Re: Tomcat7 APR Connectors Config: Unable to load certificate key conf/key1cert.pem

Goo Sam Kong Wed, 24 Nov 2010 01:11:09 -0800

Hi Scott,

My working HTTPS connector using APR settings as below:


    <Connector port="8443"
               protocol="org.apache.coyote.http11.Http11AprProtocol"
               SSLEnabled="true"
               maxThreads="150"
               scheme="https"
               secure="true"
               SSLCertificateFile="C:\usr\tomcat\tomcat.crt"
               SSLCertificateKeyFile="C:\usr\tomcat\tomcat.key"
               SSLPassword="123456"
    />

Try to remove SSLEngine attribute and add protocol attribute, then re-start
Tomcat.

2010/11/24 Scott Li <scott...@gwghk.com>

> Hi All,
>    I followed  the instruction below
>
> http://tomcat.apache.org/tomcat-7.0-doc/config/http.html#SSL_Support
>   to config Tomcat7's *APR Connectors *SSL, but get error:
>
> Error initializing endpoint
> java.lang.Exception: Unable to load certificate key conf/key1cert.pem
> (error:02001003:system library:fopen:No such process)
>
> and the steps as follow,
>
> step 1:
> D:\OpenSSL-Win32\bin>openssl
>  genrsa -des3 -out key1.pem 2048
>
> enter pwd: test, to get a file : key1.pem
>
> step 2:
> req -new -x509 -key key1.pem -out key1cert.pem -days 1095
>
> to get another file : key1cert.pem
>
> step 3:
> put these two files to apache-tomcat-7.0.4\conf
>
> step 4:
> update server.xml as follow:
>
> <?xml version='1.0' encoding='utf-8'?>
> <Server port="8005" shutdown="SHUTDOWN">
>  <Listener className="org.apache.catalina.core.AprLifecycleListener"
> SSLEngine="on" />
>  <Listener className="org.apache.catalina.core.JasperListener" />
>  <Listener
> className="org.apache.catalina.core.JreMemoryLeakPreventionListener" />
>  <Listener
> className="org.apache.catalina.mbeans.GlobalResourcesLifecycleListener" />
>  <GlobalNamingResources>
>    <Resource name="UserDatabase" auth="Container"
>              type="org.apache.catalina.UserDatabase"
>              description="User database that can be updated and saved"
>              factory="org.apache.catalina.users.MemoryUserDatabaseFactory"
>              pathname="conf/tomcat-users.xml" />
>  </GlobalNamingResources>
>  <!--SSLEnabled="true"
> protocol="org.apache.coyote.http11.Http11AprProtocol"-->
>  <Service name="Catalina">
>  <Connector port="443" maxHttpHeaderSize="8192"
>   maxThreads="150" minSpareThreads="25"
>   enableLookups="false" disableUploadTimeout="true"
>   acceptCount="100" scheme="https" secure="true"
>   clientAuth="false" sslProtocol="TLSv1"
>   SSLEnabled="true" SSLEngine="on"
>   SSLCertificateFile="conf/key1.pem"
>   SSLCertificateKeyFile="conf/key1cert.pem"
>   SSLPassword="test"
>  />
>
>  <Connector port="8009" enableLookups="false" redirectPort="443"
> protocol="AJP/1.3" />
>
>    <Engine name="Catalina" defaultHost="localhost">
>      <Realm className="org.apache.catalina.realm.LockOutRealm">
>        <Realm className="org.apache.catalina.realm.UserDatabaseRealm"
>               resourceName="UserDatabase"/>
>      </Realm>
>      <Host name="localhost"  appBase="webapps"
>            unpackWARs="true" autoDeploy="true">
>        <Valve className="org.apache.catalina.valves.AccessLogValve"
> directory="logs"
>               prefix="localhost_access_log." suffix=".txt"
>               pattern="%h %l %u %t &quot;%r&quot; %s %b"
> resolveHosts="false"/>
>      </Host>
>    </Engine>
>  </Service>
> </Server>
>
> step 5:
> start tomcat, and result:
>
> 2010-11-24 16:21:13 org.apache.coyote.http11.Http11AprProtocol init
> 严重: Error initializing endpoint
> java.lang.Exception: Unable to load certificate key conf/key1cert.pem
> (error:02001003:system library:fopen:No such process)
>  at org.apache.tomcat.jni.SSLContext.setCertificate(Native Method)
>  at org.apache.tomcat.util.net.AprEndpoint.init(AprEndpoint.java:501)
>  at
> org.apache.coyote.http11.Http11AprProtocol.init(Http11AprProtocol.java:80)
>  at
> org.apache.catalina.connector.Connector.initInternal(Connector.java:873)
>  at org.apache.catalina.util.LifecycleBase.init(LifecycleBase.java:100)
>  at
>
> org.apache.catalina.core.StandardService.initInternal(StandardService.java:542)
>  at org.apache.catalina.util.LifecycleBase.init(LifecycleBase.java:100)
>  at
>
> org.apache.catalina.core.StandardServer.initInternal(StandardServer.java:717)
>  at org.apache.catalina.util.LifecycleBase.init(LifecycleBase.java:100)
>  at org.apache.catalina.startup.Catalina.load(Catalina.java:544)
>  at org.apache.catalina.startup.Catalina.load(Catalina.java:567)
>  at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
>  at
>
> sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
>  at
>
> sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
>  at java.lang.reflect.Method.invoke(Method.java:597)
>  at org.apache.catalina.startup.Bootstrap.load(Bootstrap.java:262)
>  at org.apache.catalina.startup.Bootstrap.main(Bootstrap.java:417)
> 2010-11-24 16:21:13 org.apache.catalina.core.StandardService initInternal
> 严重: Failed to initialize connector [Connector[HTTP/1.1-443]]
> LifecycleException:  Protocol handler initialization failed:
> java.lang.Exception: Unable to load certificate key conf/key1cert.pem
> (error:02001003:system library:fopen:No such process)
>  at
> org.apache.catalina.connector.Connector.initInternal(Connector.java:875)
>  at org.apache.catalina.util.LifecycleBase.init(LifecycleBase.java:100)
>  at
>
> org.apache.catalina.core.StandardService.initInternal(StandardService.java:542)
>  at org.apache.catalina.util.LifecycleBase.init(LifecycleBase.java:100)
>  at
>
> org.apache.catalina.core.StandardServer.initInternal(StandardServer.java:717)
>  at org.apache.catalina.util.LifecycleBase.init(LifecycleBase.java:100)
>  at org.apache.catalina.startup.Catalina.load(Catalina.java:544)
>  at org.apache.catalina.startup.Catalina.load(Catalina.java:567)
>  at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
>  at
>
> sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
>  at
>
> sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
>  at java.lang.reflect.Method.invoke(Method.java:597)
>  at org.apache.catalina.startup.Bootstrap.load(Bootstrap.java:262)
>  at org.apache.catalina.startup.Bootstrap.main(Bootstrap.java:417)
> 2010-11-24 16:21:13 org.apache.coyote.ajp.AjpAprProtocol init
> 严重: Error initializing endpoint
> java.lang.Exception: Socket bind failed: [730048]
> ??????????????????×??????(Э??é/??????????????/??????)????????í????
>  at org.apache.tomcat.util.net.AprEndpoint.init(AprEndpoint.java:412)
>  at org.apache.coyote.ajp.AjpAprProtocol.init(AjpAprProtocol.java:89)
>
>
> anyone can give me some tips?
>
>
> Thanks & Regards,
>
> Scott Li
>

Re: Tomcat7 APR Connectors Config: Unable to load certificate key conf/key1cert.pem

Reply via email to