On 26/09/2019 22:30, Venkataraman Srinivasan wrote: > > Hi, > > I am getting below error while I am starting TOMCAT > > Caused by: java.lang.IllegalArgumentException: Cannot store non-PrivateKeys
<snip/> This looks like it is related to the work we have been doing to make it easy to swap between JSSE and OpenSSL based Connectors. In the background Tomcat creates an in-memory keystore for each certificate and then provides the key / cert / chain in the the right format for the TLS implementation. We have already found a few "interesting" configuration combinations that needed specific handling. This may be one - or it may be an invalid configuration. We need to be able to recreate this problem. With that in mind... <snip/> > <Certificate > certificateFile="key_store/ssl_certificate.p7b" > certificateAlias="bla" > keystoreFile="/key_store/blabla.jks" type="RSA" > keystoreType="JKS" > keyChainFile="key_store/linux_apex_inter_x509.cer" > keystorePassword="<password" /> We need to exactly how each of the following files were created and/or exactly what is in each file: - ssl_certificate.p7b - blabla.jks - linux_apex_inter_x509.cer It might be as simple as you need to import the p7b file into the keystore and remove the certificateFile setting. But that is just a wild guess without knowing what is in those files. Mark --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
