• Post Reply Bookmark Topic Watch Topic
  • New Topic
programming forums Java Mobile Certification Databases Caching Books Engineering Micro Controllers OS Languages Paradigms IDEs Build Tools Frameworks Application Servers Open Source This Site Careers Other Pie Elite all forums
this forum made possible by our volunteer staff, including ...
Marshals:
  • Campbell Ritchie
  • Ron McLeod
  • Paul Clapham
  • Rob Spoor
  • Liutauras Vilda
Sheriffs:
  • Jeanne Boyarsky
  • Junilu Lacar
  • Tim Cooke
Saloon Keepers:
  • Tim Holloway
  • Piet Souris
  • Stephan van Hulst
  • Tim Moores
  • Carey Brown
Bartenders:
  • Frits Walraven
  • Himai Minh

Tomcat SSL configuration issue - java.io.IOException: jsse.invalid_ssl_conf

 
Ranch Hand
Posts: 104
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator


Hello Guys,

Could you throw some light on this issue:

I have configured the SSL/https port for Tomcat as per the configuration mentioned in Tomcat site

(1)Generated a key using KeyTool
(2)Generated a CSR
(3)Got the Verisign- CA certificate
(4)Imported the CERT using Keytool (successful)
(5)Uncommented the https connector port in tomcat's server.xml


Here is the exception in Catelina log file:

java.io.IOException: jsse.invalid_ssl_conf
at org.apache.tomcat.util.net.jsse.JSSESocketFactory.checkConfig(JSSESocketFactory.java:755)
at org.apache.tomcat.util.net.jsse.JSSESocketFactory.init(JSSESocketFactory.java:460)
at org.apache.tomcat.util.net.jsse.JSSESocketFactory.createSocket(JSSESocketFactory.java:130)
at org.apache.tomcat.util.net.JIoEndpoint.init(JIoEndpoint.java:538)
at org.apache.coyote.http11.Http11Protocol.init(Http11Protocol.java:176)
at org.apache.catalina.connector.Connector.initialize(Connector.java:1014)
at org.apache.catalina.core.StandardService.initialize(StandardService.java:680)
at org.apache.catalina.core.StandardServer.initialize(StandardServer.java:795)
at org.apache.catalina.startup.Catalina.load(Catalina.java:524)
at org.apache.catalina.startup.Catalina.load(Catalina.java:548)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(Unknown Source)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(Unknown Source)
at java.lang.reflect.Method.invoke(Unknown Source)
at org.apache.catalina.startup.Bootstrap.load(Bootstrap.java:261)
at org.apache.catalina.startup.Bootstrap.main(Bootstrap.java:413)
Caused by: javax.net.ssl.SSLException: No available certificate or key corresponds to the SSL cipher suites which are enabled.
at com.sun.net.ssl.internal.ssl.SSLServerSocketImpl.checkEnabledSuites(Unknown Source)
at com.sun.net.ssl.internal.ssl.SSLServerSocketImpl.accept(Unknown Source)
at org.apache.tomcat.util.net.jsse.JSSESocketFactory.checkConfig(JSSESocketFactory.java:751)
... 15 more
Jul 27, 2011 11:11:14 AM org.apache.catalina.startup.Catalina load
SEVERE: Catalina.start
LifecycleException: Protocol handler initialization failed: java.io.IOException: jsse.invalid_ssl_conf
at org.apache.catalina.connector.Connector.initialize(Connector.java:1016)
at org.apache.catalina.core.StandardService.initialize(StandardService.java:680)
at org.apache.catalina.core.StandardServer.initialize(StandardServer.java:795)
at org.apache.catalina.startup.Catalina.load(Catalina.java:524)
at org.apache.catalina.startup.Catalina.load(Catalina.java:548)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(Unknown Source)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(Unknown Source)
at java.lang.reflect.Method.invoke(Unknown Source)
at org.apache.catalina.startup.Bootstrap.load(Bootstrap.java:261)
at org.apache.catalina.startup.Bootstrap.main(Bootstrap.java:413)




I checked the key and the alias tomcat is present in it.
keytool -list -keystore hakioskcheckin2_key -storepass XXXXXX

Keystore type: JKS
Keystore provider: SUN

Your keystore contains 1 entry

tomcat, Jul 26, 2011, trustedCertEntry,
Certificate fingerprint (MD5): -removed intentionally-


Server.xml updated with below:

<Connector port="8443" protocol="HTTP/1.1" SSLEnabled="true"
keystoreFile="C:\Program Files\Java\jre6\bin\hakioskcheckin2_key"
keystorePass="Hawaiian1"
maxThreads="150" scheme="https" secure="true"
clientAuth="false" sslProtocol="TLS" />



Thanks in advance,

Sammaiah
 
passwords must contain 14 characters, a number, punctuation, a small bird, a bit of cheese and a tiny ad.
the value of filler advertising in 2021
https://coderanch.com/t/730886/filler-advertising
reply
    Bookmark Topic Watch Topic
  • New Topic