-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Kumaresh,
On 10/24/12 6:38 AM, KumareshGopalsamy wrote: > I have followed below steps to setup SSL > > Details Tomcat 6.0.24 Windows server 2008 R2 Datacenter Since you are using SSL, I suspect you are interested in protecting your data. You should seriously upgrade to the latest Tomcat 6.0.36, as there are known vulnerabilities with your version: http://tomcat.apache.org/security-6.html > <Connector port="8443" protocol="HTTP/1.1" SSLEnabled="true" > maxThreads="150" scheme="https" secure="true" clientAuth="false" > sslProtocol="TLS" keystorePass="changeit" keystoreFile=" > C:\apache-tomcat-6.0.24-windows-x64\key \.keystore"/> This is a JSSE keystore-based certificate configuration. > 22-Oct-2012 11:21:43 org.apache.catalina.core.AprLifecycleListener > init INFO: Loaded APR based Apache Tomcat Native library 1.1.19. > 22-Oct-2012 11:21:43 org.apache.catalina.core.AprLifecycleListener > init INFO: APR capabilities: IPv6 [true], sendfile [true], accept > filters [false], random [true]. You are using APR (tcnative). > INFO: Initializing Coyote HTTP/1.1 on http-8080 22-Oct-2012 > 11:21:44 org.apache.coyote.http11.Http11AprProtocol init Your <Connector> is auto-choosing APR-based HTTP/1.1 protocol. > SEVERE: Error initializing endpoint > > java.lang.Exception: No Certificate file specified or invalid file > format APR uses a different file format and configuration from the BIO and NIO HTTP/1.1 connectors. So, either you need to re-do your certificates so that you have separate PEM-encoded files on the disk like httpd does, and configure them appropriately (http://tomcat.apache.org/tomcat-6.0-doc/apr.html#HTTPS) or you need to change your <Connector> to use a non-APR connector like this for BIO: <Connector protocol="org.apache.coyote.http11.Http11Protocol" Or like this for NIO: <Connector protocol="org.apache.coyote.http11.Http11NioProtocol" Or you can disable APR by commenting-out the <Listener> in server.xml, or you can just remove the tcnative* binaries from your Tomcat installation. Hope that helps, - -chris -----BEGIN PGP SIGNATURE----- Version: GnuPG/MacGPG2 v2.0.17 (Darwin) Comment: GPGTools - http://gpgtools.org Comment: Using GnuPG with Mozilla - http://www.enigmail.net/ iEYEARECAAYFAlCH8CYACgkQ9CaO5/Lv0PDVNgCgpOVZad9f/o87to6fWwezplHC 9Y4AnRnh3k72yIizIGQUCJeX7pYZrj61 =QUfe -----END PGP SIGNATURE----- --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
