Moderators ?????
On Wed, Jan 8, 2020, 20:44 Zahid Rahman <zahidr1...@gmail.com> wrote: > > https://stackoverflow.com/questions/46786046/severe-main-org-apache-catalina-core-standardservice-initinternal-failed-to-in > > I went to college and studied IT before finding a job. My teacher explained > to me that you should always look at the first error and ignore the rest. > Then your "teacher" has NO IDEA what they are talking about, as related to log interpretation ... and now, YOU foster the same INVALID information. When one reads a log file, if there are any "Caused by" statements, locate the last "Caused by" in the stack trace, and that is the area of root cause. One can see there are "Caused by's" in the stack trace, so "looking at the first error" does NOT apply in this case. James, do not take Zahid's information as accurate - his knowledge is lacking. First error. > 08-Jan-2020 23:14:09.026 SEVERE [main] > org.apache.catalina.core.StandardService.initInternal > Failed to initialize connector [Connector[HTTP/1.1-8443]] > > > Once that has been addressed then either the remaining will disappear or > address the second error which will then be the first error. > > > On Wed, 8 Jan 2020, 23:59 James H. H. Lampert, <jam...@touchtonecorp.com> > wrote: > > > I wrote: > > > Am I to understand that Tomcat 8.5.40 can use the ".cer," ".ca.crt" > > > and ".key" files directly, instead of the Java Keystore file? > > > > On 12/30/19 1:41 PM, Peter Kreuser wrote: > > > Correct! > > > > I tried an experiment this afternoon: > > > > I made a copy of the existing server.xml file, and I changed the active > > connector from this (keystore file and alias redacted for privacy, > > ciphers and compressibleMimeTypes clauses redacted because they're quite > > long, and not relevant here): > > > <Connector port="8443" proxyPort="443" > > protocol="org.apache.coyote.http11.Http11NioProtocol" > > > compression="on" compressionMinSize="2048" > > noCompressionUserAgents="gozilla, traviata" > > > compressableMimeType="[REDACTED]" > > > maxThreads="1000" socket.appReadBufSize="1024" > > socket.appWriteBufSize="1024" bufferSize="1024" > > > SSLEnabled="true" scheme="https" secure="true" > > > keystoreFile="[REDACTED]" keyAlias="[REDACTED]" ciphers="[REDACTED]" > > > clientAuth="false" sslProtocol="TLS" /> > > > > to this: > > > <Connector port="8443" proxyPort="443" > > protocol="org.apache.coyote.http11.Http11NioProtocol" > > > compression="on" compressionMinSize="2048" > > noCompressionUserAgents="gozilla, traviata" > > > compressableMimeType="[REDACTED]" > > > maxThreads="1000" socket.appReadBufSize="1024" > > socket.appWriteBufSize="1024" bufferSize="1024" > > > SSLEnabled="true" scheme="https" secure="true"> > > > <SSLHostConfig ciphers="[REDACTED]" > > > certificateVerification="none" sslProtocol="TLS"> > > > <Certificate certificateFile="[REDACTED].cer" > > certificateKeyFile="[REDACTED].key" > > > certificateChainFile="[REDACTED].ca.crt" /> > > > </SSLHostConfig> > > > </Connector> > > > > and restarted Tomcat, and it failed to open the port, producing this in > > catalina.out: > > > 08-Jan-2020 23:14:09.026 SEVERE [main] > > org.apache.catalina.core.StandardService.initInternal Failed to > initialize > > connector [Connector[HTTP/1.1-8443]] > > > org.apache.catalina.LifecycleException: Failed to initialize component > > [Connector[HTTP/1.1-8443]] > > > at > > org.apache.catalina.util.LifecycleBase.init(LifecycleBase.java:112) > > > at > > > org.apache.catalina.core.StandardService.initInternal(StandardService.java:552) > > > at > > org.apache.catalina.util.LifecycleBase.init(LifecycleBase.java:107) > > > at > > > org.apache.catalina.core.StandardServer.initInternal(StandardServer.java:875) > > > at > > org.apache.catalina.util.LifecycleBase.init(LifecycleBase.java:107) > > > at org.apache.catalina.startup.Catalina.load(Catalina.java:639) > > > at org.apache.catalina.startup.Catalina.load(Catalina.java:662) > > > at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) > > > at > > > sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62) > > > at > > > sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) > > > at java.lang.reflect.Method.invoke(Method.java:498) > > > at > org.apache.catalina.startup.Bootstrap.load(Bootstrap.java:309) > > > at > org.apache.catalina.startup.Bootstrap.main(Bootstrap.java:492) > > > Caused by: org.apache.catalina.LifecycleException: Protocol handler > > initialization failed > > > at > > org.apache.catalina.connector.Connector.initInternal(Connector.java:995) > > > at > > org.apache.catalina.util.LifecycleBase.init(LifecycleBase.java:107) > > > ... 12 more > > > Caused by: java.lang.IllegalArgumentException: Cannot store > > non-PrivateKeys > > > at org.apache.tomcat.util.net > > .AbstractJsseEndpoint.createSSLContext(AbstractJsseEndpoint.java:100) > > > at org.apache.tomcat.util.net > > .AbstractJsseEndpoint.initialiseSsl(AbstractJsseEndpoint.java:72) > > > at org.apache.tomcat.util.net > > .NioEndpoint.bind(NioEndpoint.java:244) > > > at org.apache.tomcat.util.net > > .AbstractEndpoint.init(AbstractEndpoint.java:1105) > > > at org.apache.tomcat.util.net > > .AbstractJsseEndpoint.init(AbstractJsseEndpoint.java:224) > > > at > > org.apache.coyote.AbstractProtocol.init(AbstractProtocol.java:581) > > > at > > > org.apache.coyote.http11.AbstractHttp11Protocol.init(AbstractHttp11Protocol.java:68) > > > at > > org.apache.catalina.connector.Connector.initInternal(Connector.java:993) > > > ... 13 more > > > Caused by: java.security.KeyStoreException: Cannot store > non-PrivateKeys > > > at > > > sun.security.provider.JavaKeyStore.engineSetKeyEntry(JavaKeyStore.java:261) > > > at > > > sun.security.provider.JavaKeyStore$JKS.engineSetKeyEntry(JavaKeyStore.java:56) > > > at > > > sun.security.provider.KeyStoreDelegator.engineSetKeyEntry(KeyStoreDelegator.java:117) > > > at > > > sun.security.provider.JavaKeyStore$DualFormatJKS.engineSetKeyEntry(JavaKeyStore.java:70) > > > at java.security.KeyStore.setKeyEntry(KeyStore.java:1140) > > > at org.apache.tomcat.util.net > > .SSLUtilBase.getKeyManagers(SSLUtilBase.java:313) > > > at org.apache.tomcat.util.net > > .SSLUtilBase.createSSLContext(SSLUtilBase.java:239) > > > at org.apache.tomcat.util.net > > .AbstractJsseEndpoint.createSSLContext(AbstractJsseEndpoint.java:98) > > > ... 20 more > > > > Can anybody explain what I did wrong? These are fully-qualified paths to > > the certificate, chain, and key files. [REDACTED].ca.crt contains a > > certificate chain; [REDACTED].cer contains a certificate, and > > [REDACTED].key contains a private key, and they all work in Apache > > httpd, on the same box. > > > > -- > > JHHL > > > > --------------------------------------------------------------------- > > To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org > > For additional commands, e-mail: users-h...@tomcat.apache.org > > > > >
