Hi,
I have renewed the host certificate on the APEL accounting archiver and tried to re-start the tomcat, then the flexy archiver service.
The certificate looks fine and has been copied to the various locations. But, we have lots of certificate related errors when starting tomcat services.
Any suggestions?
Dave
[root@goc01 grid-security]# ls -l `locate hostkey`
-r-------- 1 root root 1202 Dec 6 10:41 /etc/grid-security/hostkey.pem
-r-------- 1 tomcat4 tomcat4 1202 Dec 6 10:46 /etc/tomcat5/hostkey.pem
-r-------- 1 rgma rgma 1202 Dec 6 10:45 /opt/glite/var/rgma/.certs/hostkey.pem
[root@goc01 grid-security]# ls -l `locate hostcert`
-r-------- 1 root root 1989 Dec 6 10:40 /etc/grid-security/hostcert.pem
-r-------- 1 tomcat4 tomcat4 1989 Dec 6 10:44 /etc/tomcat5/hostcert.pem
-r-------- 1 rgma rgma 1989 Dec 6 10:45 /opt/glite/var/rgma/.certs/hostcert.pem
[root@goc01 grid-security]# openssl verify -CApath /etc/grid-security/certificates/ hostcert.pem
hostcert.pem: OK
[root@goc01 grid-security]# tail -150 /usr/share/tomcat5/logs/catalina.out | less
INFO: Installing web application at context path /webdav from URL file:/var/lib/tomcat5/webapps/webdav
java.io.IOException: problem creating RSA private key: java.io.IOException: No password finder specified, but a password is required
at org.bouncycastle.openssl.PEMReader.readObject(PEMReader.java:113)
at org.glite.security.util.PrivateKeyReader.read(PrivateKeyReader.java:78)
at org.glite.security.util.KeyStoreGenerator.generate(KeyStoreGenerator.java:59)
at org.glite.security.trustmanager.UpdatingKeyManager.loadKeystore(UpdatingKeyManager.java:190)
at org.glite.security.trustmanager.UpdatingKeyManager.<init>(UpdatingKeyManager.java:106)
at org.glite.security.trustmanager.ContextWrapper.initKeyManagers(ContextWrapper.java:338)
at org.glite.security.trustmanager.ContextWrapper.init(ContextWrapper.java:285)
at org.glite.security.trustmanager.ContextWrapper.<init>(ContextWrapper.java:161)
at org.glite.security.trustmanager.tomcat.TMSSLServerSocketFactory.initProxy(TMSSLServerSocketFactory.java:298)
at org.glite.security.trustmanager.tomcat.TMSSLServerSocketFactory.init(TMSSLServerSocketFactory.java:185)
at org.glite.security.trustmanager.tomcat.TMSSLServerSocketFactory.createSocket(TMSSLServerSocketFactory.java:106)
at org.apache.tomcat.util.net.PoolTcpEndpoint.initEndpoint(PoolTcpEndpoint.java:259)
at org.apache.tomcat.util.net.PoolTcpEndpoint.startEndpoint(PoolTcpEndpoint.java:281)
at org.apache.coyote.http11.Http11Protocol.start(Http11Protocol.java:171)
at org.apache.coyote.tomcat5.CoyoteConnector.start(CoyoteConnector.java:1527)
at org.apache.catalina.core.StandardService.start(StandardService.java:489)
at org.apache.catalina.core.StandardServer.start(StandardServer.java:2313)
at org.apache.catalina.startup.Catalina.start(Catalina.java:556)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
at java.lang.reflect.Method.invoke(Method.java:324)
at org.apache.catalina.startup.Bootstrap.start(Bootstrap.java:287)
at org.apache.catalina.startup.Bootstrap.main(Bootstrap.java:425)
SEVERE: Server socket factory creation failed: java.security.cert.CertificateException: Identity reading failed: problem creating RSA private key: jav
a.io.IOException: No password finder specified, but a password is required
java.security.cert.CertificateException: Identity reading failed: problem creating RSA private key: java.io.IOException: No password finder specified,
but a password is required
at org.glite.security.trustmanager.UpdatingKeyManager.loadKeystore(UpdatingKeyManager.java:216)
at org.glite.security.trustmanager.UpdatingKeyManager.<init>(UpdatingKeyManager.java:106)
at org.glite.security.trustmanager.ContextWrapper.initKeyManagers(ContextWrapper.java:338)
at org.glite.security.trustmanager.ContextWrapper.init(ContextWrapper.java:285)
at org.glite.security.trustmanager.ContextWrapper.<init>(ContextWrapper.java:161)
at org.glite.security.trustmanager.tomcat.TMSSLServerSocketFactory.initProxy(TMSSLServerSocketFactory.java:298)
at org.glite.security.trustmanager.tomcat.TMSSLServerSocketFactory.init(TMSSLServerSocketFactory.java:185)
at org.glite.security.trustmanager.tomcat.TMSSLServerSocketFactory.createSocket(TMSSLServerSocketFactory.java:106)
at org.apache.tomcat.util.net.PoolTcpEndpoint.initEndpoint(PoolTcpEndpoint.java:259)
at org.apache.tomcat.util.net.PoolTcpEndpoint.startEndpoint(PoolTcpEndpoint.java:281)
at org.apache.coyote.http11.Http11Protocol.start(Http11Protocol.java:171)
at org.apache.coyote.tomcat5.CoyoteConnector.start(CoyoteConnector.java:1527)
at org.apache.catalina.core.StandardService.start(StandardService.java:489)
at org.apache.catalina.core.StandardServer.start(StandardServer.java:2313)
at org.apache.catalina.startup.Catalina.start(Catalina.java:556)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
at java.lang.reflect.Method.invoke(Method.java:324)
at org.apache.catalina.startup.Bootstrap.start(Bootstrap.java:287)
at org.apache.catalina.startup.Bootstrap.main(Bootstrap.java:425)
06-Dec-2006 12:50:57 org.apache.coyote.http11.Http11Protocol start
|