https://stackoverflow.com/questions/46786046/severe-main-org-apache-catalina-core-standardservice-initinternal-failed-to-in
I went to college and studied IT before finding a job. My teacher explained to me that you should always look at the first error and ignore the rest. First error. 08-Jan-2020 23:14:09.026 SEVERE [main] org.apache.catalina.core.StandardService.initInternal Failed to initialize connector [Connector[HTTP/1.1-8443]] Once that has been addressed then either the remaining will disappear or address the second error which will then be the first error. On Wed, 8 Jan 2020, 23:59 James H. H. Lampert, <jam...@touchtonecorp.com> wrote: > I wrote: > > Am I to understand that Tomcat 8.5.40 can use the ".cer," ".ca.crt" > > and ".key" files directly, instead of the Java Keystore file? > > On 12/30/19 1:41 PM, Peter Kreuser wrote: > > Correct! > > I tried an experiment this afternoon: > > I made a copy of the existing server.xml file, and I changed the active > connector from this (keystore file and alias redacted for privacy, > ciphers and compressibleMimeTypes clauses redacted because they're quite > long, and not relevant here): > > <Connector port="8443" proxyPort="443" > protocol="org.apache.coyote.http11.Http11NioProtocol" > > compression="on" compressionMinSize="2048" > noCompressionUserAgents="gozilla, traviata" > > compressableMimeType="[REDACTED]" > > maxThreads="1000" socket.appReadBufSize="1024" > socket.appWriteBufSize="1024" bufferSize="1024" > > SSLEnabled="true" scheme="https" secure="true" > > keystoreFile="[REDACTED]" keyAlias="[REDACTED]" ciphers="[REDACTED]" > > clientAuth="false" sslProtocol="TLS" /> > > to this: > > <Connector port="8443" proxyPort="443" > protocol="org.apache.coyote.http11.Http11NioProtocol" > > compression="on" compressionMinSize="2048" > noCompressionUserAgents="gozilla, traviata" > > compressableMimeType="[REDACTED]" > > maxThreads="1000" socket.appReadBufSize="1024" > socket.appWriteBufSize="1024" bufferSize="1024" > > SSLEnabled="true" scheme="https" secure="true"> > > <SSLHostConfig ciphers="[REDACTED]" > > certificateVerification="none" sslProtocol="TLS"> > > <Certificate certificateFile="[REDACTED].cer" > certificateKeyFile="[REDACTED].key" > > certificateChainFile="[REDACTED].ca.crt" /> > > </SSLHostConfig> > > </Connector> > > and restarted Tomcat, and it failed to open the port, producing this in > catalina.out: > > 08-Jan-2020 23:14:09.026 SEVERE [main] > org.apache.catalina.core.StandardService.initInternal Failed to initialize > connector [Connector[HTTP/1.1-8443]] > > org.apache.catalina.LifecycleException: Failed to initialize component > [Connector[HTTP/1.1-8443]] > > at > org.apache.catalina.util.LifecycleBase.init(LifecycleBase.java:112) > > at > org.apache.catalina.core.StandardService.initInternal(StandardService.java:552) > > at > org.apache.catalina.util.LifecycleBase.init(LifecycleBase.java:107) > > at > org.apache.catalina.core.StandardServer.initInternal(StandardServer.java:875) > > at > org.apache.catalina.util.LifecycleBase.init(LifecycleBase.java:107) > > at org.apache.catalina.startup.Catalina.load(Catalina.java:639) > > at org.apache.catalina.startup.Catalina.load(Catalina.java:662) > > at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) > > at > sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62) > > at > sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) > > at java.lang.reflect.Method.invoke(Method.java:498) > > at org.apache.catalina.startup.Bootstrap.load(Bootstrap.java:309) > > at org.apache.catalina.startup.Bootstrap.main(Bootstrap.java:492) > > Caused by: org.apache.catalina.LifecycleException: Protocol handler > initialization failed > > at > org.apache.catalina.connector.Connector.initInternal(Connector.java:995) > > at > org.apache.catalina.util.LifecycleBase.init(LifecycleBase.java:107) > > ... 12 more > > Caused by: java.lang.IllegalArgumentException: Cannot store > non-PrivateKeys > > at org.apache.tomcat.util.net > .AbstractJsseEndpoint.createSSLContext(AbstractJsseEndpoint.java:100) > > at org.apache.tomcat.util.net > .AbstractJsseEndpoint.initialiseSsl(AbstractJsseEndpoint.java:72) > > at org.apache.tomcat.util.net > .NioEndpoint.bind(NioEndpoint.java:244) > > at org.apache.tomcat.util.net > .AbstractEndpoint.init(AbstractEndpoint.java:1105) > > at org.apache.tomcat.util.net > .AbstractJsseEndpoint.init(AbstractJsseEndpoint.java:224) > > at > org.apache.coyote.AbstractProtocol.init(AbstractProtocol.java:581) > > at > org.apache.coyote.http11.AbstractHttp11Protocol.init(AbstractHttp11Protocol.java:68) > > at > org.apache.catalina.connector.Connector.initInternal(Connector.java:993) > > ... 13 more > > Caused by: java.security.KeyStoreException: Cannot store non-PrivateKeys > > at > sun.security.provider.JavaKeyStore.engineSetKeyEntry(JavaKeyStore.java:261) > > at > sun.security.provider.JavaKeyStore$JKS.engineSetKeyEntry(JavaKeyStore.java:56) > > at > sun.security.provider.KeyStoreDelegator.engineSetKeyEntry(KeyStoreDelegator.java:117) > > at > sun.security.provider.JavaKeyStore$DualFormatJKS.engineSetKeyEntry(JavaKeyStore.java:70) > > at java.security.KeyStore.setKeyEntry(KeyStore.java:1140) > > at org.apache.tomcat.util.net > .SSLUtilBase.getKeyManagers(SSLUtilBase.java:313) > > at org.apache.tomcat.util.net > .SSLUtilBase.createSSLContext(SSLUtilBase.java:239) > > at org.apache.tomcat.util.net > .AbstractJsseEndpoint.createSSLContext(AbstractJsseEndpoint.java:98) > > ... 20 more > > Can anybody explain what I did wrong? These are fully-qualified paths to > the certificate, chain, and key files. [REDACTED].ca.crt contains a > certificate chain; [REDACTED].cer contains a certificate, and > [REDACTED].key contains a private key, and they all work in Apache > httpd, on the same box. > > -- > JHHL > > --------------------------------------------------------------------- > To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org > For additional commands, e-mail: users-h...@tomcat.apache.org > >
