I finally got it working. For anyone else that has the same problem, the solution is very simple and I don't know why there are huge walls of text rather than just saying this
To enable APR: 1. Download tomcat-native-1.1.27-win32-bin from http://apache.mirrors.lucidnetworks.net/tomcat/tomcat-connectors/native/1.1.27/binaries/ 2. copy tcnative-1.dll to the Tomcat bin directory Get a self-signed key here: http://www.selfsignedcertificate.com/ Use this connector in server.xml <Connector port="8444" redirectPort="444" protocol="org.apache.coyote.http11.Http11AprProtocol" SSLEnabled="true" maxThreads="150" scheme="https" secure="true" clientAuth="false" sslProtocol="SSLv3" SSLCertificateKeyFile="${catalina.base}\conf\13862451_localhost.key" SSLCertificateFile="${catalina.base}\conf\13862451_localhost.cert" /> At least I can do my work now. Unrelated, I cannot start my connector on port 443 or 8443. I commented out every other connector in server.xml but this still happens. As a workaround I changed the port to 8444 but I'm not sure why I need to. SEVERE: Failed to initialize end point associated with ProtocolHandler ["http-ap r-8443"] java.lang.Exception: Socket bind failed: [730048] Only one usage of each socket address (protocol/network address/port) is normally permitted. at org.apache.tomcat.util.net.AprEndpoint.bind(AprEndpoint.java:446) at org.apache.tomcat.util.net.AbstractEndpoint.init(AbstractEndpoint.jav a:610)1 On Wed, Mar 27, 2013 at 9:46 AM, Harris, Jeffrey E. < jeffrey.har...@mantech.com> wrote: > > > > -----Original Message----- > > From: Kevin Jenkins [mailto:rak...@jenkinssoftware.com] > > Sent: Wednesday, March 27, 2013 12:13 PM > > To: Tomcat Users List > > Subject: Re: SSLCertificateKeyFile cannot find file that exists > > > > Thanks for the answer Jeffery. > > > > Regarding the APR connector, I'm guessing since you said that Tomcat > > doesn't come with it built-in already? > > > > Under installation / windows I downloaded this: > > http://tomcat.apache.org/tomcat-7.0-doc/apr.html > > I'm looking here http://tomcat.apache.org/tomcat-7.0-doc/apr.html under > > installation and it said to download binaries here: > > http://www.motorlogy.com/apache//tomcat/tomcat- > > connectors/native/1.1.27/binaries/ > > > > So I did that, copied tcnative-1.dll to D:\Program > > Files\Java\jdk1.6.0_37\bin > > > > But it still didn't work when I clicked startup.bat. There's no > > instructions on how to actually install APR that I can find beyond > > saying to download the library. Not sure what to do at this point. > > > > Regarding converting the the key file and certificate file to a JKS > > store... how do I do that/ I did some searching and came up with a wall > > of complicated instructions. I've already spent hours trying to figure > > out how to create self-signed keys (which is why I just went to that > > website to begin with). > > > > > > On Wed, Mar 27, 2013 at 8:49 AM, Harris, Jeffrey E. < > > jeffrey.har...@mantech.com> wrote: > > > > > > > > > > > > -----Original Message----- > > > > From: Kevin Jenkins [mailto:rak...@jenkinssoftware.com] > > > > Sent: Wednesday, March 27, 2013 11:46 AM > > > > To: users@tomcat.apache.org > > > > Subject: SSLCertificateKeyFile cannot find file that exists > > > > > > > > I'm working on a project where I need to test C++ code against an > > > > HTTPS web server. So I am trying to get Tomcat to work using HTTPS > > > > on localhost. > > > > Security does not matter right now, I just need to get an HTTPS > > > > server online so I can debug the C++. > > > > > > > > So I went to http://www.selfsignedcertificate.com/ and under server > > > > name entered localhost. > > > > > > > > It gave me 2 files: > > > > 3589340_localhost.key > > > > 3589340_localhost.cert > > > > > > > > I copied those files to D:\apache-tomcat-7.0.37\conf > > > > > > > > I added this line to d:/apache-tomcat-7.0.37/confg/server.xml > > > > > > > > <Connector port="443" protocol="HTTP/1.1" SSLEnabled="true" > > > > maxThreads="150" scheme="https" secure="true" > > > > clientAuth="false" sslProtocol="SSLv3" > > > > > > > > > > SSLCertificateKeyFile="${catalina.base}\conf\3589340_localhost.key" > > > > > > > > SSLCertificateFile="${catalina.base}\conf\3589340_localhost.cert" > > > > /> > > > > > > > > I double click "D:\apache-tomcat-7.0.37\bin\startup.bat" > > > > > > > > It doesn't work. I don't understand why it does it does not find a > > > > matching property. The file is there on the harddrive. > > > > > > > > WARNING: [SetAllPropertiesRule]{Server/Service/Connector} Setting > > > > property 'SSLC ertificateFile' to 'D:\apache-tomcat- > > > > 7.0.37\conf\3589340_localhost.cert' > > > > did not > > > > find a matching property. > > > > Mar 27, 2013 8:44:44 AM org.apache.coyote.AbstractProtocol init > > > > INFO: Initializing ProtocolHandler ["http-bio-8080"] Mar 27, 2013 > > > > 8:44:44 AM org.apache.coyote.AbstractProtocol init > > > > INFO: Initializing ProtocolHandler ["http-bio-443"] Mar 27, 2013 > > > > 8:44:44 AM org.apache.coyote.AbstractProtocol init > > > > SEVERE: Failed to initialize end point associated with > > > > ProtocolHandler ["http-bi o-443"] > > > > java.io.IOException: Keystore was tampered with, or password was > > > > incorrect > > > > at > > > > > > sun.security.provider.JavaKeyStore.engineLoad(JavaKeyStore.java:771) > > > > at > > > > > > sun.security.provider.JavaKeyStore$JKS.engineLoad(JavaKeyStore.java: > > > > 3 > > > > 8) > > > > at java.security.KeyStore.load(KeyStore.java:1185) > > > > at > > > > > > org.apache.tomcat.util.net.jsse.JSSESocketFactory.getStore(JSSESocke > > > > t > > > > Factory.java:372) > > > > > > > > Thanks in advance for the help. > > > > > > You need to either use the APR connector, or convert the key file and > > > certificate file to a JKS store, and update your configuration. > > > > > > Jeffrey Harris > > > > > See the Tomcat documentation ( > http://tomcat.apache.org/tomcat-7.0-doc/ssl-howto.html) and look in the > section "Edit the Tomcat Configuration File" to enable APR. > > Jeffrey Harris > > This e-mail and any attachments are intended only for the use of the > addressee(s) named herein and may contain proprietary information. If you > are not the intended recipient of this e-mail or believe that you received > this email in error, please take immediate action to notify the sender of > the apparent error by reply e-mail; permanently delete the e-mail and any > attachments from your computer; and do not disseminate, distribute, use, or > copy this message and any attachments. > > --------------------------------------------------------------------- > To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org > For additional commands, e-mail: users-h...@tomcat.apache.org > >
