komlaaa
asked on
SSL tomcat configuration
Hi Experts! Please help out Project deadline approaching
To configure SSL on tomcat, i am done the following(as shown on http://tomcat.apache.org/tomcat-5.0-doc/ssl-howto.html):
WHAT HAVE I ALREADY DONE:
1.)I create a new keystore from scratch, containing a single self-signed Certificate, execute the following from a terminal command line:
2.) I am using jdk5 so no need to download jsse.
3.) my ".storekey" looks as follow:
<Connector port="8443"
maxThreads="150" minSpareThreads="25" maxSpareThreads="75"
enableLookups="false" disableUploadTimeout="true "
acceptCount="100" debug="0" scheme="https" secure="true"
clientAuth="false" sslProtocol="TLS"
keystoreFile="C:\Documents and Settings\myName\.keystore"
keystorePass="changeit"/>
MY PROBLEM: I am getting the exception below:
SEVERE: Error initializing endpoint
java.io.IOException: Cannot recover key
at org.apache.tomcat.util.net .jsse.JSSE 14SocketFa ctory.init (JSSE14Soc ketFactory .java:127)
at org.apache.tomcat.util.net .jsse.JSSE SocketFact ory.create Socket(JSS ESocketFac tory.java: 88)
at org.apache.tomcat.util.net .PoolTcpEn dpoint.ini tEndpoint( PoolTcpEnd point.java :259)
at org.apache.coyote.http11.H ttp11Proto col.init(H ttp11Proto col.java:1 37)
at org.apache.coyote.tomcat5. CoyoteConn ector.init ialize(Coy oteConnect or.java:14 29)
at org.apache.catalina.core.S tandardSer vice.initi alize(Stan dardServic e.java:609 )
at org.apache.catalina.core.S tandardSer ver.initia lize(Stand ardServer. java:2384)
at org.apache.catalina.startu p.Catalina .load(Cata lina.java: 507)
at org.apache.catalina.startu p.Catalina .load(Cata lina.java: 528)
at sun.reflect.NativeMethodAc cessorImpl .invoke0(N ative Method)
at sun.reflect.NativeMethodAc cessorImpl .invoke(Na tiveMethod AccessorIm pl.java:39 )
at sun.reflect.DelegatingMeth odAccessor Impl.invok e(Delegati ngMethodAc cessorImpl .java:25)
at java.lang.reflect.Method.i nvoke(Meth od.java:58 5)
at org.apache.catalina.startu p.Bootstra p.load(Boo tstrap.jav a:250)
at org.apache.catalina.startu p.Bootstra p.main(Boo tstrap.jav a:424)
May 10, 2006 4:13:06 PM org.apache.catalina.startu p.Catalina load
SEVERE: Catalina.start
LifecycleException: Protocol handler initialization failed: java.io.IOException: Cannot recover key
at org.apache.coyote.tomcat5. CoyoteConn ector.init ialize(Coy oteConnect or.java:14 31)
To configure SSL on tomcat, i am done the following(as shown on http://tomcat.apache.org/tomcat-5.0-doc/ssl-howto.html):
WHAT HAVE I ALREADY DONE:
1.)I create a new keystore from scratch, containing a single self-signed Certificate, execute the following from a terminal command line:
2.) I am using jdk5 so no need to download jsse.
3.) my ".storekey" looks as follow:
<Connector port="8443"
maxThreads="150" minSpareThreads="25" maxSpareThreads="75"
enableLookups="false" disableUploadTimeout="true
acceptCount="100" debug="0" scheme="https" secure="true"
clientAuth="false" sslProtocol="TLS"
keystoreFile="C:\Documents
keystorePass="changeit"/>
MY PROBLEM: I am getting the exception below:
SEVERE: Error initializing endpoint
java.io.IOException: Cannot recover key
at org.apache.tomcat.util.net
at org.apache.tomcat.util.net
at org.apache.tomcat.util.net
at org.apache.coyote.http11.H
at org.apache.coyote.tomcat5.
at org.apache.catalina.core.S
at org.apache.catalina.core.S
at org.apache.catalina.startu
at org.apache.catalina.startu
at sun.reflect.NativeMethodAc
at sun.reflect.NativeMethodAc
at sun.reflect.DelegatingMeth
at java.lang.reflect.Method.i
at org.apache.catalina.startu
at org.apache.catalina.startu
May 10, 2006 4:13:06 PM org.apache.catalina.startu
SEVERE: Catalina.start
LifecycleException: Protocol handler initialization failed: java.io.IOException: Cannot recover key
at org.apache.coyote.tomcat5.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
you are right actonwang. my bad, i did not provide the same password twice during the account setup process.
Your are good
thanks again
Your are good
thanks again
keytool -keypasswd -alias tomcat
then change the key password to "changeit" which is identical to the password for the keystore.
I assumed that you gave password of keystore as "changeit" as you specified in the server.xml.
It should do it.
Ok. Enjoy and be relaxed :)
Acton