-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 André,
On 9/20/16 7:51 PM, André Warnier (tomcat) wrote: > On 20.09.2016 19:21, Dono Harjanto wrote: >> Hi André, >> >>> -----Original Message----- From: André Warnier (tomcat) >>> [mailto:a...@ice-sa.com] Sent: Tuesday, September 20, 2016 12:13 >>> AM To: users@tomcat.apache.org Subject: Re: TLS 1.2 Handshake >>> on Tomcat 7.0.39 Getting Internal Error: Key format must be >>> RAW >>> >>> On 20.09.2016 09:06, André Warnier (tomcat) wrote: >>>> On 19.09.2016 18:45, Dono Harjanto wrote: >>>>> Hi All, >>>>> >>>>> >>>>> We have a web app deployed on 3 different servers, all >>>>> running Tomcat 7.0.39 and Java 8 (update 101/102). Here is >>>>> the operating system on each >>> server: >>>>> >>>>> - Production: CentOS 6.4 >>>>> >>>>> - Staging 1: CentOS 6.5 >>>>> >>>>> - Staging 2: CentOS 6.7 >>>>> >>>>> >>>> >>>> Java versions ? >>> >>> Sorry for the noise, did not read the above carefully enough. >>> Are you sure they are really using the same Java version, >>> though ? (/etc/alternatives and all that) >>> >> >> Result from running "ps -ef | grep tomcat" command (truncated) on >> all instances: Production: 502 29119 1 2 Sep14 ? >> 03:08:08 /usr/java/latest/bin/java >> -Djava.util.logging.config.file=/var/www/tomcat/conf/logging.properti es >> -Djava.util.logging.manager=org.apache.juli.ClassLoaderLogManager >> >> - -Xms1024m -Xmx20 >> >> Staging: 502 25138 1 3 Sep15 ? 03:30:29 >> /usr/java/latest/bin/java >> -Djava.util.logging.config.file=/var/www/tomcat/conf/logging.properti es >> -Djava.util.logging.manager=org.apache.juli.ClassLoaderLogManager >> >> - -Xms1024m -Xmx2048m -XX:MaxPermS >> >> The content of /usr/java/ folder which shows latest is pointing >> to jre1.8.0_102 instead of jre1.7.0_21. >> >> Production: lrwxrwxrwx. 1 root root 16 Apr 26 2013 default -> >> /usr/java/latest drwxr-xr-x. 6 root root 4096 Apr 26 2013 >> jre1.7.0_21 drwxr-xr-x. 7 root root 4096 Aug 1 20:43 >> jre1.8.0_102 lrwxrwxrwx. 1 root root 22 Sep 17 00:22 latest -> >> /usr/java/jre1.8.0_102 >> >> Staging: lrwxrwxrwx. 1 root root 16 Aug 14 2014 default -> >> /usr/java/latest drwxr-xr-x. 9 root root 4096 Sep 7 18:53 >> jdk1.8.0_60 drwxr-xr-x. 6 root root 4096 Aug 14 2014 >> jre1.7.0_60 drwxr-xr-x. 7 root root 4096 Sep 14 21:25 >> jre1.8.0_102 drwxr-xr-x. 7 root root 4096 Sep 7 18:51 >> jre1.8.0_60 lrwxrwxrwx. 1 root root 22 Sep 14 21:55 latest -> >> /usr/java/jre1.8.0_102 >> >> So it's definitely using Java 8 instead of Java 7. > > The purpose of my question was : - according to your Connector > configuration, you are using the Java BIO Connector, hence the Java > SSL implementation. - so I wanted to ascertain that a possible > hidden difference between the Java version used on the various > systems, could not be linked to your issue. According to the above, > that does not seem to be the case (or at least not since Sept 17). > > On the problem itself unfortunately, I am not qualified to help. > > Searching Google provides some apparently related links however : > http://lmgtfy.com/?q=java.security.InvalidAlgorithmParameterException% 3A+Key+format+must+be+RAW > > > > Now just a question related to one of these links : are your > staging servers and your production server located in the same > country ? This may be the most promising page on the Internet, but of course Red Hat wants you to pay to read it: https://access.redhat.com/solutions/1309153 I can't see the "verified solution", or I'd reprint it here without permission :) - -chris -----BEGIN PGP SIGNATURE----- Comment: GPGTools - http://gpgtools.org Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/ iQIcBAEBCAAGBQJX4pvUAAoJEBzwKT+lPKRY3ycP/RTfuy2wwbDxUcea4H50MSdW NA9nsVyQpHg0bp1ONF5uuW1zBK9752inZPh7CPU79PcuRzHUoTKvxsHYxYOvM7uo 7p1ufBNmkMySK1aI5gUZJklKnS7va2npMGCuU6DLauRB592Dg82UOISHLohjnWum hkIvfJmduJezr4Lcjt6Ivje8qB83Up44cA0ngGcRVYX4bmpFo8JlQa1fPFg/Ren9 PHD6HSw9dOzib/h3cOXNS95UReyCRGjZz8hG/+BED26cp8+WBri5GwQGGGoZ0/19 H2JZvvNXB1WaTcLM20VuQcE0qv0WKG5d8lVRyP0ilJ+AWGhR2Xai4RrQxdzlpUZS 7Z++A9g0DWai1Xev/AXvk8es89MzSxNw0ltNPf8uVDXwK2PbyQEeQConXUF056TT TDtmuXQETwRGKr+3lKEYOnUc6eh5Cwu7eKOHBMAESjaUYt1G/mNCJYDiGWdLA/N5 +HQIMiqannnVFq1I7uxzs7g9gdd1eta5QhQm1adMZNKO7dgeewjn1oiZ9IbSwMZV WJPJNtsupPkR+D0AzNVg3+uvg9W+7lGA48CfV1qvujE7thQXn0Q90jBCBZpxxJYM E0HYx3OijLC0xEQuBRioK5dV0T+dl1EEvNx9tzTAQi4Pd5OcG2xiXDRk/3vMs7eU NxeTCeNhRBqznkK59EYn =CLl+ -----END PGP SIGNATURE----- --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
