Hello,
I am sure somebody has come across something similar before but I have been unable to find a resolution as yet. The problem is this; I am trying to enable SSL in Tomcat 4.1.29 and several things happen that are not correct, even though this should be a rather simple goal to achieve.
Firstly, the keytool will not work properly when generating a new key. You get asked all the questions and when you have finished and you confirm the information entered with a 'yes' it just hangs. Importing with keytool and checking the keystore both work fine (the -list and -import flags) but generating doesn't (-genkey). I cannot seem to find any error messages either and in top the process appears intermittently.
Secondly, after importing the certificate (made with openssl) I then change the server.xml config and ensure that the JSSE_HOME is correct in catalina.sh and restart Tomcat using catalina.sh. This is what I get:
----- begin excerpt catalina log ------
Exception during startup processing
java.lang.reflect.InvocationTargetException
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
at java.lang.reflect.Method.invoke(Method.java:324)
at org.apache.catalina.startup.Bootstrap.main(Bootstrap.java:203)
Caused by: java.lang.NoClassDefFoundError: javax/net/ServerSocketFactory
at java.lang.ClassLoader.findBootstrapClass(Native Method)
at java.lang.ClassLoader.findBootstrapClass0(ClassLoader.java:709)
at java.lang.ClassLoader.loadClass(ClassLoader.java:284)
at java.lang.ClassLoader.loadClass(ClassLoader.java:282)
at sun.misc.Launcher$AppClassLoader.loadClass(Launcher.java:274)
at java.lang.ClassLoader.loadClass(ClassLoader.java:235)
at org.apache.catalina.loader.StandardClassLoader.loadClass(StandardClassLoader.java:941)
at org.apache.catalina.loader.StandardClassLoader.loadClass(StandardClassLoader.java:857)
at org.apache.catalina.loader.StandardClassLoader.loadClass(StandardClassLoader.java:941)
at org.apache.catalina.loader.StandardClassLoader.loadClass(StandardClassLoader.java:857)
at java.lang.ClassLoader.loadClassInternal(ClassLoader.java:302)
at org.apache.tomcat.util.net.jsse.JSSE14Factory.getSocketFactory(JSSE14Factory.java:80)
at org.apache.tomcat.util.net.jsse.JSSEImplementation.getServerSocketFactory(JSSEImplementation.java:113)
at org.apache.coyote.http11.Http11Protocol.checkSocketFactory(Http11Protocol.java:615)
at org.apache.coyote.http11.Http11Protocol.init(Http11Protocol.java:166)
at org.apache.coyote.tomcat4.CoyoteConnector.initialize(CoyoteConnector.java:1173)
at org.apache.catalina.core.StandardService.initialize(StandardService.java:579)
at org.apache.catalina.core.StandardServer.initialize(StandardServer.java:2246)
at org.apache.catalina.startup.Catalina.start(Catalina.java:511)
at org.apache.catalina.startup.Catalina.execute(Catalina.java:400)
at org.apache.catalina.startup.Catalina.process(Catalina.java:180)
... 5 more
---- end excerpt catalina log -----
Tomcat runs perfectly if I comment the SSL out.
--- begin server.xml excerpt ---
<!-- Define a non-SSL Coyote HTTP/1.1 Connector --> <Connector className="org.apache.coyote.tomcat4.CoyoteConnector" port="8180" minProcessors="5" maxProcessors="75" enableLookups="true" redirectPort="8443" acceptCount="100" debug="0" connectionTimeout="20000" useURIValidationHack="false" disableUploadTimeout="true" />
<!-- Note : To disable connection timeouts, set connectionTimeout value to -1 -->
<!-- Define a SSL Coyote HTTP/1.1 Connector on port 8443 -->
<Connector className="org.apache.coyote.tomcat4.CoyoteConnector" port="8443" minProcessors="5" maxProcessors="75" enableLookups="true" acceptCount="100" debug="0" scheme="https" secure="true" useURIValidationHack="false" disableUploadTimeout="true"> <Factory className="org.apache.coyote.tomcat4.CoyoteServerSocketFactory" keystoreFile="MYKEYSTORE" keystorePass="MYPASSWD" clientAuth="false" /> </Connector>
---- end server.xml excerpt ---
---- begin excerpt catalina.sh ------
# java home JAVA_HOME=/usr/local/jdk1.4.2; export JAVA_HOME
# JSSE home JSSE_HOME=/usr/local/jdk1.4.2/jre; export JSSE_HOME
<snip>
# Add on extra jar files to CLASSPATH if [ -n "$JSSE_HOME" ]; then CLASSPATH="$CLASSPATH":"$JSSE_HOME"/lib/ext/jcert.jar:"$JSSE_HOME"/lib/ext/jnet.jar:"$JSSE_HOME"/lib/ext/jsse.jar fi CLASSPATH="$CLASSPATH":"$CATALINA_HOME"/bin/bootstrap.jar:
---- end catalina.sh excerpt ---
Of course JSSE was already included in JDK 1.4 (we are running jdk 1.4.2) so it was not necessary to download that apart.
OS : FreeBSD 4.9
Any assistance on this issue would be gratefully appreciated as something which I feel should only have taken an hour or so has taken up far too much time with no option in sight other than to run the Tomcat behind Apache+SSL instead of standalone with SSL.
Thanks in advance
Regards,
Lloyd
L. C. Hopper
[EMAIL PROTECTED]
Visit us at http://www.TriMM.nl
TriMM Multimedia BV - POBox 1208 7500 BE Enschede - the Netherlands
---------- Microsoft: "Where do you want to go today?" Linux: "Where do you want to go tomorrow?" FreeBSD: "Are you guys coming or what?" NT: "Hey, wait a minute while I reboot...."
----------