> > Caused by: java.io.IOException: SSL configuration is invalid due to No > available certificate or key corresponds to the SSL cipher suites which are > enabled.
Are you sure you have downloaded the correct intermediate certs? *Note:* When executing the command to import the SSL certificate, you must specify the actual *Alias* used when you initially created the keystore. If you are unsure of this, run the following sample command to see the contents of your keystore: *keytool -list -v -keystore keystorefile.kdb* * * Did you use the same alias as the alias you used to create the keystore when you imported the certificate? Is your tomcat connector config pointing to the correct keysore file location? Igor On Thu, Jan 19, 2012 at 9:46 AM, James Lampert <jam...@touchtonecorp.com>wrote: > I've now got the CA certificates the customer representative is trying to > use here, and I'm attempting to test them on our box. > > I followed these instructions: > > https://search.thawte.com/**support/ssl-digital-**certificates/index?page= > **content&actp=CROSSLINK&id=**SO15518<https://search.thawte.com/support/ssl-digital-certificates/index?page=content&actp=CROSSLINK&id=SO15518> > > rather than the ones here: > > http://tomcat.apache.org/**tomcat-7.0-doc/ssl-howto.html#** > Importing_the_Certificate<http://tomcat.apache.org/tomcat-7.0-doc/ssl-howto.html#Importing_the_Certificate> > > which appear to be somewhat out of date, as Thawte calls for both primary > and secondary x.509 certificates to be loaded into the keystore. > > With no explicit alias reference, and the three certificates placed in the > keystore, in the order specified by Thawte, I get: > > SEVERE: Failed to initialize end point associated with ProtocolHandler >> ["http-bio-8443"] Throwable >> occurred: java.io.IOException: SSL configuration is invalid due to No >> available certificate or key corresponds to the SSL cipher suites which are >> enabled. >> at org.apache.tomcat.util.net.**jsse.JSSESocketFactory.** >> checkConfig(JSSESocketFactory.**java:822) >> at >> org.apache.tomcat.util.net.**jsse.JSSESocketFactory.init(**JSSESocketFactory.java:470) >> at >> org.apache.tomcat.util.net.**jsse.JSSESocketFactory.**createSocket(**JSSESocketFactory.java:158) >> at org.apache.tomcat.util.net.** >> JIoEndpoint.bind(JIoEndpoint.**java:369) >> at org.apache.tomcat.util.net.** >> AbstractEndpoint.init(**AbstractEndpoint.java:553) >> at org.apache.coyote.** >> AbstractProtocol.init(**AbstractProtocol.java:369) >> at org.apache.coyote.http11.** >> AbstractHttp11JsseProtocol.**init(**AbstractHttp11JsseProtocol.**java:119) >> at org.apache.catalina.connector.** >> Connector.initInternal(**Connector.java:937) >> at >> org.apache.catalina.util.**LifecycleBase.init(**LifecycleBase.java:102) >> at >> org.apache.catalina.core.**StandardService.initInternal(**StandardService.java:559) >> at org.apache.catalina.util.** >> LifecycleBase.init(**LifecycleBase.java:102) >> at org.apache.catalina.core.** >> StandardServer.initInternal(**StandardServer.java:781) >> at org.apache.catalina.util.** >> LifecycleBase.init(**LifecycleBase.java:102) >> at org.apache.catalina.startup.** >> Catalina.load(Catalina.java:**573) >> at org.apache.catalina.startup.** >> Catalina.load(Catalina.java:**598) >> at >> sun.reflect.**NativeMethodAccessorImpl.**invoke0(Native >> Method) at >> sun.reflect.**NativeMethodAccessorImpl.**invoke(** >> NativeMethodAccessorImpl.java:**60) >> at sun.reflect.**DelegatingMethodAccessorImpl.**invoke(** >> DelegatingMethodAccessorImpl.**java:37) >> at java.lang.reflect.Method.**invoke(Method.java:611) >> at >> org.apache.catalina.startup.**Bootstrap.load(Bootstrap.java:**281) >> at >> org.apache.catalina.startup.**Bootstrap.main(Bootstrap.java:**449) >> Caused by: >> javax.net.ssl.SSLException: No available certificate or key corresponds to >> the SSL cipher suites which are enabled. >> at com.ibm.jsse2.rc.a(rc.java:53) >> at >> com.ibm.jsse2.rc.accept(rc.**java:13) >> at >> org.apache.tomcat.util.net.**jsse.JSSESocketFactory.** >> checkConfig(JSSESocketFactory.**java:818) >> ... 20 more >> Jan 18, 2012 2:21:43 PM >> org.apache.catalina.core.**StandardService initInternal >> SEVERE: Failed to initialize connector >> [Connector[HTTP/1.1-8443]] >> Throwable occurred: org.apache.catalina.**LifecycleException: Failed >> to initialize component [Connector[HTTP/1.1-8443]] >> at org.apache.catalina.util.**LifecycleBase.init(**LifecycleBase.java:106) >> at org.apache.catalina.core. >> **StandardService.initInternal(**StandardService.java:559) >> at >> org.apache.catalina.util.**LifecycleBase.init(**LifecycleBase.java:102) >> at org.apache.catalina.core. >> **StandardServer.initInternal(**StandardServer.java:781) >> at >> org.apache.catalina.util.**LifecycleBase.init(**LifecycleBase.java:102) >> at >> org.apache.catalina.startup.**Catalina.load(Catalina.java:**573) >> at org.apache.catalina.startup. >> **Catalina.load(Catalina.java:**598) >> at sun.reflect.**NativeMethodAccessorImpl.**invoke0(Native >> Method) at >> sun.reflect.**NativeMethodAccessorImpl.**invoke(** >> NativeMethodAccessorImpl.java:**60) >> at sun.reflect.**DelegatingMethodAccessorImpl.**invoke(** >> DelegatingMethodAccessorImpl.**java:37) at >> java.lang.reflect.Method.**invoke(Method.java:611) >> at org.apache.catalina.startup. >> **Bootstrap.load(Bootstrap.java:**281) >> at org.apache.catalina.startup.** >> Bootstrap.main(Bootstrap.java:**449) >> Caused by: org.apache.catalina.**LifecycleException: >> Protocol handler initialization failed at >> org.apache.catalina.connector.**Connector.initInternal(**Connector.java:939) >> at >> org.apache.catalina.util.**LifecycleBase.init(**LifecycleBase.java:102) >> ... 12 more >> >> Caused by: java.io.IOException: >> SSL configuration is invalid due to No available certificate or key >> corresponds to the SSL cipher suites which are enabled. >> at org.apache.tomcat.util.net.**jsse.JSSESocketFactory.** >> checkConfig(JSSESocketFactory.**java:822) >> at >> org.apache.tomcat.util.net.**jsse.JSSESocketFactory.init(**JSSESocketFactory.java:470) >> at >> org.apache.tomcat.util.net.**jsse.JSSESocketFactory.**createSocket(**JSSESocketFactory.java:158) >> at org.apache.tomcat.util.net.** >> JIoEndpoint.bind(JIoEndpoint.**java:369) >> at org.apache.tomcat.util.net.** >> AbstractEndpoint.init(**AbstractEndpoint.java:553) >> at org.apache.coyote.** >> AbstractProtocol.init(**AbstractProtocol.java:369) >> at org.apache.coyote.http11.** >> AbstractHttp11JsseProtocol.**init(**AbstractHttp11JsseProtocol.**java:119) >> at org.apache.catalina.connector.** >> Connector.initInternal(**Connector.java:937) >> ... 13 more >> >> Caused by: javax.net.ssl.SSLException: No available certificate or >> key corresponds to the SSL cipher suites which are enabled. at >> com.ibm.jsse2.rc.a(rc.java:53) >> at >> com.ibm.jsse2.rc.accept(rc.**java:13) >> at >> org.apache.tomcat.util.net.**jsse.JSSESocketFactory.** >> checkConfig(JSSESocketFactory.**java:818) >> ... 20 more >> >> > > I haven't heard a single response to my earlier query, and none of this > makes any sense. > > -- > JHHL > > > ------------------------------**------------------------------**--------- > To unsubscribe, e-mail: > users-unsubscribe@tomcat.**apache.org<users-unsubscr...@tomcat.apache.org> > For additional commands, e-mail: users-h...@tomcat.apache.org > >
