Hello, I'm using Tomcat 8.5.4, on a server 2008R2 machine, and I'm unable to
start the SSL connector.
My connector syntax is as follows:
<Connector port="8080" protocol="HTTP/1.1"
connectionTimeout="20000"
redirectPort="8443" />
<Connector port="8443"
protocol="HTTP/1.1"
maxThreads="150"
scheme="https"
secure="true"
SSLEnabled="true"
keystoreFile="c:\tomcat8\meg.keystore"
keystorePass="keystorepass"
keyAlias="meg" />
To which I receive this error in Catalina.log:
SEVERE [main] org.apache.coyote.AbstractProtocol.init Failed to initialize end
point associated with ProtocolHandler ["https-openssl-nio-8443"]
java.lang.IllegalArgumentException: java.io.IOException: Alias name meg does
not identify a key entry
However, meg is in my keystore:
Keystore type: JKS
Keystore provider: SUN
Your keystore contains 3 entries
root, Jun 25, 2018, trustedCertEntry,
Certificate fingerprint (SHA1): 02:FA:F3:E2:91:43:54:68:60:78:57:69:4D:F5:E4:5B:
68:85:18:68
meg, Jun 25, 2018, trustedCertEntry,
Certificate fingerprint (SHA1): 72:66:E4:05:94:C4:5B:4A:8A:26:20:F1:C5:7D:73:3B:
6F:24:D1:59
tomcat, Jun 25, 2018, PrivateKeyEntry,
Certificate fingerprint (SHA1): AC:D9:3B:37:E4:37:A3:E7:D2:27:D1:CF:88:D3:79:70:
84:C8:16:82
I used these steps to manage the certs:
keytool -genkey -alias tomcat -keyalg RSA -keystore c:\Tomcat8\meg.keystore
keytool -certreq -keyalg RSA -alias tomcat -file c:\tomcat8\tomcatreq.csr
-keystore c:\Tomcat8\meg.keystore
Sent CSR to InCommon CA, downloaded x509 certificate, and x509
intermedites/root certificates.
keytool -import -alias root -keystore c:\Tomcat8\meg.keystore -trustcacerts
-file "C:\Tomcat8\meg_library_albany_edu_interm.cer"
keytool -import -alias meg -keystore c:\Tomcat8\meg.keystore -file
"C:\Tomcat8\meg_library_albany_edu_cert.cer"
Any help you can give me in resolving this error is greatly appreciated.
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org
