On 13.07.2016 07:02, Devendra Sengar wrote:
File is there and permission is also fine and having proper openssl.cnf.
Any other view?
Really "shooting in the dark" here, since I am neither a Windows nor an SSL
specialist :
The error message mentions "no such process". Assuming (and that may be a naive
assumption) that the error message reflects the reality, could it not be that the handling
of these SSL keys/cartificates under Windows, requires some background Windows
"cryptographic service" to be active, and that it is not ?
(or some DLL to be found somewhere, where it isn't)
Thanks,
Devendra
On Tue, Jul 12, 2016 at 9:10 PM, André Warnier (tomcat) <a...@ice-sa.com>
wrote:
On 12.07.2016 16:33, Harrie Robins wrote:
java.lang.Exception: Unable to load certificate key
conf/localhost-key.pem (error:02001003:system library:fopen:No such process
If I'm correct you are either missing correct rights to this file or it
is not in the given location.
A second possibility is missing password for key file.
Alternatively, searching Google for error:02001003, there are a number of
hits there which point to the same kind of message, most of which seem to
be for Windows and OpenSSL, and most of which mention the need for a proper
"openssl.cnf" in the proper location.
This may or may not be relevant to your problem.
SSLPassword="pass"
Regards,
Harrie
-----Original Message-----
From: Devendra Sengar [mailto:dssen...@gmail.com]
Sent: dinsdag 12 juli 2016 10:50
To: users@tomcat.apache.org
Subject: Facing issue while configuring SSL
Hi,
This is regarding the configuration of Tomcat SSL using the APR library
on Java 6.
While starting the server I am getting the below error:
SEVERE: Failed to initialize end point associated with ProtocolHandler
["http-apr-443"]
java.lang.Exception: Unable to load certificate key
conf/localhost-key.pem (error:02001003:system library:fopen:No such process)
I am trying to implement SSL using independent libraries for OpenSSL,
Tomcat Native and Apache Portable Runtime.
I have downloaded precompiled versions of OpenSSL and Tomcat Native (see
them attached). I have tried compiling the Apache Portable Runtime using
Visual Studio (find it also attached).
I am running those libraries on either Tomcat 7.0.6 or 7.0.70 64-bit for
Windows (using the 64-bit distro, not the installer one).
We are restricted by our applicatioin to use Oracle Java 6 Updated 115
64-bit.
The versions of the libraries I am using are the latest available online,
again see the binaries attached.
The parameters used in the server.xml file are:
For Tomcat 7.0.6:
<Connector
protocol="org.apache.coyote.http11.Http11AprProtocol"
port="443" maxThreads="200"
scheme="https" secure="true" SSLEnabled="true"
SSLCertificateFile="conf/localhost-cert.pem"
SSLCertificateKeyFile="conf/localhost-key.pem"
SSLCertificateChainFile="conf/ca.crt"
SSLVerifyClient="optional" SSLProtocol="TLSv1"
SSLCipherSuite="HIGH:!aNULL:!eNULL:!EXPORT:!DES:!RC4:!MD5:!kRSA"/>
For Tomcat 7.0.70
<Connector
protocol="org.apache.coyote.http11.Http11AprProtocol"
port="443" maxThreads="200"
scheme="https" secure="true" SSLEnabled="true"
SSLCertificateFile="conf/localhost-cert.pem"
SSLCertificateKeyFile="conf/localhost-key.pem"
SSLCertificateChainFile="conf/ca.crt"
SSLVerifyClient="optional" SSLProtocol="TLSv1_2"
SSLCipherSuite="HIGH:!aNULL:!eNULL:!EXPORT:!DES:!RC4:!MD5:!kRSA"/>
The library files are in the tomcat bin folder as openssl.exe,
tcnative-1.dll and libapr-1.dll.
tcnative-1.dll:
https://drive.google.com/file/d/0ByilOlQCXOkWQ1ZCckhodHBvQk0/view?usp=sharing
openssl.exe:
https://drive.google.com/file/d/0ByilOlQCXOkWQk9KUUJSb3ZqeW8/view?usp=sharing
libapr-1.dll:
https://drive.google.com/file/d/0ByilOlQCXOkWV09NTi0tNWxhZnM/view?usp=sharing
The same certificates files mentioned in the server.xml file were used
and work in a brand new Apache web server.
Please let us know your opinion of what can cause those errors?
Can it be because of a APR dll not compiled properly?
Any other idea?
Thanks,
Devendra
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org