Quantcast
Channel: Active questions tagged https - Stack Overflow
Viewing all articles
Browse latest Browse all 1585

Is it possible to enable HTTPS/TLS for Tomcat using OpenSSL without requiring Native Libraries and APR?

$
0
0

I am trying to get HTTPS/TLS enabled for Tomacat (8.x) preferring the OpenSSL alternative because the cert/key configuration is simpler (compared to the usual JSSE with keystore).

Followed the offical documentation and enabled the connector section like this:

<Connector port="8443" protocol="org.apache.coyote.http11.Http11NioProtocol"          sslImplementationName="org.apache.tomcat.util.net.openssl.OpenSSLImplementation"          maxThreads="150" SSLEnabled="true" scheme="https" secure="true"><SSLHostConfig protocols="TLSv1.2"><Certificate                certificateKeyFile="conf/MyKey.key"               certificateFile="conf/MyCertificate.crt"               type="RSA" /></SSLHostConfig></Connector>

NOTE that I am still using Http11NioProtocol and not APR Http11AprProtocol connector.

However, startup fails with this configuration as this combination of configuration seems to require Tomcat native libraries to be built and configured:

14-Jun-2019 10:38:46.363 SEVERE [main] org.apache.catalina.core.StandardService.initInternal Failed to initialize connector [Connector[HTTP/1.1-8443]] org.apache.catalina.LifecycleException: Failed to initialize component [Connector[HTTP/1.1-8443]]    at org.apache.catalina.util.LifecycleBase.init(LifecycleBase.java:112)    at org.apache.catalina.core.StandardService.initInternal(StandardService.java:549)    at org.apache.catalina.util.LifecycleBase.init(LifecycleBase.java:107)    at org.apache.catalina.core.StandardServer.initInternal(StandardServer.java:875)    at org.apache.catalina.util.LifecycleBase.init(LifecycleBase.java:107)    at org.apache.catalina.startup.Catalina.load(Catalina.java:621)    at org.apache.catalina.startup.Catalina.load(Catalina.java:644)    at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)    at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)    at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)    at java.lang.reflect.Method.invoke(Method.java:498)    at org.apache.catalina.startup.Bootstrap.load(Bootstrap.java:309)    at org.apache.catalina.startup.Bootstrap.main(Bootstrap.java:492)Caused by: java.lang.UnsatisfiedLinkError: org.apache.tomcat.jni.Pool.create(J)J    at org.apache.tomcat.jni.Pool.create(Native Method)    at org.apache.tomcat.util.net.openssl.OpenSSLEngine.<clinit>(OpenSSLEngine.java:70)    at org.apache.tomcat.util.net.openssl.OpenSSLUtil.getImplementedProtocols(OpenSSLUtil.java:61)    at org.apache.tomcat.util.net.SSLUtilBase.<init>(SSLUtilBase.java:53)    at org.apache.tomcat.util.net.openssl.OpenSSLUtil.<init>(OpenSSLUtil.java:41)    at org.apache.tomcat.util.net.openssl.OpenSSLImplementation.getSSLUtil(OpenSSLImplementation.java:36)    at org.apache.tomcat.util.net.AbstractJsseEndpoint.createSSLContext(AbstractJsseEndpoint.java:104)    at org.apache.tomcat.util.net.AbstractJsseEndpoint.initialiseSsl(AbstractJsseEndpoint.java:87)    at org.apache.tomcat.util.net.NioEndpoint.bind(NioEndpoint.java:225)    at org.apache.tomcat.util.net.AbstractEndpoint.init(AbstractEndpoint.java:1082)    at org.apache.tomcat.util.net.AbstractJsseEndpoint.init(AbstractJsseEndpoint.java:267)    at org.apache.coyote.AbstractProtocol.init(AbstractProtocol.java:581)    at org.apache.coyote.http11.AbstractHttp11Protocol.init(AbstractHttp11Protocol.java:66)    at org.apache.catalina.connector.Connector.initInternal(Connector.java:993)    at org.apache.catalina.util.LifecycleBase.init(LifecycleBase.java:107)

I did build and install Tomcat native+APR library and configured in Tomcat env class path which fixed the issue, but that is besides the point. Point is, shouldn't APR/native libraries be only required if I am using Http11AprProtocol which I am not using? What am I missing? Any pointers/help will be much appreciated. Thanks!


Viewing all articles
Browse latest Browse all 1585

Trending Articles



<script src="https://jsc.adskeeper.com/r/s/rssing.com.1596347.js" async> </script>