[openssl-users] Facing issue while configuring SSL

Devendra Sengar dssengar at gmail.com
Tue Jul 12 13:18:37 UTC 2016


Hi,

Even i tried after putting the libeay32.dll and ssleay32.dll after
downloading from the sites like https://indy.fulgan.com/SSL/
But still i am getting the same error:

SEVERE: Failed to initialize end point associated with ProtocolHandler
["http-apr-443"]
java.lang.Exception: Unable to load certificate key conf/localhost-key.pem
(error:02001003:system library:fopen:No such process)

Even tried after putting the Apache Web server dll's just to test but that
also not work as for apache everything is working so just randomly test it.

Any other suggestion?

Thanks,
Devendra

On Tue, Jul 12, 2016 at 3:12 PM, Jakob Bohm <jb-openssl at wisemo.com> wrote:

> On 12/07/2016 10:55, Devendra Sengar wrote:
>
> Hi,
>
> This is regarding the configuration of Tomcat SSL using the APR library on
> Java 6.
>
> While starting the server I am getting the below error:
>
> SEVERE: Failed to initialize end point associated with ProtocolHandler
> ["http-apr-443"]
> java.lang.Exception: Unable to load certificate key conf/localhost-key.pem
> (error:02001003:system library:fopen:No such process)
>
> Not sure if Tomcat is using OpenSSL or not...
>
> I am trying to implement SSL using independent libraries for OpenSSL,
> Tomcat Native and Apache Portable Runtime.
>
> I have downloaded precompiled versions of OpenSSL and Tomcat Native (see
> them attached). I have tried compiling the Apache Portable Runtime using
> Visual Studio (find it also attached).
>
> I am running those libraries on either Tomcat 7.0.6 or 7.0.70 64-bit for
> Windows (using the 64-bit distro, not the installer one).
>
> We are restricted by our applicatioin to use Oracle Java 6 Updated 115
> 64-bit.
>
> That is really unfortunate, given that I don't think there
> are current security updates for Java 1.6 (maybe there is
> if you pay Oracle for an expensive license/subscription).
>
>
> The versions of the libraries I am using are the latest available online,
> again see the binaries attached.
>
> The parameters used in the server.xml file are:
>
> For Tomcat 7.0.6:
> <Connector
>    protocol="org.apache.coyote.http11.Http11AprProtocol"
>    port="443" maxThreads="200"
>    scheme="https" secure="true" SSLEnabled="true"
>    SSLCertificateFile="conf/localhost-cert.pem"
>    SSLCertificateKeyFile="conf/localhost-key.pem"
>    SSLCertificateChainFile="conf/ca.crt"
>    SSLVerifyClient="optional" SSLProtocol="TLSv1"
>    SSLCipherSuite="HIGH:!aNULL:!eNULL:!EXPORT:!DES:!RC4:!MD5:!kRSA"/>
>
> For Tomcat 7.0.70
>
> <Connector
>    protocol="org.apache.coyote.http11.Http11AprProtocol"
>    port="443" maxThreads="200"
>    scheme="https" secure="true" SSLEnabled="true"
>    SSLCertificateFile="conf/localhost-cert.pem"
>    SSLCertificateKeyFile="conf/localhost-key.pem"
>    SSLCertificateChainFile="conf/ca.crt"
>    SSLVerifyClient="optional" SSLProtocol="TLSv1_2"
>    SSLCipherSuite="HIGH:!aNULL:!eNULL:!EXPORT:!DES:!RC4:!MD5:!kRSA"/>
>
> The library files are in the tomcat bin folder as openssl.exe,
> tcnative-1.dll and libapr-1.dll.
>
> tcnative-1.dll:
> https://drive.google.com/file/d/0ByilOlQCXOkWQ1ZCckhodHBvQk0/view?usp=sharing
> openssl.exe:
> https://drive.google.com/file/d/0ByilOlQCXOkWQk9KUUJSb3ZqeW8/view?usp=sharing
> libapr-1.dll:
> https://drive.google.com/file/d/0ByilOlQCXOkWV09NTi0tNWxhZnM/view?usp=sharing
>
> openssl.exe is not the library, it is a command line tool for
> doing various things (such as requesting certificates, converting
> key file formats etc.)
>
> The library consists of two files with .dll file extension,
> libeay32.dll for basic crypto and ssleay32.dll for the actual
> SSL/TLS code.
>
>
> The same certificates files mentioned in the server.xml file were used and
> work in a brand new Apache web server.
>
> Please let us know your opinion of what can cause those errors?
>
> Can it be because of a APR dll not compiled properly?
>
> Any other idea?
>
>
> Enjoy
>
> Jakob
> --
> Jakob Bohm, CIO, Partner, WiseMo A/S.  https://www.wisemo.com
> Transformervej 29, 2860 Søborg, Denmark.  Direct +45 31 13 16 10
> This public discussion message is non-binding and may contain errors.
> WiseMo - Remote Service Management for PCs, Phones and Embedded
>
>
> --
> openssl-users mailing list
> To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mta.openssl.org/pipermail/openssl-users/attachments/20160712/602dfcd8/attachment-0001.html>


More information about the openssl-users mailing list