On Thu, Nov 24, 2011 at 3:07 AM, Mark Thomas <ma...@apache.org> wrote:
> On 22/11/2011 20:42, Satish Mittal wrote: > > Hi All, > > > > I have observed a regression between tomcat 5 and tomcat 7. > > That is https://issues.apache.org/bugzilla/show_bug.cgi?id=38774 that > was fixed only in the 5.5.x branch. > > I'm not a huge fan of using system properties for configuration so I > prefer the Tomcat 6+ approach that requires explicit configuration (even > though some system properties are still used as fall back). > > Hi Mark, Thanks for the link. I was searching for a related post in apache but couldn't find it. May I request you to merge this fix to tomcat 7 branch as well? Since it was working in tomcat .5.33, it would be a regression for my application once it moves to latest tomcat 7 version. Thanks, Satish Mark > > > > > > In my tomcat webapp, before I spawn another tomcat webapp process, I pass > > on the keystore password by setting the system property > > "javax.net.ssl.keyStorePassword" to keystore password, instead of writing > > the keystore password in plain-text as an attribute in server.xml. > > > > This used to work in tomcat 5. However in tomcat 7, the same > > webapp/keystore throws the following error: > > > > Nov 22, 2011 8:04:45 PM org.apache.coyote.AbstractProtocol init > > SEVERE: Failed to initialize end point associated with ProtocolHandler > > ["http-bio-8096"] > > java.io.IOException: Keystore was tampered with, or password was > incorrect > > at sun.security.provider.JavaKeyStore.engineLoad(JavaKeyStore.java:771) > > at > sun.security.provider.JavaKeyStore$JKS.engineLoad(JavaKeyStore.java:38) > > at java.security.KeyStore.load(KeyStore.java:1185) > > at > > > org.apache.tomcat.util.net.jsse.JSSESocketFactory.getStore(JSSESocketFactory.java:407) > > at > > > org.apache.tomcat.util.net.jsse.JSSESocketFactory.getKeystore(JSSESocketFactory.java:306) > > at > > > org.apache.tomcat.util.net.jsse.JSSESocketFactory.getKeyManagers(JSSESocketFactory.java:565) > > at > > > org.apache.tomcat.util.net.jsse.JSSESocketFactory.getKeyManagers(JSSESocketFactory.java:505) > > at > > > org.apache.tomcat.util.net.jsse.JSSESocketFactory.init(JSSESocketFactory.java:449) > > at > > > org.apache.tomcat.util.net.jsse.JSSESocketFactory.createSocket(JSSESocketFactory.java:158) > > at org.apache.tomcat.util.net.JIoEndpoint.bind(JIoEndpoint.java:373) > > at > > > org.apache.tomcat.util.net.AbstractEndpoint.init(AbstractEndpoint.java:498) > > at org.apache.coyote.AbstractProtocol.init(AbstractProtocol.java:369) > > at > > > org.apache.coyote.http11.AbstractHttp11JsseProtocol.init(AbstractHttp11JsseProtocol.java:119) > > at > org.apache.catalina.connector.Connector.initInternal(Connector.java:909) > > at org.apache.catalina.util.LifecycleBase.init(LifecycleBase.java:102) > > at > > > org.apache.catalina.core.StandardService.initInternal(StandardService.java:559) > > at org.apache.catalina.util.LifecycleBase.init(LifecycleBase.java:102) > > at > > > org.apache.catalina.core.StandardServer.initInternal(StandardServer.java:781) > > at org.apache.catalina.util.LifecycleBase.init(LifecycleBase.java:102) > > at org.apache.catalina.startup.Catalina.load(Catalina.java:573) > > at org.apache.catalina.startup.Catalina.load(Catalina.java:596) > > at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) > > at > > > sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39) > > at > > > sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25) > > at java.lang.reflect.Method.invoke(Method.java:597) > > at org.apache.catalina.startup.Bootstrap.load(Bootstrap.java:281) > > at org.apache.catalina.startup.Bootstrap.main(Bootstrap.java:449) > > at java.lang.Thread.run(Thread.java:619) > > Caused by: java.security.UnrecoverableKeyException: Password verification > > failed > > at sun.security.provider.JavaKeyStore.engineLoad(JavaKeyStore.java:769) > > ... 28 more > > Nov 22, 2011 8:04:47 PM org.apache.catalina.core.StandardService > > initInternal > > SEVERE: Failed to initialize connector [Connector[HTTP/1.1-8096]] > > org.apache.catalina.LifecycleException: Failed to initialize component > > [Connector[HTTP/1.1-8096]] > > at org.apache.catalina.util.LifecycleBase.init(LifecycleBase.java:106) > > at > > > org.apache.catalina.core.StandardService.initInternal(StandardService.java:559) > > at org.apache.catalina.util.LifecycleBase.init(LifecycleBase.java:102) > > at > > > org.apache.catalina.core.StandardServer.initInternal(StandardServer.java:781) > > at org.apache.catalina.util.LifecycleBase.init(LifecycleBase.java:102) > > at org.apache.catalina.startup.Catalina.load(Catalina.java:573) > > at org.apache.catalina.startup.Catalina.load(Catalina.java:596) > > at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) > > at > > > sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39) > > at > > > sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25) > > at java.lang.reflect.Method.invoke(Method.java:597) > > at org.apache.catalina.startup.Bootstrap.load(Bootstrap.java:281) > > at org.apache.catalina.startup.Bootstrap.main(Bootstrap.java:449) > > at java.lang.Thread.run(Thread.java:619) > > Caused by: org.apache.catalina.LifecycleException: Protocol handler > > initialization failed > > at > org.apache.catalina.connector.Connector.initInternal(Connector.java:911) > > at org.apache.catalina.util.LifecycleBase.init(LifecycleBase.java:102) > > ... 14 more > > Caused by: java.io.IOException: Keystore was tampered with, or password > was > > incorrect > > at sun.security.provider.JavaKeyStore.engineLoad(JavaKeyStore.java:771) > > at > sun.security.provider.JavaKeyStore$JKS.engineLoad(JavaKeyStore.java:38) > > at java.security.KeyStore.load(KeyStore.java:1185) > > at > > > org.apache.tomcat.util.net.jsse.JSSESocketFactory.getStore(JSSESocketFactory.java:407) > > at > > > org.apache.tomcat.util.net.jsse.JSSESocketFactory.getKeystore(JSSESocketFactory.java:306) > > at > > > org.apache.tomcat.util.net.jsse.JSSESocketFactory.getKeyManagers(JSSESocketFactory.java:565) > > at > > > org.apache.tomcat.util.net.jsse.JSSESocketFactory.getKeyManagers(JSSESocketFactory.java:505) > > at > > > org.apache.tomcat.util.net.jsse.JSSESocketFactory.init(JSSESocketFactory.java:449) > > at > > > org.apache.tomcat.util.net.jsse.JSSESocketFactory.createSocket(JSSESocketFactory.java:158) > > at org.apache.tomcat.util.net.JIoEndpoint.bind(JIoEndpoint.java:373) > > at > > > org.apache.tomcat.util.net.AbstractEndpoint.init(AbstractEndpoint.java:498) > > at org.apache.coyote.AbstractProtocol.init(AbstractProtocol.java:369) > > at > > > org.apache.coyote.http11.AbstractHttp11JsseProtocol.init(AbstractHttp11JsseProtocol.java:119) > > at > org.apache.catalina.connector.Connector.initInternal(Connector.java:909) > > ... 15 more > > Caused by: java.security.UnrecoverableKeyException: Password verification > > failed > > at sun.security.provider.JavaKeyStore.engineLoad(JavaKeyStore.java:769) > > ... 28 more > > > > Due to this error, the HTTPS connector is not initializing. The keystore > is > > perfectly valid, since it works with tomcat 5. > > > > Has anyone else observed this issue with tomcat 7? Any ideas/pointers how > > to fix it? > > > > Thanks in advance, > > Satish Mittal > > > > > --------------------------------------------------------------------- > To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org > For additional commands, e-mail: users-h...@tomcat.apache.org > > -- "The happiest of people donĀ“t necessarily have the best of everything, they just make the most of everything that comes along their way."
