If i am giving the full path of the certificate like
c:/tomcat/conf/<filename> then its taking the file, as the error i was
getting "SEVERE: Failed to initialize end point associated with
ProtocolHandler ["http-apr-443"]" that's no more.

But the tomcat server is started without any error but won't able to open
the home page of tomcat giving the error like:
This site can’t be reached
The webpage at *https://<hostname>:8443/* might be temporarily down or it
may have moved permanently to a new web address.

If i telnet the server then its not able to connect but if i use openssl
s_client -connect it shows the certificate information.
Any suggestion?

Thanks,
Devendra

On Wed, Jul 13, 2016 at 1:54 PM, André Warnier (tomcat) <a...@ice-sa.com>
wrote:

> On 13.07.2016 07:02, Devendra Sengar wrote:
>
>> File is there and permission is also fine and having proper openssl.cnf.
>>
>> Any other view?
>>
>
> Really "shooting in the dark" here, since I am neither a Windows nor an
> SSL specialist :
> The error message mentions "no such process".  Assuming (and that may be a
> naive assumption) that the error message reflects the reality, could it not
> be that the handling of these SSL keys/cartificates under Windows, requires
> some background Windows "cryptographic service" to be active, and that it
> is not ?
> (or some DLL to be found somewhere, where it isn't)
>
>
>
>> Thanks,
>> Devendra
>>
>> On Tue, Jul 12, 2016 at 9:10 PM, André Warnier (tomcat) <a...@ice-sa.com>
>> wrote:
>>
>> On 12.07.2016 16:33, Harrie Robins wrote:
>>>
>>> java.lang.Exception: Unable to load certificate key
>>>> conf/localhost-key.pem (error:02001003:system library:fopen:No such
>>>> process
>>>>
>>>> If I'm correct you are either missing correct rights to this file or it
>>>> is not in the given location.
>>>> A second possibility is missing password for key file.
>>>>
>>>>
>>> Alternatively, searching Google for error:02001003, there are a number of
>>> hits there which point to the same kind of message, most of which seem to
>>> be for Windows and OpenSSL, and most of which mention the need for a
>>> proper
>>> "openssl.cnf" in the proper location.
>>> This may or may not be relevant to your problem.
>>>
>>>
>>>
>>> SSLPassword="pass"
>>>>
>>>> Regards,
>>>>
>>>> Harrie
>>>>
>>>> -----Original Message-----
>>>> From: Devendra Sengar [mailto:dssen...@gmail.com]
>>>> Sent: dinsdag 12 juli 2016 10:50
>>>> To: users@tomcat.apache.org
>>>> Subject: Facing issue while configuring SSL
>>>>
>>>> Hi,
>>>>
>>>> This is regarding the configuration of Tomcat SSL using the APR library
>>>> on Java 6.
>>>>
>>>> While starting the server I am getting the below error:
>>>>
>>>> SEVERE: Failed to initialize end point associated with ProtocolHandler
>>>> ["http-apr-443"]
>>>> java.lang.Exception: Unable to load certificate key
>>>> conf/localhost-key.pem (error:02001003:system library:fopen:No such
>>>> process)
>>>>
>>>> I am trying to implement SSL using independent libraries for OpenSSL,
>>>> Tomcat Native and Apache Portable Runtime.
>>>>
>>>> I have downloaded precompiled versions of OpenSSL and Tomcat Native (see
>>>> them attached). I have tried compiling the Apache Portable Runtime using
>>>> Visual Studio (find it also attached).
>>>>
>>>> I am running those libraries on either Tomcat 7.0.6 or 7.0.70 64-bit for
>>>> Windows (using the 64-bit distro, not the installer one).
>>>>
>>>> We are restricted by our applicatioin to use Oracle Java 6 Updated 115
>>>> 64-bit.
>>>>
>>>> The versions of the libraries I am using are the latest available
>>>> online,
>>>> again see the binaries attached.
>>>>
>>>> The parameters used in the server.xml file are:
>>>>
>>>> For Tomcat 7.0.6:
>>>> <Connector
>>>>     protocol="org.apache.coyote.http11.Http11AprProtocol"
>>>>     port="443" maxThreads="200"
>>>>     scheme="https" secure="true" SSLEnabled="true"
>>>>     SSLCertificateFile="conf/localhost-cert.pem"
>>>>     SSLCertificateKeyFile="conf/localhost-key.pem"
>>>>     SSLCertificateChainFile="conf/ca.crt"
>>>>     SSLVerifyClient="optional" SSLProtocol="TLSv1"
>>>>     SSLCipherSuite="HIGH:!aNULL:!eNULL:!EXPORT:!DES:!RC4:!MD5:!kRSA"/>
>>>>
>>>> For Tomcat 7.0.70
>>>>
>>>> <Connector
>>>>     protocol="org.apache.coyote.http11.Http11AprProtocol"
>>>>     port="443" maxThreads="200"
>>>>     scheme="https" secure="true" SSLEnabled="true"
>>>>     SSLCertificateFile="conf/localhost-cert.pem"
>>>>     SSLCertificateKeyFile="conf/localhost-key.pem"
>>>>     SSLCertificateChainFile="conf/ca.crt"
>>>>     SSLVerifyClient="optional" SSLProtocol="TLSv1_2"
>>>>     SSLCipherSuite="HIGH:!aNULL:!eNULL:!EXPORT:!DES:!RC4:!MD5:!kRSA"/>
>>>>
>>>> The library files are in the tomcat bin folder as openssl.exe,
>>>> tcnative-1.dll and libapr-1.dll.
>>>>
>>>> tcnative-1.dll:
>>>>
>>>>
>>>> https://drive.google.com/file/d/0ByilOlQCXOkWQ1ZCckhodHBvQk0/view?usp=sharing
>>>> openssl.exe:
>>>>
>>>>
>>>> https://drive.google.com/file/d/0ByilOlQCXOkWQk9KUUJSb3ZqeW8/view?usp=sharing
>>>> libapr-1.dll:
>>>>
>>>>
>>>> https://drive.google.com/file/d/0ByilOlQCXOkWV09NTi0tNWxhZnM/view?usp=sharing
>>>>
>>>>
>>>> The same certificates files mentioned in the server.xml file were used
>>>> and work in a brand new Apache web server.
>>>>
>>>> Please let us know your opinion of what can cause those errors?
>>>>
>>>> Can it be because of a APR dll not compiled properly?
>>>>
>>>> Any other idea?
>>>>
>>>> Thanks,
>>>> Devendra
>>>>
>>>>
>>>> ---------------------------------------------------------------------
>>>> To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
>>>> For additional commands, e-mail: users-h...@tomcat.apache.org
>>>>
>>>>
>>>>
>>> ---------------------------------------------------------------------
>>> To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
>>> For additional commands, e-mail: users-h...@tomcat.apache.org
>>>
>>>
>>>
>>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
> For additional commands, e-mail: users-h...@tomcat.apache.org
>
>

Reply via email to