Hi!! I've found the problem, the params SSLCertificateFile and SSLCertificateKeyFile were changed. Now I'm not having any error on startup.
Thanx for all =) 2011/5/11 Goo Sam Kong <skgo...@gmail.com> > Hi, > > If you use APR, the private key & certificate should be in PEM format as > documented in http://tomcat.apache.org/tomcat-5.5-doc/apr.html#HTTPS > > *SSLCertificateFile* > > Name of the file that contains the server certificate. The format is > PEM-encoded. > SSLCertificateKeyFile > > Name of the file that contains the server private key. The format is > PEM-encoded. The default value is the value of "SSLCertificateFile" and in > this case both certificate and private key have to be in this file (NOT > RECOMMENDED). > > > On 11 May 2011 15:31, Lunita <hoshi.uts...@gmail.com> wrote: > > > Hi again, > > > > I followed many docs, the Tomcat's official web was not clear enough for > > me. > > With SSLEngine="on" I'm having this problem: > > > > SEVERE: Catalina.start > > LifecycleException: Protocol handler initialization failed: > > java.lang.Exception: Unable to load certificate key > > /opt/apache-tomcat-5.5.33/conf/xWiki.cer (error:0906D06C:PEM > > routines:PEM_read_bio:no start line) > > > > > > Does Tomcat support .cer certificates o must be PEM? Strange thing is > that > > the cert. file is .cer, but the error complains about PEM. > > > > Thanx in advance. > > > > > > 2011/5/10 Konstantin Kolinko <knst.koli...@gmail.com> > > > > > 2011/5/10 Lunita <hoshi.uts...@gmail.com>: > > > > Hi all! > > > > > > > > I amb trying to configure SSL for Tomcat Manager with APR. I have a > > weird > > > > problem, port 8443 is listening, but no HTTPS over there! 8080 and > 8443 > > > > ports are open with HTTP > > > > > > > > I compiled tomcat native with this configure: > > > > > > > > "--prefix=/opt/tomcat/" \ > > > > "--with-apr=/opt/apr-1.4.2/" \ > > > > "--with-ssl=/usr" \ > > > > "--with-java-home=/usr/java/jdk1.6.0_23/" \ > > > > "--libdir=/usr/lib" \ > > > > > > > > > > > > At startup, Tomcat load OK the library: > > > > > > > > INFO: Loaded APR based Apache Tomcat Native library 1.1.20. > > > > May 10, 2011 6:36:07 PM org.apache.catalina.core.AprLifecycleListener > > > init > > > > INFO: APR capabilities: IPv6 [true], sendfile [true], accept filters > > > > [false], random [true]. > > > > May 10, 2011 6:36:07 PM org.apache.coyote.http11.Http11AprProtocol > init > > > > INFO: Initializing Coyote HTTP/1.1 on http-8080 > > > > May 10, 2011 6:36:07 PM org.apache.coyote.http11.Http11AprProtocol > init > > > > INFO: Initializing Coyote HTTP/1.1 on http-8443 > > > > > > > > My config at server.xml looks OK ... > > > > > > > > <Connector port="8443" maxHttpHeaderSize="8192" > > > > maxThreads="200" minSpareThreads="25" maxSpareThreads="75" > > > > scheme="https" secure="true" SSLEnabled="true" > > > > > > > > > SSLCertificateFile="/opt/apache-tomcat-5.5.33/conf/tomcat.key.noPasswd" > > > > > SSLCertificateKeyFile="/opt/apache-tomcat-5.5.33/conf/XX.cer" > > > > clientAuth="false" SSLProtocol="TLSv1"/> > > > > > > > > > > > > Any help? I'm really lost =( > > > > > > Configuration of APR/OpenSSL (aka "native") connector with SSL is > > > documented in > > > http://tomcat.apache.org/tomcat-5.5-doc/apr.html#HTTPS > > > > > > Apparently you are missing SSLEngine="on" > > > > > > Note, that Tomcat 5.5 does not warn about any unknown attributes etc. > > > (Tomcat 6 and later do give warnings), so you should read the > > > configuration docs carefully. > > > > > > What documentation you have followed? (Maybe something needs > > > amendments / corrections there?) > > > > > > Best regards, > > > Konstantin Kolinko > > > > > > --------------------------------------------------------------------- > > > To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org > > > For additional commands, e-mail: users-h...@tomcat.apache.org > > > > > > > > >
