Tomcat 6 - Configuration of SSL

Hey Guys,

I am having problems setting up my Tomcat with SSL. I would really appreciate some help with it. I am using Tomcat 6 on Windows 7. Below are the steps I have taken so far:

1 - Generated a .keystore file.
2 - In server.xml file I uncommented the SSL connector and configured it as follows:

<Connector port="8443" protocol="HTTP/1.1" SSLEnabled="true" maxThreads="150" scheme="https" secure="true" clientAuth="false" sslProtocol="TLS" keystore="C:/Program Files (x86)/Apache Software Foundation/apache-tomcat-6.0.36/conf/keystore/.keystore" keypass="changeit" />

When I startup Tomcat I see three errors in the log. They are:

1

SEVERE: Error initializing endpoint
java.lang.Exception: No Certificate file specified or invalid file format
at org.apache.tomcat.jni.SSLContext.setCertificate(Native Method)

and 2

SEVERE: Error starting endpoint
java.lang.Exception: Socket bind failed: [730048] Only one usage of each socket address (protocol/network address/port) is normally permitted.
at org.apache.tomcat.util.net.AprEndpoint.init(AprEndpoint.java:649)

and 3

SEVERE: Failed to start connector [Connector[HTTP/1.1-8443]]
LifecycleException: service.getName(): "Catalina"; Protocol handler start failed: java.lang.Exception: Socket bind failed: [730048] Only one usage of each socket address (protocol/network address/port) is normally permitted.

I think if i fix the first error I will be in business. However, I have been rooting around for a few hours searching for solutions and trying different things but with no success. I would greatly appreciate your help.

Thanks,

G

2 hints:

1) because it's windows
try to put keystore in directories without spaces

2) because socket bind exceptions
make sure that nothing else listen on that port, and make sure you don't have two connectors on the same port

Thanks K but unfortunately that hasn't helped. I did try both of those things before posting. I appreciate your help all the same

Any other ideas anybody?

Thanks,

G

When you get a "socket in use" error, either some other app is already listening on that socket ("There Can Be Only One!"), you didn't fully shut down Tomcat previously, or you attempted 2 different services to use the same socket; for example, if you had uncommented a Connector definition but someone else had already inserted a Connector definition of their own into that server.xml.

On the keystore, try using the command-line keytool utility to open and list what's in the keystore using the full path. That is:

keytool -k "C:/Program Files (x86)/Apache Software Foundation/apache-tomcat-6.0.36/conf/keystore/.keystore" ....

If that works, check that the keystore can be accessed by the userID that Tomcat runs under.

Hey Tim,

thanks for the advice. I couldnt figure it out so installed my JDK and tomcat again, started from scratch and got going....ish.

My next issue is that when I hit the url localhost:8443, nothing opens up but a file downloads named 'download'.

Do you have any ideas?

g

I got a resolution.

I get the file name 'download' when I go to

http://localhost:8080/

I get the page I was expecting when I go to

https://localhost:8080/



thanks guys