Yes, we set keystorePass to what we entered when
creating the keystore.
Below are the Connectors from our server.xml.
Do you see anything wrong, here? Something,
that was ok with TC 4.0.6, but is no longer valid
for TC 5.0.16?
Thanks in advance!
Alex
<snip>
<Connector
acceptCount="100"
connectionTimeout="30000"
debug="0"
disableUploadTimeout="true"
enableLookups="true"
maxSpareThreads="75"
maxThreads="150"
minSpareThreads="25"
port="8080"
redirectPort="8443"
scheme="https"
secure="yes"
/>
<!-- Define a SSL Coyote HTTP/1.1 Connector on port 8443 -->
<Connector
acceptCount="100"
debug="0"
disableUploadTimeout="true"
enableLookups="false"
maxSpareThreads="75"
maxThreads="150"
minSpareThreads="25"
port="8443"
scheme="https"
secure="true">
<Factory
clientAuth="false"
keystoreFile="D:\ourwebapp\certificate\keystore"
keystorePass="yeahsure"
protocol="TLS"
/>
</Connector>
<!-- Define a Coyote/JK2 AJP 1.3 Connector on port 8009 -->
<Connector
debug="0"
enableLookups="false"
port="8009"
protocol="AJP/1.3"
redirectPort="8443"
/>
</snip>
> -----Original Message-----
> From: Luc Foisy [mailto:[EMAIL PROTECTED]
> Sent: Monday, December 08, 2003 5:53 PM
> To: Tomcat Users List
> Subject: RE: SSL problem with TC 5.0.16
>
>
> Did you set keystorePass?
>
> -----Original Message-----
> From: Baer Peter Christoph Alexander
> [mailto:[EMAIL PROTECTED]
> Sent: Monday, December 08, 2003 11:49 AM
> To: '[EMAIL PROTECTED]'
> Subject: SSL problem with TC 5.0.16
>
>
> Hi,
>
> before you start throwing eggs and tomatoes at me:
> I *have* searched the mailing list archive before
> posting this message... ;-)
>
>
> I just installed Tomcat 5.0.16. Now we want to
> migrate an application from TC 4.0.6 to it.
> For this we need to run TC with SSL.
> However, there's apparently a mistake in our
> SSL configuration. After adapting server.xml
> for our webapp, we see the following startup
> error message:
>
> <snip>
> INFO: Starting Coyote HTTP/1.1 on port 8080
> 08.12.2003 17:01:45 org.apache.coyote.http11.Http11Protocol start
> SCHWERWIEGEND: Error starting endpoint
> java.io.IOException: Keystore was tampered with, or password
> was incorrect
> at
> sun.security.provider.JavaKeyStore.engineLoad(JavaKeyStore.java:748)
> at java.security.KeyStore.load(KeyStore.java:652)
> at
> org.apache.tomcat.util.net.jsse.JSSESocketFactory.getStore(JSSESocket
> Factory.java:295)
> at
> org.apache.tomcat.util.net.jsse.JSSESocketFactory.getKeystore(JSSESoc
> ketFactory.java:259)
> at
> org.apache.tomcat.util.net.jsse.JSSE14SocketFactory.getKeyManagers(JS
> SE14SocketFactory.java:172)
> </snip>
>
> Following the docs, we checked the password
> and we have also created quite a few new
> keystores and put there paths into the
> keystoreFile attribute of the Factory
> tag.
>
> In TC5 even the old keystore with the
> original certificate of our application
> is rejected.
>
> Has anybody seen this before? Can you provide
> some hint, what the problem could be caused
> by? We can rule out the things mentioned in
> the docs, I think!
>
> Thanks in advance!
>
> Regards
> Alex
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: [EMAIL PROTECTED]
> For additional commands, e-mail: [EMAIL PROTECTED]
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: [EMAIL PROTECTED]
> For additional commands, e-mail: [EMAIL PROTECTED]
>
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
