Hello, We migrated our application that was running fine on 8.0.37 to 8.5.20 and on startup we receive:
java.lang.IllegalArgumentException: java.security.KeyStoreException: Cannot store non-PrivateKeys I unfortunately deleted the logs and under time pressure we had to go back to 8.0.37 so I don't have the full stacktrace. But I didn't see anything else in them that looked helpful. I've googled and couldn't really get any good answers that applied to us.This seemed a bit similar but we do have sslEnabled set (and the issue is apparently fixed)... http://tomcat.10.x6.nabble.com/SSL-inconsistency-td5052956.html I've tried modifying the connector based off the current 8.5 documentation. But always get the above. We're on: CentOS release 6.9 (Final), Java version "1.8.0_144" <Connector port="443" protocol="org.apache.coyote.http11.Http11NioProtocol" maxThreads="150" SSLEnabled="true" asyncTimeout="60000" compression="on" scheme="https" secure="true" > <SSLHostConfig ciphers="TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA, TLS_RSA_WITH_3DES_EDE_CBC_SHA, TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256, TLS_RSA_WITH_AES_128_CBC_SHA256, TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA, TLS_RSA_WITH_AES_128_CBC_SHA, TLS_ECDHE_RSA_WITH_RC4_128_SHA, TLS_RSA_WITH_RC4_128_SHA, TLS_RSA_WITH_RC4_128_MD5" sslEnabledProtocols="TLSv1,TSLv1.1,TLSv1.2" sslProtocol="TLS" certificateVerification="false" > <Certificate certificateKeystoreFile="masked" certificateKeystorePassword="masked" type="RSA" /> </SSLHostConfig> </Connector>
