Too many certificates in chain?!? Help!

Wed, 17 May 2023 16:59:59 -0700 

Ladies and Gentlemen:
I just had to revert a customer Tomcat server immediately after plugging in a new keystore. 

It failed in protocol handler initialization.


  Caused by: java.lang.IllegalArgumentException: Too many certificates 
in chain
  at 
org.apache.tomcat.util.net.AbstractJsseEndpoint.createSSLContext(AbstractJsseEndpoint.java:100)
  at 
org.apache.tomcat.util.net.AbstractJsseEndpoint.initialiseSsl(AbstractJsseEndpoint.java:72) 

  at org.apache.tomcat.util.net.NioEndpoint.bind(NioEndpoint.java:246) 

  at 
org.apache.tomcat.util.net.AbstractEndpoint.init(AbstractEndpoint.java:1161) 

  at 
org.apache.tomcat.util.net.AbstractJsseEndpoint.init(AbstractJsseEndpoint.java:222) 

  at org.apache.coyote.AbstractProtocol.init(AbstractProtocol.java:599) 

  at 
org.apache.coyote.http11.AbstractHttp11Protocol.init(AbstractHttp11Protocol.java:80) 

  at 
org.apache.catalina.connector.Connector.initInternal(Connector.java:1074) 


 . . .


I've never seen anything like this before. According to KeyStore 
Explorer 5.4.4, the chain consists of a root, an intermediate, and the 
signed certificate for the web site. And the root and intermediate are 
exactly the same root and intermediate as the last good keystore.


Can anybody shed any light on what went wrong?


Tomorrow morning, I'm going to try plugging the keystore into a Tomcat 
server on an AS/400 in the office, to see if I can reproduce it.


--
James H. H. Lampert

---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org























					Reply via email to