Hi, I should have mention that I am running tomcat as a standalone server. I mentioned the link (http://www.fatofthelan.com/articles/articles.php?pid=12) as a reference to generate self-signed certificate with OpenSSL on windows. Even though it is very nice article about how to setup SSL with Apache. I only applied part-3 (Generate a test certificate) from that article to my Tomcat+SSL procedure.
One thing that I found intersting on that article is part-4 (Configuring Apache and mod_ssl). In this part, if you look at changes in httpd.conf, as mentioned below, SSLEngine on SSLCertificateFile conf/ssl/server.cert SSLCertificateKeyFile conf/ssl/server.key which is the same parameter that Remy has suggested. If I have found this article early, I may be able to solve the issue. But again since I figured it out, I like it now. Regards. D --- Scott Purcell <[EMAIL PROTECTED]> wrote: > Hello Dhaval, > > I was reading the article below, and it looks you you are not running Tomcat > as standalone? Are > you running Apache behind the scenes? > > I was just curious. > > Scott > > > -----Original Message----- > From: Dhaval Patel [mailto:[EMAIL PROTECTED] > Sent: Thursday, December 01, 2005 8:49 AM > To: Tomcat Users List > Subject: Re: SSL InvalidKeystore Format? > > > Hi Scott, > > I am not tomcat expert as well as I can not help you about the error you > are getting. > After Remy's last message on SSL with APR, I finally got my windows xp + > tomcat 5.5.12 + APR + > SSL working. Following are the steps that I have followed: > > (1) Install Tomcat 5.5.12 and make sure it is working. > (2) Download APR component (openssl.exe and tcnative-1.dll) and put it in > %TOMCAT_HOME%\bin. > (http://tomcat.heanet.ie/native/1.1.0/binaries/win32/) > (3) I generated server.key and server.cert following guide at > http://www.fatofthelan.com/articles/articles.php?pid=12 .I have put them in > %TOMCAT_HOME%\bin > only. > (Make sure you follow the guide. I had trouble setting openssl.exe on windows > xp. The answer is > on > that page only. You have to download openssl.cnf from google and place it in > some folder and > make > a new environment OPENSSL_CONF pointing to that file. Trust me that link is > very good.) > (4) Change the server.xml in following way: > <Connector port="443" maxHttpHeaderSize="8192" > maxThreads="150" minSpareThreads="25" maxSpareThreads="75" > enableLookups="false" disableUploadTimeout="true" > scheme="https" secure="true" > SSLEngine="on" > SSLCertificateFile="C:\Tomcat5.5\bin\server.crt" > SSLCertificateKeyFile="C:\Tomcat5.5\bin\server.key" /> > (5) Restart the tomcat and SSL is enabled. > > I dont know if you have did the same way and you have issues. If you want > to try, you can > follow the above steps on some other windows xp machine. It worked for me so > it should work for > you. If you start from scratch, it may take about 30-40 mins to setup above > things. > > Let me know how it goes. > > Regards, > D > > --- Scott Purcell <[EMAIL PROTECTED]> wrote: > > > Well, after wasting much time trying to get the SSL running on 5.5.12, on > > XP, and finding out > > about the bad tcnative-1.dll, I thought I was out of the woods on my SSL > > configuration. But it > > appears I have one last issue (hopefully) > > Since I renamed the tcnative-1.dll, I am getting logs in regards to my SSL > > (I was not getting > > those prior, see earlier posts) and I am receiving this error: I believe I > > have a good > keystore, > > because my public key from Verisign was happy with it, but for some reason, > > Tomcat is stikll > not > > happy with it. > > Any ideas why this error may occur? > > Nov 30, 2005 10:44:53 PM org.apache.coyote.http11.Http11BaseProtocol init > > INFO: Initializing Coyote HTTP/1.1 on http-80 > > Nov 30, 2005 10:44:54 PM org.apache.coyote.http11.Http11BaseProtocol init > > SEVERE: Error initializing endpoint > > java.io.IOException: Invalid keystore format > > at sun.security.provider.JavaKeyStore.engineLoad(Unknown Source) > > at java.security.KeyStore.load(Unknown Source) > > at > > org.apache.tomcat.util.net.jsse.JSSESocketFactory.getStore(JSSESocketFactory.java:282) > > at > > org.apache.tomcat.util.net.jsse.JSSESocketFactory.getTrustStore(JSSESocketFactory.java:256) > > at > > > org.apache.tomcat.util.net.jsse.JSSE14SocketFactory.getTrustManagers(JSSE14SocketFactory.java:174) > > at > > org.apache.tomcat.util.net.jsse.JSSE14SocketFactory.init(JSSE14SocketFactory.java:109) > > at > > org.apache.tomcat.util.net.jsse.JSSESocketFactory.createSocket(JSSESocketFactory.java:88) > > at > > org.apache.tomcat.util.net.PoolTcpEndpoint.initEndpoint(PoolTcpEndpoint.java:292) > > at > > org.apache.coyote.http11.Http11BaseProtocol.init(Http11BaseProtocol.java:137) > > at org.apache.catalina.connector.Connector.initialize(Connector.java:1016) > > at > > org.apache.catalina.core.StandardService.initialize(StandardService.java:580) > > at > > org.apache.catalina.core.StandardServer.initialize(StandardServer.java:762) > > at org.apache.catalina.startup.Catalina.load(Catalina.java:488) > > at org.apache.catalina.startup.Catalina.load(Catalina.java:508) > > at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) > > at sun.reflect.NativeMethodAccessorImpl.invoke(Unknown Source) > > at sun.reflect.DelegatingMethodAccessorImpl.invoke(Unknown Source) > > at java.lang.reflect.Method.invoke(Unknown Source) > > at org.apache.catalina.startup.Bootstrap.load(Bootstrap.java:247) > > at org.apache.catalina.startup.Bootstrap.main(Bootstrap.java:412) > > Nov 30, 2005 10:44:54 PM org.apache.catalina.startup.Catalina load > > SEVERE: Catalina.start > > LifecycleException: Protocol handler initialization failed: > > java.io.IOException: Invalid > > keystore format > > at org.apache.catalina.connector.Connector.initialize(Connector.java:1018) > > at > > org.apache.catalina.core.StandardService.initialize(StandardService.java:580) > > at > > org.apache.catalina.core.StandardServer.initialize(StandardServer.java:762) > > at org.apache.catalina.startup.Catalina.load(Catalina.java:488) > > at org.apache.catalina.startup.Catalina.load(Catalina.java:508) > > at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) > > at sun.reflect.NativeMethodAccessorImpl.invoke(Unknown Source) > > at sun.reflect.DelegatingMethodAccessorImpl.invoke(Unknown Source) > > at java.lang.reflect.Method.invoke(Unknown Source) > > at org.apache.catalina.startup.Bootstrap.load(Bootstrap.java:247) > > at org.apache.catalina.startup.Bootstrap.main(Bootstrap.java:412) > > Nov 30, 2005 10:44:54 PM org.apache.catalina.startup.Catalina load > > INFO: Initialization processed in 1890 ms > > Nov 30, 2005 10:44:54 PM org.apache.catalina.core.StandardService start > > > > > > > > > > > > --------------------------------------------------------------------- > > To unsubscribe, e-mail: [EMAIL PROTECTED] > > For additional commands, e-mail: [EMAIL PROTECTED] > > > > > > > > > __________________________________ > Yahoo! Music Unlimited > Access over 1 million songs. Try it free. > http://music.yahoo.com/unlimited/ > > --------------------------------------------------------------------- > To unsubscribe, e-mail: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED] > > > --------------------------------------------------------------------- > To unsubscribe, e-mail: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED] > > __________________________________ Start your day with Yahoo! - Make it your home page! http://www.yahoo.com/r/hs --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
