that should have been identical to the
>> one where the problem was occuring. Tested the same software on that
>> without the issue.
>>
>> So we cloned the latter and replaced the former.
> >
>> Now everything works as expected.
>
> Hah.
>
>> Before the replacement we tried to find out any difference between
>> the two servers, especially with regard to JDK and Tomcat
>> installations but to no avail: they looked identical file by file,
>> not only by version. I had supposed the cacert file was corrupted but
>> it was identical to the one on the working machine.
>>
>> Having found a practical solution we have decided to give up
>> investigating.
>>
>> Thank you again to you and the other that paid attention to my issue.
>
> Of course.
>
> Someone recently posted a similar issue that has no explanation which
> magically went-away after (essentially) re-building the server. There
> was nothing specific that could be pointed-to as a likely source of
> the problem, but now it's just /gone/.
>
> It's not entirely satisfying from a "what if it happens again"
> perspective, but "you can't argue with results."
>
> -chris
>
>> Il 26/06/2023 18:50, Christopher Schultz ha scritto:
>>> Ivano,
>>>
>>> On 6/8/23 06:10, Ivano Luberti wrote:
>>>> Hi, all I have the following problem.
>>>
>>> [snip]
>>>
>>> My guess is that looking at the code in this general area would be
>>> helpful. If you are able to add debug logging in there to spoit-out
>>> some of the crypto configuration being used, I'm sure it would help:
>>>
>>>>> it.sella.ecomm.WSCryptDecryptStub,encrypt,197
>>>>> it.archicoop.met.sistemapagamento.bancasella.wscryptdecryptclient.WSClient,encrypt,61
>>>>>
>>>>> it.archimede.met.backoffice.pagamento.GestionePagamento,encrypt,75
>>>>> it.archimede.met.turisti.servlet.NuovoOrdineAcquista,encrypt,379
>>>
>>> Sorry, I don't think anybody here will be able to help much further
>>> without a lot more information.
>>>
>>> -chris
>>>
>>> ---------------------------------------------------------------------
>>> To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
>>> For additional commands, e-mail: users-help@tomcat.apache.org
>>>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
> For additional commands, e-mail: users-help@tomcat.apache.org
>
--
Archimede Informatica tratta i dati personali in conformità a quanto
stabilito dal Regolamento UE n. 2016/679 (GDPR) e dal D. Lgs. 30 giugno
2003 n. 196
per come modificato dal D.Lgs. 10 agosto 2018 n. 101.
Informativa completa
<http://www.archicoop.it/fileadmin/pdf/InformativaTrattamentoDatiPersonali.pdf>
dott. Ivano Mario Luberti
Archimede Informatica società cooperativa a r. l.
Via Gereschi 36, 56127 Pisa
tel.: +39 050/580959 | fax: +39 050/8932061
web: www.archicoop.it
linkedin: www.linkedin.com/in/ivanoluberti
facebook: www.facebook.com/archimedeinformaticapisa/