aspose file tools*
The moose likes Tomcat and the fly likes Tomcat SSL configuration issue - java.io.IOException: jsse.invalid_ssl_conf Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login
JavaRanch » Java Forums » Products » Tomcat
Bookmark "Tomcat SSL configuration issue - java.io.IOException: jsse.invalid_ssl_conf" Watch "Tomcat SSL configuration issue - java.io.IOException: jsse.invalid_ssl_conf" New topic
Author

Tomcat SSL configuration issue - java.io.IOException: jsse.invalid_ssl_conf

sammaiah kyatham
Ranch Hand

Joined: Aug 03, 2003
Posts: 104


Hello Guys,

Could you throw some light on this issue:

I have configured the SSL/https port for Tomcat as per the configuration mentioned in Tomcat site

(1)Generated a key using KeyTool
(2)Generated a CSR
(3)Got the Verisign- CA certificate
(4)Imported the CERT using Keytool (successful)
(5)Uncommented the https connector port in tomcat's server.xml


Here is the exception in Catelina log file:
java.io.IOException: jsse.invalid_ssl_conf
at org.apache.tomcat.util.net.jsse.JSSESocketFactory.checkConfig(JSSESocketFactory.java:755)
at org.apache.tomcat.util.net.jsse.JSSESocketFactory.init(JSSESocketFactory.java:460)
at org.apache.tomcat.util.net.jsse.JSSESocketFactory.createSocket(JSSESocketFactory.java:130)
at org.apache.tomcat.util.net.JIoEndpoint.init(JIoEndpoint.java:538)
at org.apache.coyote.http11.Http11Protocol.init(Http11Protocol.java:176)
at org.apache.catalina.connector.Connector.initialize(Connector.java:1014)
at org.apache.catalina.core.StandardService.initialize(StandardService.java:680)
at org.apache.catalina.core.StandardServer.initialize(StandardServer.java:795)
at org.apache.catalina.startup.Catalina.load(Catalina.java:524)
at org.apache.catalina.startup.Catalina.load(Catalina.java:548)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(Unknown Source)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(Unknown Source)
at java.lang.reflect.Method.invoke(Unknown Source)
at org.apache.catalina.startup.Bootstrap.load(Bootstrap.java:261)
at org.apache.catalina.startup.Bootstrap.main(Bootstrap.java:413)
Caused by: javax.net.ssl.SSLException: No available certificate or key corresponds to the SSL cipher suites which are enabled.
at com.sun.net.ssl.internal.ssl.SSLServerSocketImpl.checkEnabledSuites(Unknown Source)
at com.sun.net.ssl.internal.ssl.SSLServerSocketImpl.accept(Unknown Source)
at org.apache.tomcat.util.net.jsse.JSSESocketFactory.checkConfig(JSSESocketFactory.java:751)
... 15 more
Jul 27, 2011 11:11:14 AM org.apache.catalina.startup.Catalina load
SEVERE: Catalina.start
LifecycleException: Protocol handler initialization failed: java.io.IOException: jsse.invalid_ssl_conf
at org.apache.catalina.connector.Connector.initialize(Connector.java:1016)
at org.apache.catalina.core.StandardService.initialize(StandardService.java:680)
at org.apache.catalina.core.StandardServer.initialize(StandardServer.java:795)
at org.apache.catalina.startup.Catalina.load(Catalina.java:524)
at org.apache.catalina.startup.Catalina.load(Catalina.java:548)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(Unknown Source)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(Unknown Source)
at java.lang.reflect.Method.invoke(Unknown Source)
at org.apache.catalina.startup.Bootstrap.load(Bootstrap.java:261)
at org.apache.catalina.startup.Bootstrap.main(Bootstrap.java:413)



I checked the key and the alias tomcat is present in it.
keytool -list -keystore hakioskcheckin2_key -storepass XXXXXX

Keystore type: JKS
Keystore provider: SUN

Your keystore contains 1 entry

tomcat, Jul 26, 2011, trustedCertEntry,
Certificate fingerprint (MD5): -removed intentionally-


Server.xml updated with below:
<Connector port="8443" protocol="HTTP/1.1" SSLEnabled="true"
keystoreFile="C:\Program Files\Java\jre6\bin\hakioskcheckin2_key"
keystorePass="Hawaiian1"
maxThreads="150" scheme="https" secure="true"
clientAuth="false" sslProtocol="TLS" />


Thanks in advance,

Sammaiah
 
I agree. Here's the link: http://aspose.com/file-tools
 
subject: Tomcat SSL configuration issue - java.io.IOException: jsse.invalid_ssl_conf
 
Similar Threads
java.net.SocketException: Permission denied: listen failed
SSLException - No available certificate or key corresponds to the SSL cipher suites which enabled
Unable to start Tomcat in SSL mode?
FIPS compliant Tomcat using JSSE
Startup problem with Tomcat