On 19 Nov 2011, at 18:44, Eric Kemp <cruisingat90...@gmail.com> wrote:
> Summary: I'm looking for ideas on how to resolve this "Address already > in use" error when configuring SSL in Tomcat APR. > > Environment: > Running Apache Tomcat/6.0.24 > on OS is Ubuntu 10.04.2 LTS > with JVM 1.7.0_01-b08 > > // > // Prior to configuring SSL, and after starting Tomcat I run "netstat > -tulpn" and see that port 8443 is not used: > // > Active Internet connections (only servers) > Proto Recv-Q Send-Q Local Address Foreign Address > State PID/Program name > tcp 0 0 127.0.0.1:3306 0.0.0.0:* > LISTEN 29002/mysqld > tcp 0 0 0.0.0.0:22 0.0.0.0:* > LISTEN 2136/sshd > tcp6 0 0 127.0.0.1:8005 :::* > LISTEN 12796/java > tcp6 0 0 :::8080 :::* > LISTEN 12796/java > tcp6 0 0 :::22 :::* > LISTEN 2136/sshd > udp 0 0 0.0.0.0:68 0.0.0.0:* > 2087/dhclient3 > > // > // I stop Tomcat, and add the following to my server.xml file: > // > <Listener className="org.apache.catalina.core.AprLifecycleListener" > SSLEngine="on" /> > <Connector port="8443" > protocol="org.apache.coyote.http11.Http11AprProtocol" > maxThreads="150" > scheme="https" > secure="true" > clientAuth="false" > sslProtocol="TLS" > SSLEnabled="true" > SSLCertificateKeyFile="/etc/apache2/ssl/myUniqueDomain.com.key" > SSLCACertificateFile="/etc/apache2/ssl/myUniqueDomain.com.ca.crt" /> > > // > // I restart Tomcat, and see the following in the catalina.out file: How are you start/stop/restarting Tomcat - bin/script or service? After calling stop, are you sure Tomcat has actually stopped? p > // > SEVERE: Error starting endpoint > java.lang.Exception: Socket bind failed: [98] Address already in use > at org.apache.tomcat.util.net.AprEndpoint.init(AprEndpoint.java:646) > at org.apache.tomcat.util.net.AprEndpoint.start(AprEndpoint.java:753) > at > org.apache.coyote.http11.Http11AprProtocol.start(Http11AprProtocol.java:137) > at org.apache.catalina.connector.Connector.start(Connector.java:1080) > at > org.apache.catalina.core.StandardService.start(StandardService.java:531) > at > org.apache.catalina.core.StandardServer.start(StandardServer.java:710) > at org.apache.catalina.startup.Catalina.start(Catalina.java:593) > at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) > at > sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:57) > at > sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) > at java.lang.reflect.Method.invoke(Method.java:601) > at org.apache.catalina.startup.Bootstrap.start(Bootstrap.java:289) > at org.apache.catalina.startup.Bootstrap.main(Bootstrap.java:414) > > Nov 19, 2011 11:35:19 AM org.apache.catalina.startup.Catalina start > SEVERE: Catalina.start: > LifecycleException: service.getName(): "Catalina"; Protocol handler > start failed: java.lang.Exception: Socket bind failed: [98] Address > already in use > at org.apache.catalina.connector.Connector.start(Connector.java:1087) > at > org.apache.catalina.core.StandardService.start(StandardService.java:531) > at > org.apache.catalina.core.StandardServer.start(StandardServer.java:710) > at org.apache.catalina.startup.Catalina.start(Catalina.java:593) > at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) > at > sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:57) > at > sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) > at java.lang.reflect.Method.invoke(Method.java:601) > at org.apache.catalina.startup.Bootstrap.start(Bootstrap.java:289) > at org.apache.catalina.startup.Bootstrap.main(Bootstrap.java:414) > > // > // Running "netstat -tulpn" I see that port 8443 is now being used: > // > Active Internet connections (only servers) > Proto Recv-Q Send-Q Local Address Foreign Address > State PID/Program name > tcp 0 0 127.0.0.1:3306 0.0.0.0:* > LISTEN 29002/mysqld > tcp 0 0 0.0.0.0:22 0.0.0.0:* > LISTEN 2136/sshd > tcp6 0 0 127.0.0.1:8005 :::* > LISTEN 10696/java > tcp6 0 0 :::8080 :::* > LISTEN 10696/java > tcp6 0 0 :::22 :::* > LISTEN 2136/sshd > tcp6 0 0 :::8443 :::* > LISTEN 10696/java > udp 0 0 0.0.0.0:68 0.0.0.0:* > 2087/dhclient3 > > If I change <Connector port="8443" to <Connector port="8445", I get > the same error message, and "netstat -tulpn" shows: > tcp6 0 0 :::8445 :::* > LISTEN 10696/java > > I have also tried adding the following to my server.xml as an > attribute to "<Connector " and still get the same error: > SSLCertificateFile="/etc/apache2/ssl/domain.com.crt" > > It appears as if adding a single connector for port 8443 in server.xml > is causing two to attempt to load, thus resulting in a conflict. I've > been searching and reading for two days, looking for ideas on how I > could take this analysis a step further... and am now asking for > ideas. > > If it matters, I generated my OpenSSL certificate signing request for > a commercial SSL certificate via: > openssl req -newkey rsa:2048 -days 365 -nodes -keyout > myUniqueDomain.com.key -out myUniqueDomain.com.csr > > Thanks, Eric Kemp > > --------------------------------------------------------------------- > To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org > For additional commands, e-mail: users-h...@tomcat.apache.org > --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org