Re: [Pki-users] trouble getting 10.6.6 up
Hi Timo,
The key alias should point to the SSL certificate and key in the NSS
database. Could you confirm that you have an "sslserver" certificate?
Could you also show me how the SSL Connector element looks like in
the server.xml? Thanks.
--
Endi S. Dewata
----- Original Message -----
Hi,
I've updated dogtag, jss, tomcatjss, ldapjdk to latest versions on Ubuntu,
and now pkispawn fails and catalina.out has:
SEVERE: Failed to initialize connector
[Connector[org.dogtagpki.tomcat.Http11NioProtocol-8443]]
org.apache.catalina.LifecycleException: Failed to initialize component
[Connector[org.dogtagpki.tomcat.Http11NioPr
otocol-8443]]
at
org.apache.catalina.util.LifecycleBase.init(LifecycleBase.java:113)
at
org.apache.catalina.core.StandardService.initInternal(StandardService.java:549)
at
org.apache.catalina.util.LifecycleBase.init(LifecycleBase.java:107)
at
org.apache.catalina.core.StandardServer.initInternal(StandardServer.java:875)
at
org.apache.catalina.util.LifecycleBase.init(LifecycleBase.java:107)
at org.apache.catalina.startup.Catalina.load(Catalina.java:632)
at org.apache.catalina.startup.Catalina.load(Catalina.java:655)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at
sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
at
sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
at java.lang.reflect.Method.invoke(Method.java:498)
at org.apache.catalina.startup.Bootstrap.load(Bootstrap.java:309)
at org.apache.catalina.startup.Bootstrap.main(Bootstrap.java:492)
Caused by: org.apache.catalina.LifecycleException: Protocol handler
initialization failed
at
org.apache.catalina.connector.Connector.initInternal(Connector.java:996)
at
org.apache.catalina.util.LifecycleBase.init(LifecycleBase.java:107)
... 12 more
Caused by: java.lang.IllegalArgumentException: Alias name [sslserver] does
not identify a key entry
at
org.apache.tomcat.util.net.AbstractJsseEndpoint.createSSLContext(AbstractJsseEndpoint.java:116)
at
org.apache.tomcat.util.net.AbstractJsseEndpoint.initialiseSsl(AbstractJsseEndpoint.java:87)
at org.apache.tomcat.util.net.NioEndpoint.bind(NioEndpoint.java:226)
at
org.apache.tomcat.util.net.AbstractEndpoint.init(AbstractEndpoint.java:1086)
at
org.apache.tomcat.util.net.AbstractJsseEndpoint.init(AbstractJsseEndpoint.java:268)
at org.apache.coyote.AbstractProtocol.init(AbstractProtocol.java:581)
at
org.apache.coyote.http11.AbstractHttp11Protocol.init(AbstractHttp11Protocol.java:68)
at
org.apache.catalina.connector.Connector.initInternal(Connector.java:993)
... 13 more
Caused by: java.io.IOException: Alias name [sslserver] does not identify a
key entry
at
org.apache.tomcat.util.net.jsse.JSSEUtil.getKeyManagers(JSSEUtil.java:229)
at
org.apache.tomcat.util.net.AbstractJsseEndpoint.createSSLContext(AbstractJsseEndpoint.java:114)
... 20 more
so apparently I'm missing something, probably related to PKCS#11 keystore
work..
Also, the 60s timeout waiting for the server to reply doesn't seem to work at
least here:
2018-08-26 19:45:43 pkispawn : INFO ........... checking
https://ubudevel:8443/ca
2018-08-26 20:51:29 pkispawn : ERROR ........... server did not start
after 60s
--
t
_______________________________________________
Pki-users mailing list
Pki-users(a)redhat.com
https://www.redhat.com/mailman/listinfo/pki-users