Hi all,
The version details :
====================================
Using CATALINA_BASE: /apps/TOMCAT/tomcat
Using CATALINA_HOME: /apps/TOMCAT/tomcat
Using CATALINA_TMPDIR: /apps/TOMCAT/tomcat/temp
Using JRE_HOME: /usr
Using CLASSPATH:
/apps/TOMCAT/tomcat/bin/bootstrap.jar:/apps/TOMCAT/tomcat/bin/tomcat-juli.jar
Server version: Apache Tomcat/8.5.4
Server built: Jul 6 2016 08:43:30 UTC
Server number: 8.5.4.0
OS Name: SunOS
OS Version: 5.11
Architecture: sparcv9
JVM Version: 1.8.0_92-b14
JVM Vendor: Oracle Corporation
====================================
Keytool list :
====================================
keytool -list
Enter keystore password:
Keystore type: JKS
Keystore provider: SUN
Your keystore contains 3 entries
root, Sep 16, 2016, trustedCertEntry,
Certificate fingerprint (SHA1): xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:
intermediate, Sep 16, 2016, trustedCertEntry,
Certificate fingerprint (SHA1): xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:
server, Sep 16, 2016, PrivateKeyEntry,
Certificate fingerprint (SHA1): xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:
====================================
The server.xml connector
====================================
<!-- Define a SSL/TLS HTTP/1.1 Connector on port 8443
This connector uses the NIO implementation with the JSSE engine.
When
using the JSSE engine, the JSSE configuration attributes must be
used.
-->
<Connector
port="8443"
protocol="org.apache.coyote.http11.Http11NioProtocol"
maxThreads="150"
SSLEnabled="true"
keystorePass="XXXXX"
sslProtocol="TLS"
clientAuth="false">
scheme="https"
keyAlias="server"
certificateKeystoreFile="/apps/JAVA/tomcat.jks"
<!-- <SSLHostConfig>
<Certificate certificateKeystoreFile="/apps/JAVA/tomcat.jks"
type="RSA" />
</SSLHostConfig>
-->
</Connector>
I'm running a configtest.sh and i get the following :
====================================
SEVERE: Failed to initialize end point associated with ProtocolHandler
["https-jsse-nio-8443"]
java.lang.IllegalArgumentException: java.io.IOException: Alias name tomcat
does not identify a key entry
.
.
SEVERE: Failed to initialize connector [Connector[HTTP/1.1-8443]]
org.apache.catalina.LifecycleException: Failed to initialize component
[Connector[HTTP/1.1-8443]]
.
.
Caused by: org.apache.catalina.LifecycleException: Protocol handler
initialization failed
at
org.apache.catalina.connector.Connector.initInternal(Connector.java:1012)
at
org.apache.catalina.util.LifecycleBase.init(LifecycleBase.java:107)
... 12 more
Caused by: java.lang.IllegalArgumentException: java.io.IOException: Alias
name tomcat does not identify a key entry
at
org.apache.tomcat.util.net.AbstractJsseEndpoint.createSSLContext(AbstractJsseEndpoint.java:103)
at
org.apache.tomcat.util.net.AbstractJsseEndpoint.initialiseSsl(AbstractJsseEndpoint.java:81)
at org.apache.tomcat.util.net.NioEndpoint.bind(NioEndpoint.java:245)
at
org.apache.tomcat.util.net.AbstractEndpoint.init(AbstractEndpoint.java:866)
at
org.apache.tomcat.util.net.AbstractJsseEndpoint.init(AbstractJsseEndpoint.java:213)
at
org.apache.coyote.AbstractProtocol.init(AbstractProtocol.java:558)
at
org.apache.coyote.http11.AbstractHttp11Protocol.init(AbstractHttp11Protocol.java:65)
at
org.apache.catalina.connector.Connector.initInternal(Connector.java:1010)
... 13 more
Caused by: java.io.IOException: Alias name tomcat does not identify a key
entry
at
org.apache.tomcat.util.net.jsse.JSSEUtil.getKeyManagers(JSSEUtil.java:213)
at
org.apache.tomcat.util.net.AbstractJsseEndpoint.createSSLContext(AbstractJsseEndpoint.java:101)
... 20 more
====================================
I cannot make out where it picks up the alias tomcat
The keyalias specified in the server.xml doesn't look like having an impact
The entry certificateKeystoreFile="/apps/JAVA/tomcat.jks" didn't have an
impact and i had to create a $USER/.keystore file
Cheers
OSP
