You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@tomcat.apache.org by James Snider <Ja...@hbcs.org> on 2013/04/12 22:42:07 UTC
Errors when trying to configure SSL for Apache Tomcat 7
Hi,
I have installed Tomcat 7 on a 64 bit server running Windows 2003 R2 and am trying to configure SSL to work.
I am have generated the 2 certs and a private key and added them to the server.xml SSL HTTPS/1.1 Connector on port 443 configuration with the following code:
<Connector port="443" maxHttpHeaderSize="8192"
maxThreads="150"
enableLookups="false" disableUploadTimeout="true"
acceptCount="100" scheme="https" secure="true"
clientAuth="false" sslProtocol="ALL -SSLv2"
SSLEngine="on"
SSLCertificateFile="C:\Program Files\Apache Software Foundation\Tomcat 5.5\webapps\ROOT\CRT\www.companyx.com.crt"
SSLCertificateKeyFile="C:\Program Files\Apache Software Foundation\Tomcat 5.5\webapps\ROOT\CRT\www.companyx.com.key"
SSLCertificateChainFile="C:\Program Files\Apache Software Foundation\Tomcat 5.5\webapps\ROOT\CRT\www.companyx.com.chain-CA.crt"
SSLCipherSuite="ALL"/>
Please note that this configuration is apples for apples to my current configuration I have running on another server with the same OS and bits but utilizing Apache Tomcat 5.5. When I start the Apache Tomcat 7.0 service I receive the following errors:
Apr 12, 2013 4:05:59 PM org.apache.catalina.core.AprLifecycleListener init
INFO: The APR based Apache Tomcat Native library which allows optimal performance in production environments was not found on the java.library.path: C:\Program Files\Apache Software Foundation\Tomcat 7.0\bin;C:\WINDOWS\Sun\Java\bin;C:\WINDOWS\system32;C:\WINDOWS;C:\Program Files\Java\jdk1.7.0_17\bin;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;.
Apr 12, 2013 4:05:59 PM org.apache.catalina.startup.SetAllPropertiesRule begin
WARNING: [SetAllPropertiesRule]{Server/Service/Connector} Setting property 'SSLCertificateFile' to 'C:\Program Files\Apache Software Foundation\Tomcat 7.0\conf\CRT\ www.companyx.com.crt' did not find a matching property.
Apr 12, 2013 4:05:59 PM org.apache.catalina.startup.SetAllPropertiesRule begin
WARNING: [SetAllPropertiesRule]{Server/Service/Connector} Setting property 'SSLCertificateKeyFile' to 'C:\Program Files\Apache Software Foundation\Tomcat 7.0\conf\CRT\ www.companyx.com.key' did not find a matching property.
Apr 12, 2013 4:05:59 PM org.apache.catalina.startup.SetAllPropertiesRule begin
WARNING: [SetAllPropertiesRule]{Server/Service/Connector} Setting property 'SSLCertificateChainFile' to 'C:\Program Files\Apache Software Foundation\Tomcat 7.0\conf\CRT\ www.companyx.com.chain-CA.crt' did not find a matching property.
Can you please help me troubleshoot these errors? I have searched online and can not seem to find any solutions.
Thanks,
James
------------------ CONFIDENTIALITY NOTICE ---------------
This message, including any attachments, is for the sole use of the
intended recipient(s) and may contain privileged confidential information
protected by law. Any unauthorized review, use, disclosure or distribution
of this message is prohibited. If you are not the intended recipient, please
contact the sender by reply e-mail and destroy all copies of this message.
------------------ CONFIDENTIALITY NOTICE ---------------
Re: Errors when trying to configure SSL for Apache Tomcat 7
Posted by Christopher Schultz <ch...@christopherschultz.net>.
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
James,
On 4/17/13 4:10 PM, James Snider wrote:
> I have reinstalled Apache Tomcat with the tcnative library and I
> am not receiving the SSL certificate errors as seen earlier.
Good.
> But I am now receiving the following errors upon startup:
Not so good.
> Apr 17, 2013 3:13:58 PM
> org.apache.catalina.startup.SetAllPropertiesRule begin WARNING:
> [SetAllPropertiesRule]{Server/Service/Connector} Setting property
> 'maxSpareThreads' to '75' did not find a matching property.
Re-read the configuration section on "Connector".
> Apr 17, 2013 3:13:58 PM
> org.apache.catalina.startup.SetAllPropertiesRule begin WARNING:
> [SetAllPropertiesRule]{Server/Service/Connector} Setting property
> 'SSLEngine' to 'on' did not find a matching property.
Re-read the configuration section on "Connector".
> Apr 17, 2013 3:13:58 PM
> org.apache.catalina.core.AprLifecycleListener initializeSSL INFO:
> OpenSSL successfully initialized (OpenSSL 1.0.1d 5 Feb 2013)
Good! OpenSSL launched correctly.
> Apr 17, 2013 3:13:58 PM org.apache.coyote.AbstractProtocol init
> INFO: Initializing ProtocolHandler ["http-apr-80"] Apr 17, 2013
> 3:13:59 PM org.apache.coyote.AbstractProtocol init INFO:
> Initializing ProtocolHandler ["http-apr-443"] Apr 17, 2013 3:13:59
> PM org.apache.coyote.AbstractProtocol init SEVERE: Failed to
> initialize end point associated with ProtocolHandler
> ["http-apr-443"] java.lang.Exception: Unable to load certificate
> key C:\Program Files\Apache Software Foundation\Tomcat
> 7.0\conf\CRT\hncshvm.hbcs.org.key (error:02001003:system
> library:fopen:No such process) at
> org.apache.tomcat.jni.SSLContext.setCertificate(Native Method)
So the JVM is correctly invoking your native library, but it can't
load the certificate for some reason. My first guess would be a
permissions issue (check file permissions against the effective user
running Tomcat).
> To answer your questions I have Tomcat installed in the C:\Program
> Files\Apache Software Foudnation\Tomcat directory. I am using a
> windows server 2003 R2 x64 bit OS AND Have java version 1.7
> installed.
Okay. Are you running Tomcat as a service? That often results in weird
permissions issues because services have very few privileges on the
local machine.
- -chris
-----BEGIN PGP SIGNATURE-----
Version: GnuPG/MacGPG2 v2.0.17 (Darwin)
Comment: GPGTools - http://gpgtools.org
Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/
iQIcBAEBCAAGBQJRcG6WAAoJEBzwKT+lPKRYiYIP/ir/BEetEwhxK1+AdbqHThVY
PnV3YyAdoNjschTytBxUdgX5XGIDPT7OTcbpgNoktxOxRniaixj4OLf1ABN08tLV
WukLcnSv6rhoezCgucQNbmBTZEcLQXZJrLxSTbSX6OHXX2xLdpvueYylHKdfT4H/
LXoOEljaTG5tM5tUc9TqrKf3NJPO6HKpiyoMC18ehVNxEDruxr0suxK/GPqf2/dv
qKine3d+KwKE5l4DWGIw2okqYdpmPAQ0O2OZO6RwRiYg+5CuVTXYUz/ESVFfqWQG
ISWECgfZRn7I8EnynKFRrdXIp1LfxoYYb/UDZxZWlmKwZN011SmkAu6XP+HRWdB8
vsJSlb/C9zsG1AlKCsgr8TrmFHXz+Bu2+zRA0bFz9K5Qy1Q4kph0qUwSxVWRnF3D
Zi2CXlqqyBrvXV5neetMPDaccnYGXPCqFdfSOoaFwOIJADCo7w+oFaEhQVTI+hA5
HAp6r2bePO+V5S88clQtDuVtfSUtwFgq8xQTxnihlc19mwZFAK7dFkXzIiRsqDYw
gH/43+ytrwn7WEdmzWjxjhPd4r0XUzBtXPJx3mCr4VvIXy8uVsEWh0t5UhYvOj56
FI9I2ea+qoO4CrmdCvkIGX1mbeni83xv/lDLp154Qp8mQBldWFYs/jFZRDzZiMUI
G9bS403DGoOPiCi6lF5n
=vTgA
-----END PGP SIGNATURE-----
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org
RE: Errors when trying to configure SSL for Apache Tomcat 7
Posted by James Snider <Ja...@hbcs.org>.
Hi Chris,
Thanks for your help!
I have reinstalled Apache Tomcat with the tcnative library and I am not receiving the SSL certificate errors as seen earlier. But I am now receiving the following errors upon startup:
Apr 17, 2013 3:13:58 PM org.apache.catalina.startup.SetAllPropertiesRule begin
WARNING: [SetAllPropertiesRule]{Server/Service/Connector} Setting property 'maxSpareThreads' to '75' did not find a matching property.
Apr 17, 2013 3:13:58 PM org.apache.catalina.startup.SetAllPropertiesRule begin
WARNING: [SetAllPropertiesRule]{Server/Service/Connector} Setting property 'SSLEngine' to 'on' did not find a matching property.
Apr 17, 2013 3:13:58 PM org.apache.catalina.core.AprLifecycleListener initializeSSL
INFO: OpenSSL successfully initialized (OpenSSL 1.0.1d 5 Feb 2013)
Apr 17, 2013 3:13:58 PM org.apache.coyote.AbstractProtocol init
INFO: Initializing ProtocolHandler ["http-apr-80"]
Apr 17, 2013 3:13:59 PM org.apache.coyote.AbstractProtocol init
INFO: Initializing ProtocolHandler ["http-apr-443"]
Apr 17, 2013 3:13:59 PM org.apache.coyote.AbstractProtocol init
SEVERE: Failed to initialize end point associated with ProtocolHandler ["http-apr-443"]
java.lang.Exception: Unable to load certificate key C:\Program Files\Apache Software Foundation\Tomcat 7.0\conf\CRT\hncshvm.hbcs.org.key (error:02001003:system library:fopen:No such process)
at org.apache.tomcat.jni.SSLContext.setCertificate(Native Method)
at org.apache.tomcat.util.net.AprEndpoint.bind(AprEndpoint.java:590)
at org.apache.tomcat.util.net.AbstractEndpoint.init(AbstractEndpoint.java:610)
at org.apache.coyote.AbstractProtocol.init(AbstractProtocol.java:429)
at org.apache.catalina.connector.Connector.initInternal(Connector.java:981)
at org.apache.catalina.util.LifecycleBase.init(LifecycleBase.java:102)
at org.apache.catalina.core.StandardService.initInternal(StandardService.java:559)
at org.apache.catalina.util.LifecycleBase.init(LifecycleBase.java:102)
at org.apache.catalina.core.StandardServer.initInternal(StandardServer.java:814)
at org.apache.catalina.util.LifecycleBase.init(LifecycleBase.java:102)
at org.apache.catalina.startup.Catalina.load(Catalina.java:633)
at org.apache.catalina.startup.Catalina.load(Catalina.java:658)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(Unknown Source)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(Unknown Source)
at java.lang.reflect.Method.invoke(Unknown Source)
at org.apache.catalina.startup.Bootstrap.load(Bootstrap.java:281)
at org.apache.catalina.startup.Bootstrap.main(Bootstrap.java:455)
Apr 17, 2013 3:13:59 PM org.apache.catalina.core.StandardService initInternal
SEVERE: Failed to initialize connector [Connector[HTTP/1.1-443]]
org.apache.catalina.LifecycleException: Failed to initialize component [Connector[HTTP/1.1-443]]
at org.apache.catalina.util.LifecycleBase.init(LifecycleBase.java:106)
at org.apache.catalina.core.StandardService.initInternal(StandardService.java:559)
at org.apache.catalina.util.LifecycleBase.init(LifecycleBase.java:102)
at org.apache.catalina.core.StandardServer.initInternal(StandardServer.java:814)
at org.apache.catalina.util.LifecycleBase.init(LifecycleBase.java:102)
at org.apache.catalina.startup.Catalina.load(Catalina.java:633)
at org.apache.catalina.startup.Catalina.load(Catalina.java:658)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(Unknown Source)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(Unknown Source)
at java.lang.reflect.Method.invoke(Unknown Source)
at org.apache.catalina.startup.Bootstrap.load(Bootstrap.java:281)
at org.apache.catalina.startup.Bootstrap.main(Bootstrap.java:455)
Caused by: org.apache.catalina.LifecycleException: Protocol handler initialization failed
at org.apache.catalina.connector.Connector.initInternal(Connector.java:983)
at org.apache.catalina.util.LifecycleBase.init(LifecycleBase.java:102)
... 12 more
Caused by: java.lang.Exception: Unable to load certificate key C:\Program Files\Apache Software Foundation\Tomcat 7.0\conf\CRT\hncshvm.hbcs.org.key (error:02001003:system library:fopen:No such process)
at org.apache.tomcat.jni.SSLContext.setCertificate(Native Method)
at org.apache.tomcat.util.net.AprEndpoint.bind(AprEndpoint.java:590)
at org.apache.tomcat.util.net.AbstractEndpoint.init(AbstractEndpoint.java:610)
at org.apache.coyote.AbstractProtocol.init(AbstractProtocol.java:429)
at org.apache.catalina.connector.Connector.initInternal(Connector.java:981)
... 13 more
To answer your questions I have Tomcat installed in the C:\Program Files\Apache Software Foudnation\Tomcat directory. I am using a windows server 2003 R2 x64 bit OS AND Have java version 1.7 installed.
-----Original Message-----
From: Christopher Schultz [mailto:chris@christopherschultz.net]
Sent: Wednesday, April 17, 2013 12:08 PM
To: Tomcat Users List
Subject: Re: Errors when trying to configure SSL for Apache Tomcat 7
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
James,
On 4/17/13 10:12 AM, James Snider wrote:
> After reviewing the APR<Connector> documentation, I am still receiving
> the errors involving the SSL Certificate and do not understand where
> the issue is being generated. I have attached a copy of my current
> server.xml file and screenshots of the errors I am receiving upon
> start up.
Server.xml came over, but the screenshots did not: this list strips most attachments.
> Can you give me more insight on resolving this issue?
Your configuration in your two environments is identical (server.xml is nominally the same) but your two environments are not identical. To
wit: your broken environment is missing the tcnative library. Your log file even told you so:
> Apr 12, 2013 4:05:59 PM
> org.apache.catalina.core.AprLifecycleListener init INFO: The APR based
> Apache Tomcat Native library which allows optimal performance in
> production environments was not found on the java.library.path:
> C:\Program Files\Apache Software Foundation\Tomcat
> 7.0\bin;C:\WINDOWS\Sun\Java\bin;C:\WINDOWS\system32;C:\WINDOWS;C:\Prog
> ram
> Files\Java\jdk1.7.0_17\bin;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;.
While
>
that is an INFO message and does not in and of itself represent a problem, you are clearly trying to use the APR connector which requires this library to be present:
> Apr 12, 2013 4:05:59 PM
> org.apache.catalina.startup.SetAllPropertiesRule begin WARNING:
> [SetAllPropertiesRule]{Server/Service/Connector} Setting property
> 'SSLCertificateFile' to 'C:\Program Files\Apache Software
> Foundation\Tomcat 7.0\conf\CRT\ www.companyx.com.crt' did not find a
> matching property.
The SSLCertificateFile <Connector> attribute is only valid for APR connectors. Thus, you need tcnative to be installed and have a matching architecture to your JVM.
> Is there a support # I can call to have a technician walk me through
> troubleshooting this or any professional services I can contact?
Apache is an all-volunteer organization and this (and other) mailing lists are provided at no cost to you. Any subscriber to this list may feel free to give you advice but that advice comes with no warranty and no guarantee of success. It also comes with no cost. You get what you pay for.
If you want to pay someone to help you *right now*, consider looking at the list of Tomcat consultants which you can find here:
http://wiki.apache.org/tomcat/SupportAndTraining
Honestly, this is something you can fix yourself by asking yourself these questions:
1. Where is Tomcat installed? Is there a tcnative*.dll file somewhere inside that directory (or subdirectories)? If it's not there, your installation is broken and you should try again. Chuck suggested that already.
2. What JVM are you running? What is the architecture (ia32, ia64, or x86_64)? What is the architecture of the .dll file you found above? If they don't match, then you need to make them match. Re-installing Tomcat and ensuring that you choose the JVM you intend to use during installation should ensure that you have the right flavor library in the right place.
- -chris
-----BEGIN PGP SIGNATURE-----
Version: GnuPG/MacGPG2 v2.0.17 (Darwin)
Comment: GPGTools - http://gpgtools.org
Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/
iQIcBAEBCAAGBQJRbsjCAAoJEBzwKT+lPKRYUsoQALblluwq86M7OrTW2BpAO6Vp
y/aiM8v4m/S65GQLSlVN9WLKy2T3/JMdEGoCRwvqZL+Fq60ZojI2Wmdd+gAuJQ0G
Xk0Mc7s192PNr39+pvejpW9B2obVJbPCCdvI9YvglpnWExfFS8z6NjZolUeDT4cG
Qng1a2tgEYb5hu4MIyl4bRZuj2I/ROKPDIKj+ZVuMKXePI3M7GyWZfangtfAkYsV
pWRrevb6lCD9JwQgvaCP+T9L58kD0AzoRUQW66wMHlaFP45ft7LrO2oEbKzMD8tP
LGsD0t1PC1Zma064VM135b7ddw+6Ne/XuLZVOLnAL9ow0dCk6DfTFC0w1yMPG5r0
EV71dOPZmeLxlqjEn8w3XqTVk3Ya2OhIdkFSlLyAtwy4dJqDQWlCx4YtQZAx7PHp
i6xu7Bq8OB22I4IAqX2d5mzvWPfPFFY0HvxczXfOZihHvKIaBazC07Qvo9SOweAR
uAU5+mmg17TNDvdYONwxYOjGnQr7p4L5EZO41ZkzsZX9e5lULlg2w5houU20PYad
Y3hkIkebDXcz4o0aKh6yRf7TAQN3drYaM0LubEChSYJvO/w21z65oXrgERU+0OEU
TrpY7WpTC20j+WkWBlogwCaspw9b0SyHUGpSpFvzY3SO+2WbjbLM2hw/10nZQ4ZV
ujxF4wBleJPKdDfKRDuR
=4nOC
-----END PGP SIGNATURE-----
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org
------------------ CONFIDENTIALITY NOTICE ---------------
This message, including any attachments, is for the sole use of the
intended recipient(s) and may contain privileged confidential information
protected by law. Any unauthorized review, use, disclosure or distribution
of this message is prohibited. If you are not the intended recipient, please
contact the sender by reply e-mail and destroy all copies of this message.
------------------ CONFIDENTIALITY NOTICE ---------------
Re: Errors when trying to configure SSL for Apache Tomcat 7
Posted by Christopher Schultz <ch...@christopherschultz.net>.
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
James,
On 4/17/13 10:12 AM, James Snider wrote:
> After reviewing the APR<Connector> documentation, I am still
> receiving the errors involving the SSL Certificate and do not
> understand where the issue is being generated. I have attached a
> copy of my current server.xml file and screenshots of the errors I
> am receiving upon start up.
Server.xml came over, but the screenshots did not: this list strips
most attachments.
> Can you give me more insight on resolving this issue?
Your configuration in your two environments is identical (server.xml
is nominally the same) but your two environments are not identical. To
wit: your broken environment is missing the tcnative library. Your log
file even told you so:
> Apr 12, 2013 4:05:59 PM
> org.apache.catalina.core.AprLifecycleListener init INFO: The APR
> based Apache Tomcat Native library which allows optimal performance
> in production environments was not found on the java.library.path:
> C:\Program Files\Apache Software Foundation\Tomcat
> 7.0\bin;C:\WINDOWS\Sun\Java\bin;C:\WINDOWS\system32;C:\WINDOWS;C:\Program
> Files\Java\jdk1.7.0_17\bin;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;.
While
>
that is an INFO message and does not in and of itself represent
a problem, you are clearly trying to use the APR connector which
requires this library to be present:
> Apr 12, 2013 4:05:59 PM
> org.apache.catalina.startup.SetAllPropertiesRule begin WARNING:
> [SetAllPropertiesRule]{Server/Service/Connector} Setting property
> 'SSLCertificateFile' to 'C:\Program Files\Apache Software
> Foundation\Tomcat 7.0\conf\CRT\ www.companyx.com.crt' did not find
> a matching property.
The SSLCertificateFile <Connector> attribute is only valid for APR
connectors. Thus, you need tcnative to be installed and have a
matching architecture to your JVM.
> Is there a support # I can call to have a technician walk me
> through troubleshooting this or any professional services I can
> contact?
Apache is an all-volunteer organization and this (and other) mailing
lists are provided at no cost to you. Any subscriber to this list may
feel free to give you advice but that advice comes with no warranty
and no guarantee of success. It also comes with no cost. You get what
you pay for.
If you want to pay someone to help you *right now*, consider looking
at the list of Tomcat consultants which you can find here:
http://wiki.apache.org/tomcat/SupportAndTraining
Honestly, this is something you can fix yourself by asking yourself
these questions:
1. Where is Tomcat installed? Is there a tcnative*.dll file somewhere
inside that directory (or subdirectories)? If it's not there, your
installation is broken and you should try again. Chuck suggested that
already.
2. What JVM are you running? What is the architecture (ia32, ia64, or
x86_64)? What is the architecture of the .dll file you found above? If
they don't match, then you need to make them match. Re-installing
Tomcat and ensuring that you choose the JVM you intend to use during
installation should ensure that you have the right flavor library in
the right place.
- -chris
-----BEGIN PGP SIGNATURE-----
Version: GnuPG/MacGPG2 v2.0.17 (Darwin)
Comment: GPGTools - http://gpgtools.org
Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/
iQIcBAEBCAAGBQJRbsjCAAoJEBzwKT+lPKRYUsoQALblluwq86M7OrTW2BpAO6Vp
y/aiM8v4m/S65GQLSlVN9WLKy2T3/JMdEGoCRwvqZL+Fq60ZojI2Wmdd+gAuJQ0G
Xk0Mc7s192PNr39+pvejpW9B2obVJbPCCdvI9YvglpnWExfFS8z6NjZolUeDT4cG
Qng1a2tgEYb5hu4MIyl4bRZuj2I/ROKPDIKj+ZVuMKXePI3M7GyWZfangtfAkYsV
pWRrevb6lCD9JwQgvaCP+T9L58kD0AzoRUQW66wMHlaFP45ft7LrO2oEbKzMD8tP
LGsD0t1PC1Zma064VM135b7ddw+6Ne/XuLZVOLnAL9ow0dCk6DfTFC0w1yMPG5r0
EV71dOPZmeLxlqjEn8w3XqTVk3Ya2OhIdkFSlLyAtwy4dJqDQWlCx4YtQZAx7PHp
i6xu7Bq8OB22I4IAqX2d5mzvWPfPFFY0HvxczXfOZihHvKIaBazC07Qvo9SOweAR
uAU5+mmg17TNDvdYONwxYOjGnQr7p4L5EZO41ZkzsZX9e5lULlg2w5houU20PYad
Y3hkIkebDXcz4o0aKh6yRf7TAQN3drYaM0LubEChSYJvO/w21z65oXrgERU+0OEU
TrpY7WpTC20j+WkWBlogwCaspw9b0SyHUGpSpFvzY3SO+2WbjbLM2hw/10nZQ4ZV
ujxF4wBleJPKdDfKRDuR
=4nOC
-----END PGP SIGNATURE-----
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org
RE: Errors when trying to configure SSL for Apache Tomcat 7
Posted by James Snider <Ja...@hbcs.org>.
Hi Chuck,
After reviewing the APR<Connector> documentation, I am still receiving the errors involving the SSL Certificate and do not understand where the issue is being generated. I have attached a copy of my current server.xml file and screenshots of the errors I am receiving upon start up.
Can you give me more insight on resolving this issue? Is there a support # I can call to have a technician walk me through troubleshooting this or any professional services I can contact?
Thanks,
James Snider | Project Leader - Business Solutions Programming & System Administration
HBCS | Energize Your Revenue Cycle
118 Lukens Drive | New Castle, DE 19720
Ph: 302-552-8065 | Fx: 302.254.3749
E-mail | James.Snider@hbcs.org
www.hbcs.org
-----Original Message-----
From: Caldarale, Charles R [mailto:Chuck.Caldarale@unisys.com]
Sent: Friday, April 12, 2013 5:00 PM
To: Tomcat Users List
Subject: RE: Errors when trying to configure SSL for Apache Tomcat 7
> From: James Snider [mailto:James.Snider@hbcs.org]
> Subject: Errors when trying to configure SSL for Apache Tomcat 7
> I am have generated the 2 certs and a private key and added them to
> the server.xml SSL HTTPS/1.1 Connector on port 443 configuration with
> the following code:
> SSLCertificateFile="C:\Program Files\Apache Software Foundation\
> Tomcat 5.5\webapps\ROOT\CRT\www.companyx.com.crt"
> SSLCertificateKeyFile="C:\Program Files\Apache Software Foundation\
> Tomcat 5.5\webapps\ROOT\CRT\www.companyx.com.key"
> SSLCertificateChainFile="C:\Program Files\Apache Software Foundation\
> Tomcat 5.5\webapps\ROOT\CRT\www.companyx.com.chain-CA.crt"
Note that the above are for use with the APR <Connector>; see:
http://tomcat.apache.org/tomcat-7.0-doc/config/http.html#SSL_Support_-_APR/Native
However:
> Apr 12, 2013 4:05:59 PM org.apache.catalina.core.AprLifecycleListener
> init
> INFO: The APR based Apache Tomcat Native library which allows optimal
> performance in production environments was not found on the java.library.path:
You don't have the APR library (tcnative-1.dll) installed. If you use the proper Tomcat download, the .dll will be there. Note that the 32- vs 64-bit mode must match that of the JVM you're using, not the mode of the OS.
- Chuck
THIS COMMUNICATION MAY CONTAIN CONFIDENTIAL AND/OR OTHERWISE PROPRIETARY MATERIAL and is thus for use only by the intended recipient. If you received this in error, please contact the sender and delete the e-mail and its attachments from all computers.
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org
------------------ CONFIDENTIALITY NOTICE ---------------
This message, including any attachments, is for the sole use of the
intended recipient(s) and may contain privileged confidential information
protected by law. Any unauthorized review, use, disclosure or distribution
of this message is prohibited. If you are not the intended recipient, please
contact the sender by reply e-mail and destroy all copies of this message.
------------------ CONFIDENTIALITY NOTICE ---------------
RE: Errors when trying to configure SSL for Apache Tomcat 7
Posted by "Caldarale, Charles R" <Ch...@unisys.com>.
> From: James Snider [mailto:James.Snider@hbcs.org]
> Subject: Errors when trying to configure SSL for Apache Tomcat 7
> I am have generated the 2 certs and a private key and added them to
> the server.xml SSL HTTPS/1.1 Connector on port 443 configuration with
> the following code:
> SSLCertificateFile="C:\Program Files\Apache Software Foundation\
> Tomcat 5.5\webapps\ROOT\CRT\www.companyx.com.crt"
> SSLCertificateKeyFile="C:\Program Files\Apache Software Foundation\
> Tomcat 5.5\webapps\ROOT\CRT\www.companyx.com.key"
> SSLCertificateChainFile="C:\Program Files\Apache Software Foundation\
> Tomcat 5.5\webapps\ROOT\CRT\www.companyx.com.chain-CA.crt"
Note that the above are for use with the APR <Connector>; see:
http://tomcat.apache.org/tomcat-7.0-doc/config/http.html#SSL_Support_-_APR/Native
However:
> Apr 12, 2013 4:05:59 PM org.apache.catalina.core.AprLifecycleListener init
> INFO: The APR based Apache Tomcat Native library which allows optimal performance
> in production environments was not found on the java.library.path:
You don't have the APR library (tcnative-1.dll) installed. If you use the proper Tomcat download, the .dll will be there. Note that the 32- vs 64-bit mode must match that of the JVM you're using, not the mode of the OS.
- Chuck
THIS COMMUNICATION MAY CONTAIN CONFIDENTIAL AND/OR OTHERWISE PROPRIETARY MATERIAL and is thus for use only by the intended recipient. If you received this in error, please contact the sender and delete the e-mail and its attachments from all computers.
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org