On 9/22/23 13:25, Bill wrote:
Hello All,
      I may have started my SSL Cert install & config at step 2 instead of
step 1... :-(

Most mistakes are recoverable :)

Basically I have created my key store, my p12 file and have my cert all in
a sub directory of the conf directory.

All of those things are usually in the same file. What files do you actually have, and what is in each of them, specifically? If you have a keystore of any kind (including p12 files), post the output of:

$  keytool -list -keystore [filename]

I have updated the server xml with my connectors per online directions.
Yet my SSL (https) cert/site doesn't work.

Can you please post your <Connector> configuration, replacing any secrets?

Also, what do you mean "doesn't work"? Tomcat does not start? Connections are refused? Browser doesn't like server's cert? Can't complete handshake?

The catalina logs do not provide a whole lot of help for me as a TC novice.
I did see this in the log:

(org.apache.catalina.core.AprLifecycleListener.lifecycleEvent The Apache
Tomcat Native library which allows using OpenSSL was not found on the
java.library.path: [/usr/java/packages/lib:/usr/lib64:/lib64:/lib:/usr/lib])

This is a warning. If you don't intend to use tcnative, you can disable the AprLifecycleListener and it will no longer emit that message.

but I'm pretty sure I didn't install native, but the regular version of TC.

The "native" connector is just a Connector, not all of Tomcat. The "regular" version of Tomcat supports several types of connectors, the "native" one included.

So my question is, was I supposed to install or turn something on before
beginning the process of key store and p12 file and connector configuration?

No, if you have your keystore in order and refer to it properly in the config then that's all you should need.


To unsubscribe, e-mail:
For additional commands, e-mail:

Reply via email to