Hi Thomas, I have encrypted the keystore password using openssl and hardcoded in server.xml. For decrypting , Http11Nio2ProtocolDecryptProp extends Http11Nio2Protocol] and mentioned as below in server.xml
<Connector protocol="com.ericsson.http.protocol.Http11Nio2ProtocolDecryptProp" Decryption is successful even though I am getting the following error and web app is not up. I tried a toy program that is working fine. I feel that something missed. Could you please help me here Sep 11, 2017 10:51:16 AM org.apache.coyote.AbstractProtocol init SEVERE: Failed to initialize end point associated with ProtocolHandler ["http-nio2-2309"] java.io.IOException: Keystore was tampered with, or password was incorrect at sun.security.provider.JavaKeyStore.engineLoad(JavaKeyStore.java:780) at sun.security.provider.JavaKeyStore$JKS.engineLoad(JavaKeyStore.java:56) at sun.security.provider.KeyStoreDelegator.engineLoad(KeyStoreDelegator.java:224) at sun.security.provider.JavaKeyStore$DualFormatJKS.engineLoad(JavaKeyStore.java:70) at java.security.KeyStore.load(KeyStore.java:1445) at org.apache.tomcat.util.net.jsse.JSSESocketFactory.getStore(JSSESocketFactory.java:449) at org.apache.tomcat.util.net.jsse.JSSESocketFactory.getKeystore(JSSESocketFactory.java:353) at org.apache.tomcat.util.net.jsse.JSSESocketFactory.getKeyManagers(JSSESocketFactory.java:606) at org.apache.tomcat.util.net.jsse.JSSESocketFactory.getKeyManagers(JSSESocketFactory.java:546) at org.apache.tomcat.util.net.Nio2Endpoint.bind(Nio2Endpoint.java:313) at org.apache.tomcat.util.net.AbstractEndpoint.init(AbstractEndpoint.java:810) at org.apache.coyote.AbstractProtocol.init(AbstractProtocol.java:476) at org.apache.coyote.http11.AbstractHttp11JsseProtocol.init(AbstractHttp11JsseProtocol.java:120) at org.apache.catalina.connector.Connector.initInternal(Connector.java:960) at org.apache.catalina.util.LifecycleBase.init(LifecycleBase.java:102) at org.apache.catalina.core.StandardService.initInternal(StandardService.java:568) at org.apache.catalina.util.LifecycleBase.init(LifecycleBase.java:102) at org.apache.catalina.core.StandardServer.initInternal(StandardServer.java:871) at org.apache.catalina.util.LifecycleBase.init(LifecycleBase.java:102) at org.apache.catalina.startup.Catalina.load(Catalina.java:581) at org.apache.catalina.startup.Catalina.load(Catalina.java:604) at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62) at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) at java.lang.reflect.Method.invoke(Method.java:498) at org.apache.catalina.startup.Bootstrap.load(Bootstrap.java:310) at org.apache.catalina.startup.Bootstrap.main(Bootstrap.java:484) Caused by: java.security.UnrecoverableKeyException: Password verification failed at sun.security.provider.JavaKeyStore.engineLoad(JavaKeyStore.java:778) ... 26 more Sep 11, 2017 10:51:16 AM org.apache.catalina.core.StandardService initInternal SEVERE: Failed to initialize connector [Connector[com.ericsson.http.protocol.Http11Nio2ProtocolDecryptProp-2309]] org.apache.catalina.LifecycleException: Failed to initialize component [Connector[com.ericsson.http.protocol.Http11Nio2ProtocolDecryptProp-2309]] at org.apache.catalina.util.LifecycleBase.init(LifecycleBase.java:107) at org.apache.catalina.core.StandardService.initInternal(StandardService.java:568) at org.apache.catalina.util.LifecycleBase.init(LifecycleBase.java:102) at org.apache.catalina.core.StandardServer.initInternal(StandardServer.java:871) at org.apache.catalina.util.LifecycleBase.init(LifecycleBase.java:102) -----Original Message----- From: Mark Thomas [mailto:ma...@apache.org] Sent: Monday, September 11, 2017 4:03 PM To: Tomcat Users List Subject: Re: Encrypt Keystore password in server.xml 8.0.45 On 11/09/17 10:11, S Abirami wrote: > > Hi All, > > I have to encrypt keystore password in server.xml. https://wiki.apache.org/tomcat/FAQ/Password Mark --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org