More, Re: Problem bringing up SSL with a CA certificate

James Lampert Wed, 18 Jan 2012 14:47:05 -0800

I've now got the CA certificates the customer representative is tryingto use here, and I'm attempting to test them on our box.


I followed these instructions:


https://search.thawte.com/support/ssl-digital-certificates/index?page=content&actp=CROSSLINK&id=SO15518

rather than the ones here:

http://tomcat.apache.org/tomcat-7.0-doc/ssl-howto.html#Importing_the_Certificate

which appear to be somewhat out of date, as Thawte calls for bothprimary and secondary x.509 certificates to be loaded into the keystore.

With no explicit alias reference, and the three certificates placed inthe keystore, in the order specified by Thawte, I get:

SEVERE: Failed to initialize end point associated with ProtocolHandler ["http-bio-8443"]Throwable occurred: java.io.IOException: SSL configuration is invalid due to No available certificate or key corresponds to the SSL cipher suites which are enabled.at org.apache.tomcat.util.net.jsse.JSSESocketFactory.checkConfig(JSSESocketFactory.java:822)at org.apache.tomcat.util.net.jsse.JSSESocketFactory.init(JSSESocketFactory.java:470)at org.apache.tomcat.util.net.jsse.JSSESocketFactory.createSocket(JSSESocketFactory.java:158)at org.apache.tomcat.util.net.JIoEndpoint.bind(JIoEndpoint.java:369)at org.apache.tomcat.util.net.AbstractEndpoint.init(AbstractEndpoint.java:553)at org.apache.coyote.AbstractProtocol.init(AbstractProtocol.java:369)at org.apache.coyote.http11.AbstractHttp11JsseProtocol.init(AbstractHttp11JsseProtocol.java:119)at org.apache.catalina.connector.Connector.initInternal(Connector.java:937)at org.apache.catalina.util.LifecycleBase.init(LifecycleBase.java:102)at org.apache.catalina.core.StandardService.initInternal(StandardService.java:559)at org.apache.catalina.util.LifecycleBase.init(LifecycleBase.java:102)at org.apache.catalina.core.StandardServer.initInternal(StandardServer.java:781)at org.apache.catalina.util.LifecycleBase.init(LifecycleBase.java:102)at org.apache.catalina.startup.Catalina.load(Catalina.java:573)at org.apache.catalina.startup.Catalina.load(Catalina.java:598)at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:60)at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:37)at java.lang.reflect.Method.invoke(Method.java:611)at org.apache.catalina.startup.Bootstrap.load(Bootstrap.java:281)at org.apache.catalina.startup.Bootstrap.main(Bootstrap.java:449)Caused by: javax.net.ssl.SSLException: No available certificate or key corresponds to the SSL cipher suites which are enabled.at com.ibm.jsse2.rc.a(rc.java:53)at com.ibm.jsse2.rc.accept(rc.java:13)at org.apache.tomcat.util.net.jsse.JSSESocketFactory.checkConfig(JSSESocketFactory.java:818)... 20 moreJan 18, 2012 2:21:43 PM org.apache.catalina.core.StandardService initInternalSEVERE: Failed to initialize connector [Connector[HTTP/1.1-8443]]Throwable occurred: org.apache.catalina.LifecycleException: Failed to initialize component [Connector[HTTP/1.1-8443]]at org.apache.catalina.util.LifecycleBase.init(LifecycleBase.java:106)at org.apache.catalina.core.StandardService.initInternal(StandardService.java:559)at org.apache.catalina.util.LifecycleBase.init(LifecycleBase.java:102)at org.apache.catalina.core.StandardServer.initInternal(StandardServer.java:781)at org.apache.catalina.util.LifecycleBase.init(LifecycleBase.java:102)at org.apache.catalina.startup.Catalina.load(Catalina.java:573)at org.apache.catalina.startup.Catalina.load(Catalina.java:598)at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:60)at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:37)at java.lang.reflect.Method.invoke(Method.java:611)at org.apache.catalina.startup.Bootstrap.load(Bootstrap.java:281)at org.apache.catalina.startup.Bootstrap.main(Bootstrap.java:449)Caused by: org.apache.catalina.LifecycleException: Protocol handler initialization failedat org.apache.catalina.connector.Connector.initInternal(Connector.java:939)at org.apache.catalina.util.LifecycleBase.init(LifecycleBase.java:102)... 12 moreCaused by: java.io.IOException: SSL configuration is invalid due to No available certificate or key corresponds to the SSL cipher suites which are enabled.at org.apache.tomcat.util.net.jsse.JSSESocketFactory.checkConfig(JSSESocketFactory.java:822)at org.apache.tomcat.util.net.jsse.JSSESocketFactory.init(JSSESocketFactory.java:470)at org.apache.tomcat.util.net.jsse.JSSESocketFactory.createSocket(JSSESocketFactory.java:158)at org.apache.tomcat.util.net.JIoEndpoint.bind(JIoEndpoint.java:369)at org.apache.tomcat.util.net.AbstractEndpoint.init(AbstractEndpoint.java:553)at org.apache.coyote.AbstractProtocol.init(AbstractProtocol.java:369)at org.apache.coyote.http11.AbstractHttp11JsseProtocol.init(AbstractHttp11JsseProtocol.java:119)at org.apache.catalina.connector.Connector.initInternal(Connector.java:937)... 13 moreCaused by: javax.net.ssl.SSLException: No available certificate or key corresponds to the SSL cipher suites which are enabled.at com.ibm.jsse2.rc.a(rc.java:53)at com.ibm.jsse2.rc.accept(rc.java:13)at org.apache.tomcat.util.net.jsse.JSSESocketFactory.checkConfig(JSSESocketFactory.java:818)... 20 more

I haven't heard a single response to my earlier query, and none of thismakes any sense.


--
JHHL


---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org

More, Re: Problem bringing up SSL with a CA certificate

Reply via email to