Unable to start tomcat9 in SSL mode with Spring Boot 2 and Trust Store

Ajitdas:

I get an error when using both truststore and keystore but without truststore (only keystore), it works fine.

org.apache.catalina.LifecycleException: Protocol handler start failed
    at org.apache.catalina.connector.Connector.startInternal(Connector.java:960) ~[tomcat-embed-core-9.0.12.jar:9.0.12]
    at org.apache.catalina.util.LifecycleBase.start(LifecycleBase.java:183) [tomcat-embed-core-9.0.12.jar:9.0.12]
    at org.apache.catalina.core.StandardService.addConnector(StandardService.java:225) [tomcat-embed-core-9.0.12.jar:9.0.12]
    at org.springframework.boot.web.embedded.tomcat.TomcatWebServer.addPreviouslyRemovedConnectors(TomcatWebServer.java:259) [spring-boot-2.1.0.RELEASE.jar:2.1.0.RELEASE]
    at org.springframework.boot.web.embedded.tomcat.TomcatWebServer.start(TomcatWebServer.java:197) [spring-boot-2.1.0.RELEASE.jar:2.1.0.RELEASE]
    at org.springframework.boot.web.servlet.context.ServletWebServerApplicationContext.startWebServer(ServletWebServerApplicationContext.java:300) [spring-boot-2.1.0.RELEASE.jar:2.1.0.RELEASE]
    at org.springframework.boot.web.servlet.context.ServletWebServerApplicationContext.finishRefresh(ServletWebServerApplicationContext.java:162) [spring-boot-2.1.0.RELEASE.jar:2.1.0.RELEASE]
    at org.springframework.context.support.AbstractApplicationContext.refresh(AbstractApplicationContext.java:549) [spring-context-5.1.2.RELEASE.jar:5.1.2.RELEASE]
    at org.springframework.boot.web.servlet.context.ServletWebServerApplicationContext.refresh(ServletWebServerApplicationContext.java:140) [spring-boot-2.1.0.RELEASE.jar:2.1.0.RELEASE]
    at org.springframework.boot.SpringApplication.refresh(SpringApplication.java:775) [spring-boot-2.1.0.RELEASE.jar:2.1.0.RELEASE]
    at org.springframework.boot.SpringApplication.refreshContext(SpringApplication.java:397) [spring-boot-2.1.0.RELEASE.jar:2.1.0.RELEASE]
    at org.springframework.boot.SpringApplication.run(SpringApplication.java:316) [spring-boot-2.1.0.RELEASE.jar:2.1.0.RELEASE]
    at org.springframework.boot.SpringApplication.run(SpringApplication.java:1260) [spring-boot-2.1.0.RELEASE.jar:2.1.0.RELEASE]
    at org.springframework.boot.SpringApplication.run(SpringApplication.java:1248) [spring-boot-2.1.0.RELEASE.jar:2.1.0.RELEASE]
    at com.anz.cis.lwc.LwcMediationServiceV1Application.main(LwcMediationServiceV1Application.java:20) [classes/:?]
Caused by: java.lang.IllegalArgumentException: the trustAnchors parameter must be non-empty
    at org.apache.tomcat.util.net.AbstractJsseEndpoint.createSSLContext(AbstractJsseEndpoint.java:114) ~[tomcat-embed-core-9.0.12.jar:9.0.12]
    at org.apache.tomcat.util.net.AbstractJsseEndpoint.initialiseSsl(AbstractJsseEndpoint.java:85) ~[tomcat-embed-core-9.0.12.jar:9.0.12]
    at org.apache.tomcat.util.net.NioEndpoint.bind(NioEndpoint.java:224) ~[tomcat-embed-core-9.0.12.jar:9.0.12]
    at org.apache.tomcat.util.net.AbstractEndpoint.start(AbstractEndpoint.java:1108) ~[tomcat-embed-core-9.0.12.jar:9.0.12]
    at org.apache.coyote.AbstractProtocol.start(AbstractProtocol.java:550) ~[tomcat-embed-core-9.0.12.jar:9.0.12]
    at org.apache.catalina.connector.Connector.startInternal(Connector.java:957) ~[tomcat-embed-core-9.0.12.jar:9.0.12]
    ... 14 more
Caused by: java.security.InvalidAlgorithmParameterException: the trustAnchors parameter must be non-empty
    at java.security.cert.PKIXParameters.setTrustAnchors(PKIXParameters.java:200) ~[?:1.8.0_151]
    at java.security.cert.PKIXParameters.<init>(PKIXParameters.java:157) ~[?:1.8.0_151]
    at java.security.cert.PKIXBuilderParameters.<init>(PKIXBuilderParameters.java:130) ~[?:1.8.0_151]
    at org.apache.tomcat.util.net.jsse.JSSEUtil.getParameters(JSSEUtil.java:390) ~[tomcat-embed-core-9.0.12.jar:9.0.12]
    at org.apache.tomcat.util.net.jsse.JSSEUtil.getTrustManagers(JSSEUtil.java:314) ~[tomcat-embed-core-9.0.12.jar:9.0.12]
    at org.apache.tomcat.util.net.AbstractJsseEndpoint.createSSLContext(AbstractJsseEndpoint.java:112) ~[tomcat-embed-core-9.0.12.jar:9.0.12]
    at org.apache.tomcat.util.net.AbstractJsseEndpoint.initialiseSsl(AbstractJsseEndpoint.java:85) ~[tomcat-embed-core-9.0.12.jar:9.0.12]
    at org.apache.tomcat.util.net.NioEndpoint.bind(NioEndpoint.java:224) ~[tomcat-embed-core-9.0.12.jar:9.0.12]
    at org.apache.tomcat.util.net.AbstractEndpoint.start(AbstractEndpoint.java:1108) ~[tomcat-embed-core-9.0.12.jar:9.0.12]
    at org.apache.coyote.AbstractProtocol.start(AbstractProtocol.java:550) ~[tomcat-embed-core-9.0.12.jar:9.0.12]
    at org.apache.catalina.connector.Connector.startInternal(Connector.java:957) ~[tomcat-embed-core-9.0.12.jar:9.0.12]
Phil Webb:

Most likely your truststore file doesn't contain any X509 certificates. If you look at the code java.security.cert.PKIXParameters.<init>from the stack trace , you will see the following:

    Set<TrustAnchor> hashSet = new HashSet<TrustAnchor>();
    Enumeration<String> aliases = keystore.aliases();
    while (aliases.hasMoreElements()) {
        String alias = aliases.nextElement();
        if (keystore.isCertificateEntry(alias)) {
            Certificate cert = keystore.getCertificate(alias);
            if (cert instanceof X509Certificate)
                hashSet.add(new TrustAnchor((X509Certificate)cert, null));
        }
    }
    setTrustAnchors(hashSet);

This seems to indicate that your file does not contain any certificates, or that it does not contain an X509Certificateinstance.

You can check the contents of the file using:

keytool -list -v -keystore keystore.jks

You may also want to check out the Tomcat documentation , which provides detailed instructions on how to create these files.

Related

Spring Boot: WebServerException: Unable to start embedded Tomcat

iCurious: I am trying to run a Spring Boot application and I am getting an exception. I've tried many answers like mvn dependency:purge-local-repository, then run mvn spring-boot:run, update spring boot 2 version, etc, but none of them solve the problem since

Spring Boot: WebServerException: Unable to start embedded Tomcat

iCurious: I am trying to run a Spring Boot application and I am getting an exception. I've tried many answers like mvn dependency:purge-local-repository, then run mvn spring-boot:run, update spring boot 2 version, etc, but none of them solve the problem since

Spring Boot: WebServerException: Unable to start embedded Tomcat

iCurious: I am trying to run a Spring Boot application and I am getting an exception. I've tried many answers like mvn dependency:purge-local-repository, then run mvn spring-boot:run, update spring boot 2 version, etc, but none of them solve the problem since

Unable to start EHCache and Spring Boot

Mark Thomas I'm trying to get a simple Spring Boot project up and running with ehcache and I'm getting an error despite having an ehcache.xml file in the classpath java.lang.IllegalStateException: Failed to load ApplicationContext at org.springframework.test.c

Unable to start EHCache and Spring Boot

Mark Thomas I'm trying to get a simple Spring Boot project up and running with ehcache and I'm getting an error despite having an ehcache.xml file in the classpath java.lang.IllegalStateException: Failed to load ApplicationContext at org.springframework.test.c

Java Webstart Trust Store SSL

SPD: Need some guidance. I have a Java Webstart application and I want it to connect to a server via SSL. Just add a property like: System.setProperty("javax.net.ssl.trustStore", "my.keystore"); however, it doesn't work since the JAWS program is downloading th

Java Webstart Trust Store SSL

SPD: Need some guidance. I have a Java Webstart application and I want it to connect to a server via SSL. Just add a property like: System.setProperty("javax.net.ssl.trustStore", "my.keystore"); however, it doesn't work since the JAWS program is downloading th

Spring Boot: Unable to start embedded Tomcat servlet container

Amar: I am new to spring boot and there is an error in running my app. I am following the tutorial, I believe I have the correct parent dependencies with the POM, please help me Main class: package com.boot; import org.springframework.boot.SpringApplication; i

Unable to start component Tomcat using mvn spring-boot:run

username I can run the web spring-boot application in IntelliJ but it fails: mvn spring-boot:run My application starts: @SpringBootApplication @Import({WebConfigurer.class}) @ComponentScan("com.ed.nlu.qe") @PropertySource({"classpath:boot.properties", "classp

Spring Boot: Unable to start embedded Tomcat servlet container

Amar: I am new to spring boot and there is an error in running my app. I am following the tutorial, I believe I have the correct parent dependencies with the POM, please help me Main class: package com.boot; import org.springframework.boot.SpringApplication; i

Unable to start component Tomcat using mvn spring-boot:run

username I can run the web spring-boot application in IntelliJ but it fails: mvn spring-boot:run My application starts: @SpringBootApplication @Import({WebConfigurer.class}) @ComponentScan("com.ed.nlu.qe") @PropertySource({"classpath:boot.properties", "classp

Unable to run Spring Boot application with SSL

emilpmp: I can't run spring boot application with https. I know that Spring Boot uses an embedded tomcat server Below is the stack trace org.apache.catalina.LifecycleException: Protocol handler start failed at org.apache.catalina.connector.Connector.startI

Unable to run Spring Boot application with SSL

emilpmp: I can't run spring boot application with https. I know that Spring Boot uses an embedded tomcat server Below is the stack trace org.apache.catalina.LifecycleException: Protocol handler start failed at org.apache.catalina.connector.Connector.startI

Unable to run Spring Boot application with SSL

emilpmp: I can't run spring boot application with https. I know that Spring Boot uses an embedded tomcat server Below is the stack trace org.apache.catalina.LifecycleException: Protocol handler start failed at org.apache.catalina.connector.Connector.startI

Unable to run Spring Boot application with SSL

emilpmp: I can't run spring boot application with https. I know that Spring Boot uses an embedded tomcat server Below is the stack trace org.apache.catalina.LifecycleException: Protocol handler start failed at org.apache.catalina.connector.Connector.startI

Unable to run Spring Boot application with SSL

emilpmp: I can't run spring boot application with https. I know that Spring Boot uses an embedded tomcat server Below is the stack trace org.apache.catalina.LifecycleException: Protocol handler start failed at org.apache.catalina.connector.Connector.startI

Unable to start Spring Boot + thymeleaf application in IntelliJ

vanilla I can't start a Spring Boot based application with thymeleaf in IntelliJ. I have my project in maven and when I start it from command line: java -jar myProject.war everything is normal. But when I configure to run the application in the IDE, I get the

Unable to start Spring Boot web application

Laporte I'm trying to create a basic application that will use Spring Bootand reactive programming(and without web.xml) this is mineservlet public class RootServlet extends ServletHttpHandlerAdapter { public RootServlet(HttpHandler httpHandler) { s

Unable to start Spring Boot web application

Laporte I'm trying to create a basic application that will use Spring Bootand reactive programming(and without web.xml) this is mineservlet public class RootServlet extends ServletHttpHandlerAdapter { public RootServlet(HttpHandler httpHandler) { s

Unable to start Spring Boot + thymeleaf application in IntelliJ

vanilla I can't start a Spring Boot based application with thymeleaf in IntelliJ. I have my project in maven and when I start it from command line: java -jar myProject.war everything is normal. But when I configure to run the application in the IDE, I get the

Unable to start Spring Boot web application

Laporte I'm trying to create a basic application that will use Spring Bootand reactive programming(and without web.xml) this is mineservlet public class RootServlet extends ServletHttpHandlerAdapter { public RootServlet(HttpHandler httpHandler) { s

Unable to start Spring Boot + thymeleaf application in IntelliJ

vanilla I can't start a Spring Boot based application with thymeleaf in IntelliJ. I have my project in maven and when I start it from command line: java -jar myProject.war everything is normal. But when I configure to run the application in the IDE, I get the

Unable to start Spring Boot web application

Laporte I'm trying to create a basic application that will use Spring Bootand reactive programming(and without web.xml) this is mineservlet public class RootServlet extends ServletHttpHandlerAdapter { public RootServlet(HttpHandler httpHandler) { s