Re: Tomcat7 APR Connectors Config: Unable to load certificate key conf/key1cert.pem

Scott Li Wed, 24 Nov 2010 17:26:11 -0800

Dear Goo Sam Kong,

        It' OK now ,  Thank you very much!


I changed the cert file config as below:

<Connector port="443" maxHttpHeaderSize="8192"
   maxThreads="150" minSpareThreads="25"
   enableLookups="false" disableUploadTimeout="true"
   acceptCount="100" scheme="https" secure="true"
   clientAuth="false"
   SSLEnabled="true"
   protocol="org.apache.coyote.http11.Http11AprProtocol"
   SSLCertificateFile="D:\TDDownload\apache-tomcat-7.0.4\conf\key1cert.pem"
   SSLCertificateKeyFile="D:\TDDownload\apache-tomcat-7.0.4\conf\key1.pem"
   SSLPassword="test"
  />

and restart tomcat, but find another error below:

Error initializing endpoint
java.lang.Exception: Socket bind failed: [730048]
??????????????????×??????(Э??é/??????????????/??????)????????í????
 at org.apache.tomcat.util.net.AprEndpoint.init(AprEndpoint.java:412)
 at org.apache.coyote.ajp.AjpAprProtocol.init(AjpAprProtocol.java:89)
 at org.apache.catalina.connector.Connector.initInternal(Connector.java:873)
 at org.apache.catalina.util.LifecycleBase.init(LifecycleBase.java:100)
 at
org.apache.catalina.core.StandardService.initInternal(StandardService.java:542)
 at org.apache.catalina.util.LifecycleBase.init(LifecycleBase.java:100)
 at
org.apache.catalina.core.StandardServer.initInternal(StandardServer.java:717)
 at org.apache.catalina.util.LifecycleBase.init(LifecycleBase.java:100)
 at org.apache.catalina.startup.Catalina.load(Catalina.java:544)
 at org.apache.catalina.startup.Catalina.load(Catalina.java:567)
 at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
 at
sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
 at
sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
 at java.lang.reflect.Method.invoke(Method.java:597)
 at org.apache.catalina.startup.Bootstrap.load(Bootstrap.java:262)
 at org.apache.catalina.startup.Bootstrap.main(Bootstrap.java:417)
2010-11-25 9:17:14 org.apache.catalina.core.StandardService initInternal
严重: Failed to initialize connector [Connector[AJP/1.3-8009]]
LifecycleException:  Protocol handler initialization failed:
java.lang.Exception: Socket bind failed: [730048]
??????????????????×??????(Э??é/??????????????/??????)????????í????
 at org.apache.catalina.connector.Connector.initInternal(Connector.java:875)
 at org.apache.catalina.util.LifecycleBase.init(LifecycleBase.java:100)


I opened the task management, and closed all the javaw.exe processes,
 restart Tomcat again,
https://localhost/ can open now, thx!



在 2010年11月25日 上午8:45，Goo Sam Kong <skgo...@gmail.com>写道：

> Hi Scott,
>
> The exception was caused by wrong setting in your original HTTPS connector
> settings...
>
> In Mark's email, you need to put conf/key1cert.pem in SSLCertificateFile
> attribute and conf/key1.pem in SSLCertificateKeyFile attribute.
>
>
> 2010/11/24 Scott Li <scott...@gwghk.com>
>
>  > thanks Mark Thomas and Goo Sam Kong
> >
> > I followed  Goo Sam Kong 's config  still have errors:
> >
> > Loaded APR based Apache Tomcat Native library 1.1.20.
> > 2010-11-24 17:38:43 org.apache.catalina.core.AprLifecycleListener init
> > 信息: APR capabilities: IPv6 [true], sendfile [true], accept filters
> [false],
> > random [true].
> > 2010-11-24 17:38:43 org.apache.coyote.http11.Http11AprProtocol init
> > 严重: Error initializing endpoint
> > java.lang.Exception: Unable to load certificate key
> > D:\TDDownload\apache-tomcat-7.0.4\conf\key1cert.pem (error:0906D06C:PEM
> > routines:PEM_read_bio:no start line)
> >  at org.apache.tomcat.jni.SSLContext.setCertificate(Native Method)
> >  at org.apache.tomcat.util.net.AprEndpoint.init(AprEndpoint.java:501)
> >  at
> >
> org.apache.coyote.http11.Http11AprProtocol.init(Http11AprProtocol.java:80)
> >  at
> > org.apache.catalina.connector.Connector.initInternal(Connector.java:873)
> >  at org.apache.catalina.util.LifecycleBase.init(LifecycleBase.java:100)
> >  at
> >
> >
> org.apache.catalina.core.StandardService.initInternal(StandardService.java:542)
> >  at org.apache.catalina.util.LifecycleBase.init(LifecycleBase.java:100)
> >  at
> >
> >
> org.apache.catalina.core.StandardServer.initInternal(StandardServer.java:717)
> >  at org.apache.catalina.util.LifecycleBase.init(LifecycleBase.java:100)
> >  at org.apache.catalina.startup.Catalina.load(Catalina.java:544)
> >  at org.apache.catalina.startup.Catalina.load(Catalina.java:567)
> >  at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
> >  at
> >
> >
> sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
> >  at
> >
> >
> sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
> >  at java.lang.reflect.Method.invoke(Method.java:597)
> >  at org.apache.catalina.startup.Bootstrap.load(Bootstrap.java:262)
> >  at org.apache.catalina.startup.Bootstrap.main(Bootstrap.java:417)
> > 2010-11-24 17:38:43 org.apache.catalina.core.StandardService initInternal
> > 严重: Failed to initialize connector [Connector[HTTP/1.1-443]]
> > LifecycleException:  Protocol handler initialization failed:
> > java.lang.Exception: Unable to load certificate key
> > D:\TDDownload\apache-tomcat-7.0.4\conf\key1cert.pem (error:0906D06C:PEM
> > routines:PEM_read_bio:no start line)
> >  at
> > org.apache.catalina.connector.Connector.initInternal(Connector.java:875)
> >
> >
> > update config as follow,
> >
> > <Connector port="443" maxHttpHeaderSize="8192"
> >   maxThreads="150" minSpareThreads="25"
> >   enableLookups="false" disableUploadTimeout="true"
> >   acceptCount="100" scheme="https" secure="true"
> >   clientAuth="false"
> >    SSLEnabled="true"
> >   protocol="org.apache.coyote.http11.Http11AprProtocol"
> >    SSLCertificateFile="D:\TDDownload\apache-tomcat-7.0.4\conf\key1.pem"
> >
> >
> SSLCertificateKeyFile="D:\TDDownload\apache-tomcat-7.0.4\conf\key1cert.pem"
> >    SSLPassword="test"
> >  />
> >
> >  <Connector port="8009" enableLookups="false" redirectPort="443"
> > protocol="AJP/1.3" />
> >
> > I find my SSLCertificateFile is *.pem, and Goo Sam Kong's crt, key, how
> do
> > you create these files, not use OpenSSL?
> >
> >
> > 在 2010年11月24日 下午5:10，Goo Sam Kong <skgo...@gmail.com>写道：
> >
> > > Hi Scott,
> > >
> > > My working HTTPS connector using APR settings as below:
> > >
> > >    <Connector port="8443"
> > >               protocol="org.apache.coyote.http11.Http11AprProtocol"
> > >               SSLEnabled="true"
> > >               maxThreads="150"
> > >               scheme="https"
> > >               secure="true"
> > >               SSLCertificateFile="C:\usr\tomcat\tomcat.crt"
> > >               SSLCertificateKeyFile="C:\usr\tomcat\tomcat.key"
> > >               SSLPassword="123456"
> > >    />
> > >
> > > Try to remove SSLEngine attribute and add protocol attribute, then
> > re-start
> > > Tomcat.
> > >
> > > --
> > > Thanks & Regards,
> > >
> > > Scott Li
> > >
> >
>



-- 
Thanks & Regards,

Scott Li

Re: Tomcat7 APR Connectors Config: Unable to load certificate key conf/key1cert.pem

Reply via email to