On 22/08/2016 13:40, Chuck Syperski wrote: > Hello, > > I am having issues when upgrading from 8.5.3 to 8.5.4 with SSL. It seems > that my config from 8.5.3 is not working with 8.5.4 when using the same > exact file. The majority of the server.xml is stock, but here what I > manually have changed and it is where I am encountering my problem....
Known issue. Already fixed for 8.5.5: http://svn.us.apache.org/repos/asf/tomcat/tc8.5.x/trunk/webapps/docs/changelog.xml Mark > .... > <Connector port="8443" protocol="org.apache.coyote.http11.Http11NioProtocol" > scheme="https" secure="true" maxThreads="750" > SSLEnabled="true"> > <SSLHostConfig> > <Certificate > certificateFile="/opt/ssl/cert.pem" > certificateChainFile="/opt/ssl/chain.pem" > certificateKeyFile="/opt/ssl/privkey.pem" > type="RSA" /> > </SSLHostConfig> > </Connector> > .... > This worked fine with 8.5.3, but I get the following errors in catalina.out > on 8.5.4.... > > 22-Aug-2016 12:16:21.139 INFO [main] > org.apache.coyote.AbstractProtocol.init Initializing ProtocolHandler > ["https-jsse-nio-8443"] > 22-Aug-2016 12:16:22.119 SEVERE [main] > org.apache.tomcat.util.net.SSLUtilBase.getStore Failed to load keystore > type [JKS] with path [/home/tomcat8/.keystore] due to > [/home/tomcat8/.keystore (No such file or directory)] > java.io.FileNotFoundException: /home/tomcat8/.keystore (No such file or > directory) > at java.io.FileInputStream.open0(Native Method) > at java.io.FileInputStream.open(FileInputStream.java:195) > at java.io.FileInputStream.<init>(FileInputStream.java:138) > at java.io.FileInputStream.<init>(FileInputStream.java:93) > at > sun.net.www.protocol.file.FileURLConnection.connect(FileURLConnection.java:90) > at > sun.net.www.protocol.file.FileURLConnection.getInputStream(FileURLConnection.java:188) > at > org.apache.tomcat.util.file.ConfigFileLoader.getInputStream(ConfigFileLoader.java:96) > at org.apache.tomcat.util.net.SSLUtilBase.getStore(SSLUtilBase.java:129) > at > org.apache.tomcat.util.net.SSLHostConfigCertificate.getCertificateKeystore(SSLHostConfigCertificate.java:187) > at > org.apache.tomcat.util.net.jsse.JSSEUtil.getKeyManagers(JSSEUtil.java:189) > at > org.apache.tomcat.util.net.AbstractJsseEndpoint.createSSLContext(AbstractJsseEndpoint.java:101) > at > org.apache.tomcat.util.net.AbstractJsseEndpoint.initialiseSsl(AbstractJsseEndpoint.java:81) > at org.apache.tomcat.util.net.NioEndpoint.bind(NioEndpoint.java:245) > at > org.apache.tomcat.util.net.AbstractEndpoint.init(AbstractEndpoint.java:866) > at > org.apache.tomcat.util.net.AbstractJsseEndpoint.init(AbstractJsseEndpoint.java:213) > at org.apache.coyote.AbstractProtocol.init(AbstractProtocol.java:558) > at > org.apache.coyote.http11.AbstractHttp11Protocol.init(AbstractHttp11Protocol.java:65) > at org.apache.catalina.connector.Connector.initInternal(Connector.java:1010) > at org.apache.catalina.util.LifecycleBase.init(LifecycleBase.java:107) > at > org.apache.catalina.core.StandardService.initInternal(StandardService.java:549) > at org.apache.catalina.util.LifecycleBase.init(LifecycleBase.java:107) > at > org.apache.catalina.core.StandardServer.initInternal(StandardServer.java:873) > at org.apache.catalina.util.LifecycleBase.init(LifecycleBase.java:107) > at org.apache.catalina.startup.Catalina.load(Catalina.java:606) > at org.apache.catalina.startup.Catalina.load(Catalina.java:629) > at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) > at > sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62) > at > sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) > at java.lang.reflect.Method.invoke(Method.java:498) > at org.apache.catalina.startup.Bootstrap.load(Bootstrap.java:311) > at org.apache.catalina.startup.Bootstrap.main(Bootstrap.java:494) > > 22-Aug-2016 12:16:22.123 SEVERE [main] > org.apache.coyote.AbstractProtocol.init Failed to initialize end point > associated with ProtocolHandler ["https-jsse-nio-8443"] > java.lang.IllegalArgumentException: java.io.FileNotFoundException: > /home/tomcat8/.keystore (No such file or directory) > at > org.apache.tomcat.util.net.AbstractJsseEndpoint.createSSLContext(AbstractJsseEndpoint.java:103) > at > org.apache.tomcat.util.net.AbstractJsseEndpoint.initialiseSsl(AbstractJsseEndpoint.java:81) > at org.apache.tomcat.util.net.NioEndpoint.bind(NioEndpoint.java:245) > at > org.apache.tomcat.util.net.AbstractEndpoint.init(AbstractEndpoint.java:866) > at > org.apache.tomcat.util.net.AbstractJsseEndpoint.init(AbstractJsseEndpoint.java:213) > at org.apache.coyote.AbstractProtocol.init(AbstractProtocol.java:558) > at > org.apache.coyote.http11.AbstractHttp11Protocol.init(AbstractHttp11Protocol.java:65) > at org.apache.catalina.connector.Connector.initInternal(Connector.java:1010) > at org.apache.catalina.util.LifecycleBase.init(LifecycleBase.java:107) > at > org.apache.catalina.core.StandardService.initInternal(StandardService.java:549) > at org.apache.catalina.util.LifecycleBase.init(LifecycleBase.java:107) > at > org.apache.catalina.core.StandardServer.initInternal(StandardServer.java:873) > at org.apache.catalina.util.LifecycleBase.init(LifecycleBase.java:107) > at org.apache.catalina.startup.Catalina.load(Catalina.java:606) > at org.apache.catalina.startup.Catalina.load(Catalina.java:629) > at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) > at > sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62) > at > sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) > at java.lang.reflect.Method.invoke(Method.java:498) > at org.apache.catalina.startup.Bootstrap.load(Bootstrap.java:311) > at org.apache.catalina.startup.Bootstrap.main(Bootstrap.java:494) > Caused by: java.io.FileNotFoundException: /home/tomcat8/.keystore (No such > file or directory) > at java.io.FileInputStream.open0(Native Method) > at java.io.FileInputStream.open(FileInputStream.java:195) > at java.io.FileInputStream.<init>(FileInputStream.java:138) > at java.io.FileInputStream.<init>(FileInputStream.java:93) > at > sun.net.www.protocol.file.FileURLConnection.connect(FileURLConnection.java:90) > at > sun.net.www.protocol.file.FileURLConnection.getInputStream(FileURLConnection.java:188) > at > org.apache.tomcat.util.file.ConfigFileLoader.getInputStream(ConfigFileLoader.java:96) > at org.apache.tomcat.util.net.SSLUtilBase.getStore(SSLUtilBase.java:129) > at > org.apache.tomcat.util.net.SSLHostConfigCertificate.getCertificateKeystore(SSLHostConfigCertificate.java:187) > at > org.apache.tomcat.util.net.jsse.JSSEUtil.getKeyManagers(JSSEUtil.java:189) > at > org.apache.tomcat.util.net.AbstractJsseEndpoint.createSSLContext(AbstractJsseEndpoint.java:101) > ... 20 more > > 22-Aug-2016 12:16:22.127 SEVERE [main] > org.apache.catalina.core.StandardService.initInternal Failed to initialize > connector [Connector[HTTP/1.1-8443]] > org.apache.catalina.LifecycleException: Failed to initialize component > [Connector[HTTP/1.1-8443]] > at org.apache.catalina.util.LifecycleBase.init(LifecycleBase.java:111) > at > org.apache.catalina.core.StandardService.initInternal(StandardService.java:549) > at org.apache.catalina.util.LifecycleBase.init(LifecycleBase.java:107) > at > org.apache.catalina.core.StandardServer.initInternal(StandardServer.java:873) > at org.apache.catalina.util.LifecycleBase.init(LifecycleBase.java:107) > at org.apache.catalina.startup.Catalina.load(Catalina.java:606) > at org.apache.catalina.startup.Catalina.load(Catalina.java:629) > at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) > at > sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62) > at > sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) > at java.lang.reflect.Method.invoke(Method.java:498) > at org.apache.catalina.startup.Bootstrap.load(Bootstrap.java:311) > at org.apache.catalina.startup.Bootstrap.main(Bootstrap.java:494) > Caused by: org.apache.catalina.LifecycleException: Protocol handler > initialization failed > at org.apache.catalina.connector.Connector.initInternal(Connector.java:1012) > at org.apache.catalina.util.LifecycleBase.init(LifecycleBase.java:107) > ... 12 more > Caused by: java.lang.IllegalArgumentException: > java.io.FileNotFoundException: /home/tomcat8/.keystore (No such file or > directory) > at > org.apache.tomcat.util.net.AbstractJsseEndpoint.createSSLContext(AbstractJsseEndpoint.java:103) > at > org.apache.tomcat.util.net.AbstractJsseEndpoint.initialiseSsl(AbstractJsseEndpoint.java:81) > at org.apache.tomcat.util.net.NioEndpoint.bind(NioEndpoint.java:245) > at > org.apache.tomcat.util.net.AbstractEndpoint.init(AbstractEndpoint.java:866) > at > org.apache.tomcat.util.net.AbstractJsseEndpoint.init(AbstractJsseEndpoint.java:213) > at org.apache.coyote.AbstractProtocol.init(AbstractProtocol.java:558) > at > org.apache.coyote.http11.AbstractHttp11Protocol.init(AbstractHttp11Protocol.java:65) > at org.apache.catalina.connector.Connector.initInternal(Connector.java:1010) > ... 13 more > Caused by: java.io.FileNotFoundException: /home/tomcat8/.keystore (No such > file or directory) > at java.io.FileInputStream.open0(Native Method) > at java.io.FileInputStream.open(FileInputStream.java:195) > at java.io.FileInputStream.<init>(FileInputStream.java:138) > at java.io.FileInputStream.<init>(FileInputStream.java:93) > at > sun.net.www.protocol.file.FileURLConnection.connect(FileURLConnection.java:90) > at > sun.net.www.protocol.file.FileURLConnection.getInputStream(FileURLConnection.java:188) > at > org.apache.tomcat.util.file.ConfigFileLoader.getInputStream(ConfigFileLoader.java:96) > at org.apache.tomcat.util.net.SSLUtilBase.getStore(SSLUtilBase.java:129) > at > org.apache.tomcat.util.net.SSLHostConfigCertificate.getCertificateKeystore(SSLHostConfigCertificate.java:187) > at > org.apache.tomcat.util.net.jsse.JSSEUtil.getKeyManagers(JSSEUtil.java:189) > at > org.apache.tomcat.util.net.AbstractJsseEndpoint.createSSLContext(AbstractJsseEndpoint.java:101) > ... 20 more > 22-Aug-2016 12:16:22.133 INFO [main] > org.apache.coyote.AbstractProtocol.init Initializing ProtocolHandler > ["ajp-nio-8009"] > 22-Aug-2016 12:16:22.142 INFO [main] > org.apache.tomcat.util.net.NioSelectorPool.getSharedSelector Using a shared > selector for servlet write/read > 22-Aug-2016 12:16:22.143 INFO [main] > org.apache.catalina.startup.Catalina.load Initialization processed in 2189 > ms > 22-Aug-2016 12:16:22.223 INFO [main] > org.apache.catalina.core.StandardService.startInternal Starting service > Catalina > 22-Aug-2016 12:16:22.224 INFO [main] > org.apache.catalina.core.StandardEngine.startInternal Starting Servlet > Engine: Apache Tomcat/8.5.4 > > Just for reference, this what I get in 8.5.3 for the same section of the > log.... > > 22-Aug-2016 06:01:15.573 INFO [main] > org.apache.coyote.AbstractProtocol.init Initializing ProtocolHandler > ["http-nio-8080"] > 22-Aug-2016 06:01:15.613 INFO [main] > org.apache.tomcat.util.net.NioSelectorPool.getSharedSelector Using a shared > selector for servlet write/read > 22-Aug-2016 06:01:15.620 INFO [main] > org.apache.coyote.AbstractProtocol.init Initializing ProtocolHandler > ["https-jsse-nio-8443"] > 22-Aug-2016 06:01:16.240 INFO [main] > org.apache.tomcat.util.net.NioSelectorPool.getSharedSelector Using a shared > selector for servlet write/read > 22-Aug-2016 06:01:16.241 INFO [main] > org.apache.coyote.AbstractProtocol.init Initializing ProtocolHandler > ["ajp-nio-8009"] > 22-Aug-2016 06:01:16.243 INFO [main] > org.apache.tomcat.util.net.NioSelectorPool.getSharedSelector Using a shared > selector for servlet write/read > 22-Aug-2016 06:01:16.245 INFO [main] > org.apache.catalina.startup.Catalina.load Initialization processed in 1491 > ms > 22-Aug-2016 06:01:16.299 INFO [main] > org.apache.catalina.core.StandardService.startInternal Starting service > Catalina > 22-Aug-2016 06:01:16.300 INFO [main] > org.apache.catalina.core.StandardEngine.startInternal Starting Servlet > Engine: Apache Tomcat/8.5.3 > > > I am attempting to use Let's Encrypts certs on Ubuntu 16.04. My setup is > pretty simple and the things I am changing is a sym link between the 8.5.3 > directory and 8.5.4, with 8.5.3 the ssl connector starts, but with 8.5.4, I > get not ssl with the above error in my logs. Am I missing something? Any > pointers or help would be greatly appreciated! > --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
