Problems with java11
by Timo Aaltonen
Hi
I've migrated Debian to use java11 in every component Dogtag needs, but while the tomcat instance seems to get up (to be configured), it can't be properly reached:
2019-01-10 18:00:30 pkispawn : INFO Checking server at https://sid1.leon.tyrell:8443/ca
2019-01-10 18:01:56 pkispawn : ERROR Server unreachable due to SSL error: ("bad handshake: SysCallError(-1, 'Unexpected EOF')",)
2019-01-10 18:01:56 configuration : ERROR Server failed to restart
and there's this on catalina.out:
WARNING: The JSSE TLS 1.3 implementation does not support authentication after the initial handshake and is there
fore incompatible with optional client authentication
SEVERE: Failed to initialize component [Connector[org.dogtagpki.tomcat.Http11NioProtocol-8443]]
org.apache.catalina.LifecycleException: Protocol handler initialization failed
at org.apache.catalina.connector.Connector.initInternal(Connector.java:979)
at org.apache.catalina.util.LifecycleBase.init(LifecycleBase.java:136)
at org.apache.catalina.core.StandardService.initInternal(StandardService.java:535)
at org.apache.catalina.util.LifecycleBase.init(LifecycleBase.java:136)
at org.apache.catalina.core.StandardServer.initInternal(StandardServer.java:1060)
at org.apache.catalina.util.LifecycleBase.init(LifecycleBase.java:136)
at org.apache.catalina.startup.Catalina.load(Catalina.java:588)
at org.apache.catalina.startup.Catalina.load(Catalina.java:611)
at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
at java.base/jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
at java.base/java.lang.reflect.Method.invoke(Method.java:566)
at org.apache.catalina.startup.Bootstrap.load(Bootstrap.java:306)
at org.apache.catalina.startup.Bootstrap.main(Bootstrap.java:491)
Caused by: java.lang.IllegalArgumentException: Alias name [sslserver] does not identify a key entry
at org.apache.tomcat.util.net.AbstractJsseEndpoint.createSSLContext(AbstractJsseEndpoint.java:114)
at org.apache.tomcat.util.net.AbstractJsseEndpoint.initialiseSsl(AbstractJsseEndpoint.java:85)
at org.apache.tomcat.util.net.NioEndpoint.bind(NioEndpoint.java:224)
at org.apache.tomcat.util.net.AbstractEndpoint.bindWithCleanup(AbstractEndpoint.java:1085)
at org.apache.tomcat.util.net.AbstractEndpoint.init(AbstractEndpoint.java:1098)
at org.apache.coyote.AbstractProtocol.init(AbstractProtocol.java:557)
at org.apache.coyote.http11.AbstractHttp11Protocol.init(AbstractHttp11Protocol.java:74)
at org.apache.catalina.connector.Connector.initInternal(Connector.java:976)
... 13 more
Caused by: java.io.IOException: Alias name [sslserver] does not identify a key entry
at org.apache.tomcat.util.net.jsse.JSSEUtil.getKeyManagers(JSSEUtil.java:248)
at org.apache.tomcat.util.net.AbstractJsseEndpoint.createSSLContext(AbstractJsseEndpoint.java:112)
... 20 more
how to fix that? If this is fixed, Dogtag might finally end up in a Debian release :)
--
t
5 years, 11 months