SSL issue

Sat, 18 Mar 2023 11:15:40 -0700 

Hello Everyone,

I'm having an issue with my SSL connector:

<stacktrace>
18-Mar-2023 14:12:46.996 SEVERE [main]
org.apache.catalina.util.LifecycleBase.handleSubClassException Failed to
initialize component
[Connector[org.apache.coyote.http11.Http11Nio2Protocol-8443]]
        org.apache.catalina.LifecycleException: Protocol handler
initialization failed
                at
org.apache.catalina.connector.Connector.initInternal(Connector.java:1014)
                at
org.apache.catalina.util.LifecycleBase.init(LifecycleBase.java:136)
                at
org.apache.catalina.core.StandardService.initInternal(StandardService.java:549)
                at
org.apache.catalina.util.LifecycleBase.init(LifecycleBase.java:136)
                at
org.apache.catalina.core.StandardServer.initInternal(StandardServer.java:1032)
                at
org.apache.catalina.util.LifecycleBase.init(LifecycleBase.java:136)
                at
org.apache.catalina.startup.Catalina.load(Catalina.java:724)
                at
org.apache.catalina.startup.Catalina.load(Catalina.java:746)
                at
java.base/jdk.internal.reflect.DirectMethodHandleAccessor.invoke(DirectMethodHandleAccessor.java:104)
                at
java.base/java.lang.reflect.Method.invoke(Method.java:578)
                at
org.apache.catalina.startup.Bootstrap.load(Bootstrap.java:307)
                at
org.apache.catalina.startup.Bootstrap.main(Bootstrap.java:477)
        Caused by: java.lang.IllegalArgumentException: Get Key failed:
Given final block not properly padded. Such issues can arise if a bad key
is used during decryption.
                at
org.apache.tomcat.util.net.AbstractJsseEndpoint.createSSLContext(AbstractJsseEndpoint.java:107)
                at
org.apache.tomcat.util.net.AbstractJsseEndpoint.initialiseSsl(AbstractJsseEndpoint.java:71)
                at
org.apache.tomcat.util.net.Nio2Endpoint.bind(Nio2Endpoint.java:146)
                at
org.apache.tomcat.util.net.AbstractEndpoint.bindWithCleanup(AbstractEndpoint.java:1302)
                at
org.apache.tomcat.util.net.AbstractEndpoint.init(AbstractEndpoint.java:1315)
                at
org.apache.coyote.AbstractProtocol.init(AbstractProtocol.java:652)
                at
org.apache.coyote.http11.AbstractHttp11Protocol.init(AbstractHttp11Protocol.java:75)
                at
org.apache.catalina.connector.Connector.initInternal(Connector.java:1012)
                ... 11 more
        Caused by: java.security.UnrecoverableKeyException: Get Key failed:
Given final block not properly padded. Such issues can arise if a bad key
is used during decryption.
                at
java.base/sun.security.pkcs12.PKCS12KeyStore.engineGetKey(PKCS12KeyStore.java:454)
                at
java.base/sun.security.util.KeyStoreDelegator.engineGetKey(KeyStoreDelegator.java:91)
                at
java.base/java.security.KeyStore.getKey(KeyStore.java:1077)
                at
org.apache.tomcat.util.net.SSLUtilBase.getKeyManagers(SSLUtilBase.java:353)
                at
org.apache.tomcat.util.net.SSLUtilBase.createSSLContext(SSLUtilBase.java:246)
                at
org.apache.tomcat.util.net.AbstractJsseEndpoint.createSSLContext(AbstractJsseEndpoint.java:105)
                ... 18 more
        Caused by: javax.crypto.BadPaddingException: Given final block not
properly padded. Such issues can arise if a bad key is used during
decryption.
                at
java.base/com.sun.crypto.provider.CipherCore.unpad(CipherCore.java:861)
                at
java.base/com.sun.crypto.provider.CipherCore.fillOutputBuffer(CipherCore.java:941)
                at
java.base/com.sun.crypto.provider.CipherCore.doFinal(CipherCore.java:734)
                at
java.base/com.sun.crypto.provider.PBES2Core.engineDoFinal(PBES2Core.java:310)
                at java.base/javax.crypto.Cipher.doFinal(Cipher.java:2207)
                at
java.base/sun.security.pkcs12.PKCS12KeyStore.lambda$engineGetKey$0(PKCS12KeyStore.java:370)
                at
java.base/sun.security.pkcs12.PKCS12KeyStore$RetryWithZero.run(PKCS12KeyStore.java:257)
                at
java.base/sun.security.pkcs12.PKCS12KeyStore.engineGetKey(PKCS12KeyStore.java:361)
                ... 23 more
</stacktrace>

And my SSL config:

<code>
        <Connector executor="tomcatThreadPool"
protocol="org.apache.coyote.http11.Http11Nio2Protocol"
sslImplementationName="org.apache.tomcat.util.net.jsse.JSSEImplementation"
            address="0.0.0.0" port="8443" maxHttpHeaderSize="8192"
maxThreads="150" minSpareThreads="25" enableLookups="false"
acceptCount="100" connectionTimeout="20000"
            disableUploadTimeout="true" compression="on"
compressionMinSize="2048" noCompressionUserAgents="gozilla, traviata"
SSLEnabled="true" scheme="https">
            <UpgradeProtocol
className="org.apache.coyote.http2.Http2Protocol" />
            <SSLHostConfig hostName="appsrv.lan" protocols="TLSv1.2">
                <Certificate
certificateKeystoreFile="/home/appsrv/etc/tomcat.p12"
certificateKeystoreType="PKCS12" certificateKeystorePassword="password" />
            </SSLHostConfig>
        </Connector>
</code>

So, what am I doing wrong here?
________________________________________________

Kevin Huntly
Email: [email protected]
________________________________________________

-----BEGIN GEEK CODE BLOCK-----
Version: 1.0
GCS/IT d+ s a C++ UL+++$ P+(++) L+++ E---
W+++ N+ o K(+) w--- O- M-- V-- PS+ PE Y(+)
PGP++(+++) t+ 5-- X-- R+ tv+ b++  DI++ D++
G++ e(+) h--- r+++ y+++*
------END GEEK CODE BLOCK------

Reply via email to