your server.xml shows TWO connectors for port 8443; that second one (with all the certificate entries) is then causing the errror:
> Caused by: java.net.BindException: Address already in use As that one is probably the one you want to be using, delete or comment out the first connector for port 8443.... On Thu, Aug 2, 2018 at 1:24 PM, Venkataraman Srinivasan < venkataraman.sriniva...@gcrta.org> wrote: > > Hi , > > I am using tomcat version 8.5.32 > > > I made the below entry in Server.xml > > <Service name="Catalina"> > > <!--The connectors can use a shared executor, you can define one or > more named thread pools--> > <!-- > <Executor name="tomcatThreadPool" namePrefix="catalina-exec-" > maxThreads="150" minSpareThreads="4"/> > --> > > > <!-- A "Connector" represents an endpoint by which requests are > received > and responses are returned. Documentation at : > Java HTTP Connector: /docs/config/http.html > Java AJP Connector: /docs/config/ajp.html > APR (HTTP/AJP) Connector: /docs/apr.html > Define a non-SSL/TLS HTTP/1.1 Connector on port 8080 > --> > <Connector port="8443" protocol="HTTP/1.1" > connectionTimeout="20000" > /> > > > > > <Connector port="8443" protocol="org.apache.coyote. > http11.Http11NioProtocol" > sslImplementationName="org.apache.tomcat.util.net.jsse. > JSSEImplementation" > maxThreads="200" secure="true" scheme="https" > > <Certificate certificateFile="/home/apexadmin/.keystore" > keystorePass="xxxxx" type="RSA" > clientAuth="false" SSLEnabled="true" > sslProtocol="TLS" > > > </Certificate> > </Connector> > > ' > When I tried to login, https://webapxt03.rta:8443, the log file > catalina.2018-08-02.log recorded as below > > > CATALINA.OUT has got entries as below > > > 02-Aug-2018 14:04:24.926 SEVERE [main] > org.apache.catalina.core.StandardService.initInternal > Failed to initialize connector [Connector[HTTP/1.1-8443]] > org.apache.catalina.LifecycleException: Failed to initialize component > [Connector[HTTP/1.1-8443]] > at org.apache.catalina.util.LifecycleBase.init( > LifecycleBase.java:112) > at org.apache.catalina.core.StandardService.initInternal( > StandardService.java:549) > at org.apache.catalina.util.LifecycleBase.init( > LifecycleBase.java:107) > at org.apache.catalina.core.StandardServer.initInternal( > StandardServer.java:875) > at org.apache.catalina.util.LifecycleBase.init( > LifecycleBase.java:107) > at org.apache.catalina.startup.Catalina.load(Catalina.java:632) > at org.apache.catalina.startup.Catalina.load(Catalina.java:655) > at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) > at sun.reflect.NativeMethodAccessorImpl.invoke( > NativeMethodAccessorImpl.java:57) > at sun.reflect.DelegatingMethodAccessorImpl.invoke( > DelegatingMethodAccessorImpl.java:43) > at java.lang.reflect.Method.invoke(Method.java:606) > at org.apache.catalina.startup.Bootstrap.load(Bootstrap.java:309) > at org.apache.catalina.startup.Bootstrap.main(Bootstrap.java:492) > Caused by: org.apache.catalina.LifecycleException: Protocol handler > initialization failed > at org.apache.catalina.connector.Connector.initInternal( > Connector.java:995) > at org.apache.catalina.util.LifecycleBase.init( > LifecycleBase.java:107) > ... 12 more > Caused by: java.net.BindException: Address already in use > at sun.nio.ch.Net.bind0(Native Method) > at sun.nio.ch.Net.bind(Net.java:444) > at sun.nio.ch.Net.bind(Net.java:436) > at sun.nio.ch.ServerSocketChannelImpl.bind( > ServerSocketChannelImpl.java:214) > at sun.nio.ch.ServerSocketAdaptor.bind( > ServerSocketAdaptor.java:74) > at org.apache.tomcat.util.net.NioEndpoint.bind(NioEndpoint. > java:210) > at org.apache.tomcat.util.net.AbstractEndpoint.init( > AbstractEndpoint.java:1086) > at org.apache.tomcat.util.net.AbstractJsseEndpoint.init( > AbstractJsseEndpoint.java:268) > at org.apache.coyote.AbstractProtocol.init( > AbstractProtocol.java:581) > at org.apache.coyote.http11.AbstractHttp11Protocol.init( > AbstractHttp11Protocol.java:68) > at org.apache.catalina.connector.Connector.initInternal( > Connector.java:993) > ... 13 more > > > I used SSL/TLS Configuration HOW-TO of Apache Tomcat 7 document > > > > >>> Christopher Schultz <ch...@christopherschultz.net> 8/2/2018 12:44 PM > >>> > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA256 > > Venkataraman, > > On 8/2/18 12:14 PM, Venkataraman Srinivasan wrote: > > Chris, > > > > Thanks for your reply. I will implement your recommendations in my > > next iterations. > > > > Currently I did as below. > > > > I copied the keystore file as /home/apexadmin/.keystore > > > > and made below entry in server.xml > > What version of Tomcat are you using? Which part of the user guide are > you reading? I just want to make sure you are following the right > guide for the right version. > > > <Connector port="8080" > > protocol="org.apache.coyote.http11.Http11NioProtocol" > > maxThreads="200" redirectPort="8443" scheme="https" > <Certificate > > certificateFile="/home/apexadmin/.keystore" keystorePass="xxxxx" > > type="RSA" clientAuth="false" SSLEnabled="true" sslProtocol="TLS" > >> > > </Certificate> </Connector> > > You will need to set a few more attributes on the <Connector>: > > SSLEnabled="true" > secure="true" > > The next part depends upon your Tomcat version. > > > Opened the port 8443 and recycled tomcat. > > The <Connector> defined above is listening on port 8080. That is > unusual; most people would expect port 8080 to be a plaintext HTTP > port, while port 8443 would be the non-privileged HTTPS port. > > Especially for testing, consider leaving the <Connector> for port 8080 > as it was originally defined (without HTTPS) and configure a second > <Connector> for HTTPS on port 8443. > > - -chris > -----BEGIN PGP SIGNATURE----- > Comment: GPGTools - http://gpgtools.org > Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/ > > iQIzBAEBCAAdFiEEMmKgYcQvxMe7tcJcHPApP6U8pFgFAltjNNYACgkQHPApP6U8 > pFi2UQ//SPU5itX1zh/lV/ICZYTOwiSSeF8EQfxWK1bZ9jCx3Pk44AMBRMRQqjl2 > HMKRH/LsSMQp5iwtVBFKbjZyjG8btNMnmREUjFkMJHoFUh1IK0WVqybpeUSnl2BH > +TdS6Z9twZd5q9/UybsJZScdgfV9IFECAM9xmG21ty92+xBqkbeSPUc62gf/A783 > 4P6yAYLIM3ctMHIzjwTJQ78vxTxLjsfrXvQaIC/dGefrKM6dcpxklQ/me4JNp6Lu > GajNkuEhm20u8P172rVFdqr4NgdGlLd6UP3XXeRl1BNnCvvAI9B/HsYQ1ZOZ1pDe > Zh3Jjamdx8neCBoZBCB7Pg/BmyuJ3RQRkA2w4APIMxoY7Bw0aYT2JpZdQqUaLFN+ > Omzqf4pjpyFfRYlyhsTmbFviqbaIT4+XJ+SZPt4TYUuqawGp7vRJOTaQwfyJfJq+ > he0XNEJWNGOzPjcdyuoJevjLONM0h7fenTAfZUUTkzmLxkMoRMSO9sIkQy46f4Z7 > vG7x3MdSvrJKgWEbUSKjsCvtuYfCATf7bPk+1KJQUTMiSmk/E8OVq6q9BrcOVl1Z > NXWPHOT3rN0JBtBbZNzmBPz3yYywy5zKD6FTeBwbQDn2Z+KInfMOT7+40954PUXI > j4b4vEL1H0hunoV9hRKUHpeQbLOumITocQ6Wzd9vmo6qA1tys2U= > =lTPy > -----END PGP SIGNATURE----- > > --------------------------------------------------------------------- > To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org > For additional commands, e-mail: users-h...@tomcat.apache.org > > > ---------- > > This email has been scanned for spam and viruses. Visit the following link > to report this email as spam: > https://attseg.cloud-protect.net/index01.php?mod_id=11&mod_ > option=logitem&mail_id=1533228251-jk51pyRbptjj&r_address=venkataraman. > srinivasan%40gcrta.org&report=1 > > --------------------------------------------------------------------- > To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org > For additional commands, e-mail: users-h...@tomcat.apache.org > >
