Re: Standalone SSL Problem (was: Re: [DOC] TC4 Status)

Mon, 30 Jul 2001 16:16:52 -0700 

Hot damn. Taking the classes out of the TC hierarchy got rid of that No
Such Algorithm business. Thanks Kevin!

Is that more-or-less expected behavior, or should I log it into bugzilla
so that it gets tracked as a bug? I'd be happy to look into it further,
although with my rather limited exposure to Catalina classloading it
might take a little while to get a patch for it.

Back to SSL ... unfortunately, in looking at the new stack trace, we're
now apparently back to my basic confusion about how to specify the
keystore stuff in the https connector. The server.xml snippet I posted
in my last message is presumably not right. Either that or I specified
something I shouldn't have when generating the keystore (also posted).
Can someone straighten me out? Also, feel free to beat me about the head
if I missed it in the docs somewhere =)

- Christopher

Starting service Tomcat-Standalone
Apache Tomcat/4.0-b6
initProxy:  java.security.UnrecoverableKeyException: Cannot recover key
java.security.UnrecoverableKeyException: Cannot recover key
        at sun.security.provider.KeyProtector.recover(KeyProtector.java:308)
        at
sun.security.provider.JavaKeyStore.engineGetKey(JavaKeyStore.java:110)
        at java.security.KeyStore.getKey(KeyStore.java:264)
        at
com.sun.net.ssl.internal.ssl.X509KeyManagerImpl.<init>([DashoPro-V1.2-120198])
        at
com.sun.net.ssl.internal.ssl.KeyManagerFactoryImpl.engineInit([DashoPro-V1.2-120198])
        at com.sun.net.ssl.KeyManagerFactory.init([DashoPro-V1.2-120198])
        at
org.apache.catalina.net.SSLServerSocketFactory.initProxy(SSLServerSocketFactory.java:390)
        at
org.apache.catalina.net.SSLServerSocketFactory.initialize(SSLServerSocketFactory.java:328)
        at
org.apache.catalina.net.SSLServerSocketFactory.createSocket(SSLServerSocketFactory.java:281)
        at
org.apache.catalina.connector.http.HttpConnector.open(HttpConnector.java:905)
        at
org.apache.catalina.connector.http.HttpConnector.start(HttpConnector.java:1078)
        at
org.apache.catalina.core.StandardService.start(StandardService.java:360)
        at
org.apache.catalina.core.StandardServer.start(StandardServer.java:458)
        at org.apache.catalina.startup.Catalina.start(Catalina.java:737)
        at org.apache.catalina.startup.Catalina.execute(Catalina.java:657)
        at org.apache.catalina.startup.Catalina.process(Catalina.java:178)
        at java.lang.reflect.Method.invoke(Native Method)
        at org.apache.catalina.startup.Bootstrap.main(Bootstrap.java:202)
Catalina.start: LifecycleException:  HttpConnector[8443].open: 
java.io.IOException: java.security.UnrecoverableKeyException: Cannot
recover key
LifecycleException:  HttpConnector[8443].open:  java.io.IOException:
java.security.UnrecoverableKeyException: Cannot recover key
        at
org.apache.catalina.connector.http.HttpConnector.start(HttpConnector.java:1080)
        at
org.apache.catalina.core.StandardService.start(StandardService.java:360)
        at
org.apache.catalina.core.StandardServer.start(StandardServer.java:458)
        at org.apache.catalina.startup.Catalina.start(Catalina.java:737)
        at org.apache.catalina.startup.Catalina.execute(Catalina.java:657)
        at org.apache.catalina.startup.Catalina.process(Catalina.java:178)
        at java.lang.reflect.Method.invoke(Native Method)
        at org.apache.catalina.startup.Bootstrap.main(Bootstrap.java:202)
----- Root Cause -----
java.io.IOException: java.security.UnrecoverableKeyException: Cannot
recover key
        at
org.apache.catalina.net.SSLServerSocketFactory.initProxy(SSLServerSocketFactory.java:409)
        at
org.apache.catalina.net.SSLServerSocketFactory.initialize(SSLServerSocketFactory.java:328)
        at
org.apache.catalina.net.SSLServerSocketFactory.createSocket(SSLServerSocketFactory.java:281)
        at
org.apache.catalina.connector.http.HttpConnector.open(HttpConnector.java:905)
        at
org.apache.catalina.connector.http.HttpConnector.start(HttpConnector.java:1078)
        at
org.apache.catalina.core.StandardService.start(StandardService.java:360)
        at
org.apache.catalina.core.StandardServer.start(StandardServer.java:458)
        at org.apache.catalina.startup.Catalina.start(Catalina.java:737)
        at org.apache.catalina.startup.Catalina.execute(Catalina.java:657)
        at org.apache.catalina.startup.Catalina.process(Catalina.java:178)
        at java.lang.reflect.Method.invoke(Native Method)
        at org.apache.catalina.startup.Bootstrap.main(Bootstrap.java:202)

Kevin Seguin wrote:
> 
> i have seen this.
> 
> little background first...
> 
> i had some webapps that needed to use jsse, plus catalina needed it for
> https.  so, i figured i'd put the jsse jars somewhere in the tc4 dist tree
> so that both the webapps and catalina could find them.  i believe that was
> $TC4_HOME/common/lib.  well, long story short, that barfed and i saw errors
> like the stack trace you saw.
> 
> i got rid of the problem by taking the jsse jars out of the tc4 dist tree,
> and putting them into the ext dir under the jre installation, plus adding
> the proper line to $JAVA_HOME/jre/lib/security/java.security.

Reply via email to