Re: java.lang.Exception: No Certificate file specified or invalid file format ?

Tue, 06 May 2014 08:12:03 -0700 

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Mohit,

On 5/6/14, 2:06 AM, Mohit Gupta wrote:
> Here is my connector element for https
> 
> <Connector SSLEnabled="true" acceptCount="100" 
> connectionTimeout="20000" executor="tomcatThreadPool" 
> keystoreFile="D:/.keystore" keystorePass="changeit" 
> maxKeepAliveRequests="15" port="8443" protocol="HTTP/1.1" 
> redirectPort="8443" scheme="https" secure="true" 
> allowUnsafeLegacyRenegotiation="true"/>
> 
> But get below error while server start up
> 
> May 06, 2014 11:09:34 AM org.apache.coyote.http11.Http11AprProtocol
> init SEVERE: Error initializing endpoint java.lang.Exception: No
> Certificate file specified or invalid file format at
> org.apache.tomcat.jni.SSLContext.setCertificate(Native Method) at
> org.apache.tomcat.util.net.AprEndpoint.init(AprEndpoint.java:832)
> 
> [snip]
> 
> Server starts up successfully when i change the protocol to 
> org.apache.coyote.http11.Http11Protocol . My question is why this 
> change is required and how safe it is?

You are using the APR (native) connector, but you have configured your
<Connector> for JSSE.

If you want to use JSSE-based TLS, you'll need to specifically choose
the non-APR connector by setting the "protocol" attribute to either
"org.apache.coyote.http11.Http11Protocol" (for the blocking I/O
connector) or "org.apache.coyote.http11.Http11NioProtocol" (for the
non-blocking I/O connector, which I would recommend).

- -chris
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
Comment: GPGTools - http://gpgtools.org
Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/

iQIcBAEBCAAGBQJTaPglAAoJEBzwKT+lPKRYOaYP/jPukO77+AprpClTG+IGX5ML
bJp+9z+cBWPKuT2mLVIMV9qrVsxA8ceqJvkMeMRMATQGc/URws7OWTDobUkxD+2l
d8pzsZ2VrzqsmtaJbKNHVVsD3zqMbZVQkTal0vJjiO2iLNzY4QVV1ArlexW1N/Sr
FKetqMSqRDn1m8n2C1NOcNy78LJNSj6hsW6J5UFw8ioAfu8Pr3QNOaJIIkAA/tEl
RelvMY6PcF+VvGcICA0XndIu0DBXJKptL9t8ydjLElA61ZgWrGVKkK4kOvUeCnJp
2DhRkDnXvH6TMMdww0PGCnevuL3nKEJVsWGc73xc3xYJnIMr1nW+eCdwaH7Lt0om
urUOhpeYDEZvgWWkHfKc/kyPdLori+CNhjptXTInu7UzEUmYDe5GCox6DEBLhhTS
9vud5j1Aoa3rPZY62kcSmX2oTQ1pVfYjVWy2MBZXSFStQ59enj0eoApDxhGrM2J6
g1dRgFtzjq0BU7jD4QfJfhBPWq2D3srpMxpjMBxJiiE9LijnPH9fwWXhc0dbuLOY
JfFlVLUBtIOakbWwucIv5Ua+WiuhMGfLbsNkDN+BBX6WIBk8aHRoRLIKM8Ic4Qjv
lpp7xkg1J8lNpCxDQnnBcE06EBpEpCkHyppW9dkP0WSEJd/T0Wt3P9u7+dMFEDC3
zH2kG9tIXIexDQNiJhyn
=Xvo+
-----END PGP SIGNATURE-----

---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org

Reply via email to