In the SSL bidirectional handshake configuration for Tomcat, APR is enabled by default in version 6.0.33 (APR is a portable library accessed through JNI, which can improve Tomcat performance and scalability ), therefore, an exception is reported when you use the traditional configuration method (as shown below;
Traditional SSL Configuration:
XML Code
- <Connector Port = "443" protocol = "HTTP/1.1" sslenabled = "true"
- Maxthreads = "150" Scheme = "HTTPS" secure = "true"
- Clientauth = "true" sslprotocol = "TLS"
- Keystorefile = "CONF/keystore/test. jks" keystorepass = "111111"
- Truststorefile = "CONF/keystore/test. jks" truststorepass = "111111"
The exception is as follows:
Java code
- 2011-10-27 9:26:03 org. Apache. Coyote. http11.http11aprprotocol init
- Severe: Error initializing endpoint
- Java. Lang. Exception: no certificate file specified or invalid file format
- At org. Apache. tomcat. JNI. sslcontext. setcertificate (native method)
- At org.apache.tomcat.util.net. aprendpoint. INIT (aprendpoint. Java: 733)
- At org. Apache. Coyote. http11.http11aprprotocol. INIT (http11aprprotocol. Java: 107)
- At org. Apache. Catalina. connector. connector. initialize (connector. Java: 1022)
- At org. Apache. Catalina. Core. standardservice. initialize (standardservice. Java: 703)
- At org. Apache. Catalina. Core. standardserver. initialize (standardserver. Java: 838)
- At org. Apache. Catalina. startup. Catalina. Load (Catalina. Java: 538)
- At org. Apache. Catalina. startup. Catalina. Load (Catalina. Java: 562)
- At sun. Reflect. nativemethodaccessorimpl. invoke0 (native method)
- At sun. Reflect. nativemethodaccessorimpl. Invoke (nativemethodaccessorimpl. Java: 39)
- At sun. Reflect. delegatingmethodaccessorimpl. Invoke (delegatingmethodaccessorimpl. Java: 25)
- At java. Lang. Reflect. method. Invoke (method. Java: 585)
- At org. Apache. Catalina. startup. Bootstrap. Load (Bootstrap. Java: 261)
- At org. Apache. Catalina. startup. Bootstrap. Main (Bootstrap. Java: 413)
- 2011-10-27 9:26:03 org. Apache. Catalina. Core. standardservice initialize
- Severe: failed to initialize connector [connector [http/1.1-443]
- Lifecycleexception: protocol handler initialization failed: Java. Lang. Exception: no certificate file specified or invalid file format
- At org. Apache. Catalina. connector. connector. initialize (connector. Java: 1024)
- At org. Apache. Catalina. Core. standardservice. initialize (standardservice. Java: 703)
- At org. Apache. Catalina. Core. standardserver. initialize (standardserver. Java: 838)
- At org. Apache. Catalina. startup. Catalina. Load (Catalina. Java: 538)
- At org. Apache. Catalina. startup. Catalina. Load (Catalina. Java: 562)
- At sun. Reflect. nativemethodaccessorimpl. invoke0 (native method)
- At sun. Reflect. nativemethodaccessorimpl. Invoke (nativemethodaccessorimpl. Java: 39)
- At sun. Reflect. delegatingmethodaccessorimpl. Invoke (delegatingmethodaccessorimpl. Java: 25)
- At java. Lang. Reflect. method. Invoke (method. Java: 585)
- At org. Apache. Catalina. startup. Bootstrap. Load (Bootstrap. Java: 261)
- At org. Apache. Catalina. startup. Bootstrap. Main (Bootstrap. Java: 413)
The solution is to use the following Configuration:
XML Code
- <Connector Port = "443" protocol = "org. Apache. Coyote. http11.http11protocol" sslenabled = "true"
- Maxthreads = "150" Scheme = "HTTPS" secure = "true"
- Clientauth = "true" sslprotocol = "TLS"
- Keystorefile = "CONF/keystore/testpsira. jks" keystorepass = "111111"
- Truststorefile = "CONF/keystore/testpsira. jks" truststorepass = "111111"
The solution is to replace Protocol = "HTTP/1.1" with protocol = "org. Apache. Coyote. http11.http11protocol;
APR plays a major role in improving Tomcat performance. We recommend that you configure Apr.
Digress:
If you identify whether Tomcat uses APR:
When Tomcat is started, if APR is used, the following information is displayed in the log:
Python code
- Information: Apr capabilities: ipv6 [True], sendfile [True], accept filters [false], random [True].
If APR is not used, a similar message is displayed at startup:
Python code
- Information: The APR based Apache Tomcat native library which allows optimal performance in production environments was not found on the java. Library. Path :...
Tomcat6.0.33 is automatically integrated with APR. Earlier versions are not integrated and need to be manually configured. There are many tutorials on this issue during online search.