Hey all, Apache 2.0/Tomcat 5.5/mod_jk installed on RedHat Enterprise Linux ES 4.0.
Our web server has been up and running smoothly for more than 2 years now. This morning I noticed that the websites were down. When I checked the logs, I found the following message: java.io.FileNotFoundException: The file /root/.keystore is not available Sure enough, the /root/.keystore file was missing. I have no clue how that file got deleted in first place. So, I created the keystore file using the following commands: Added the certificate chain file to the keystore (When prompted for the password, I entered 'changeit') : $JAVA_HOME/bin/keytool -import -alias root -trustcacerts -file /etc/httpd/conf/ssl.crt/gd_intermediate_bundle.crt Added the certificate file to the keystore (When prompted for the password, I entered 'changeit'): $JAVA_HOME/bin/keytool -import -alias tomcat -trustcacerts -file /etc/httpd/conf/ssl.crt/_joesdomain.com.crt The above two commands created the /root/.keystore file. I then added the keystoreFile and keystorePass attributes to Tomcat's server.xml file's connector element as follows <Connector className="org.apache.coyote.tomcat5.Coyote-Connector" port="8443" miniProcessors="5" maxProcessors="75" enableLookups="true" disableUploadTimeout="true" acceptCount="100" debug="0" scheme="https" secure="true" clientAuth="false" sslProtocol="TLS" keystoreFile="/root/.keystore" keystorePass="changeit" /> Now, when I restart the web server, the websites seem to be working fine, but the tomcat logs are inundated with the following error message: 2009 Oct 02 / 15:18:29 ERROR - [org.apache.tomcat.util.net.PoolTcpEndpoint] : Endpoint [SSL: ServerSocket[addr=0.0.0.0/0.0.0.0,port=0,localport=8443]] ignored exception: java.net.SocketException: SSL handshake error javax.net.ssl.SSLException: No available certificate or key corresponds to the SSL cipher suites which are enabled. Can a Tomcat/SSL guru please guide me in solving this issue. Thank you! Joe --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org