Workaround Description: Add path to EWS's bin directory to `PATH` env var of the user under which the service runs (SYSTEM by default). project_key: JBEWS STR: 1) Configure SSL as per https://tcms.engineering.redhat.com/case/5559/?from_plan=583 2) Run it using startup.sh, check SSL https://localhost:8443/ 3) Install Tomcat's as services 4) Run it as service 5) Reload https://localhost:8443/ - server is not listening on that port Caused by Tomcat using JSSE, looking for .keystore at incorrect path: {code} SEVERE: Error initializing endpoint java.io.FileNotFoundException: C:\.keystore (The system cannot find the file specified) at java.io.FileInputStream.open(Native Method) at java.io.FileInputStream.<init>(FileInputStream.java:120) at org.apache.tomcat.util.net.jsse.JSSESocketFactory.getStore(JSSESocketFactory.java:325) {code} See attached log.
Attachment: Added: tomcat5-stderr.2011-06-16.log
Link: Added: This issue relates to JBQA-4819
Ondrej, is this a regression from previous build?
When running tomcat as a service you HAVE to explicitly define the keystoreFile="path\.keystore" in the JSSE <connector> or change the service to use a different account then SYSTEM.
Not a regression; I just got to a different environment.
Okay, but the question is, why it's using JSSE? There's no .keystore in C:\Users\** . >From what I can tell, it should use APR based on the current server.xml. How do I persuade Tomcat to use APR then? I read in docs that it's done by SSLEngine="on" http://tomcat.apache.org/tomcat-6.0-doc/apr.html <Listener className="org.apache.catalina.core.AprLifecycleListener" SSLEngine="on" /> Could you please check?
Also, I have set the service to use Administrator account under which I tried startup.sh, and it does not work either. Something is causing Tomcat to use JSSE when run as service.
Now I'm totally lost. Can we discuss that outside the Jira cause this certainly doesn't fall under the Jira category.
Okay, so this is one more thing to add to docs: {quote} The service mode need C:\Program Files\Red Hat\Enterprise Web Server\bin in the system environment PATH to be able to work. {quote} Putting to Release notes. This requirement might be removed in future EWS releases by this: https://issues.apache.org/jira/browse/DAEMON-209
Release Notes Text: Added: On Windows, Tomcat needs to have the `<EWS_HOME>\bin` directory added to the `PATH` env var of the user under which the service runs (SYSTEM by default). Without that, JVM fails to find the `libtcnative-1.dll` and resorts to default JSSE connector for SSL. Through this connector, JVM then fails to find the `.keystore` file under the default location, which is current user's home, which is `C:\` for the SYSTEM user. Due to that, SSL connector does not work. This might be fixed in future Enterprise Web Server release. Workaround Description: Added: Add path to EWS's bin directory to `PATH` env var of the user under which the service runs (SYSTEM by default).
Release Notes Docs Status: Added: Documented as Known Issue Release Notes Text: Removed: On Windows, Tomcat needs to have the `<EWS_HOME>\bin` directory added to the `PATH` env var of the user under which the service runs (SYSTEM by default). Without that, JVM fails to find the `libtcnative-1.dll` and resorts to default JSSE connector for SSL. Through this connector, JVM then fails to find the `.keystore` file under the default location, which is current user's home, which is `C:\` for the SYSTEM user. Due to that, SSL connector does not work. This might be fixed in future Enterprise Web Server release. Added: On Windows, Tomcat needs to have the `<EWS_HOME>\bin` directory added to the `PATH` env var of the user under which the service runs (SYSTEM by default). Without that, JVM fails to find the `libtcnative-1.dll` and resorts to default JSSE connector for SSL. Through this connector, JVM then fails to find the `.keystore` file under the default location, which is current user's home, which is `C:\` for the SYSTEM user. Due to that, SSL connector does not work. This requirement will be removed in future Enterprise Web Server release.
Release Notes Docs Status: Removed: Documented as Known Issue Added: Not Yet Documented Release Notes Text: Removed: On Windows, Tomcat needs to have the `<EWS_HOME>\bin` directory added to the `PATH` env var of the user under which the service runs (SYSTEM by default). Without that, JVM fails to find the `libtcnative-1.dll` and resorts to default JSSE connector for SSL. Through this connector, JVM then fails to find the `.keystore` file under the default location, which is current user's home, which is `C:\` for the SYSTEM user. Due to that, SSL connector does not work. This requirement will be removed in future Enterprise Web Server release. Added: **This should go to docs, not Release Notes.** I just don't see a textbox for "just docs". On Windows, Tomcat needs to have the `<EWS_HOME>\bin` directory added to the `PATH` env var of the user under which the service runs (SYSTEM by default). Without that, JVM fails to find the `libtcnative-1.dll` and resorts to default JSSE connector for SSL. Through this connector, JVM then fails to find the `.keystore` file under the default location, which is current user's home, which is `C:\` for the SYSTEM user. Due to that, SSL connector does not work. This requirement will be removed in future Enterprise Web Server release.
This needs to be documented, pls reassign as needed.
Hey Ondrej, I think this might be covered with step 7 of procedure 4.4 here: http://docs.redhat.com/docs/en-US/JBoss_Enterprise_Web_Server/1.0/html/Installation_Guide/sec-Configuring_the_Environment-Win.html
Oh really, good catch! I overlooked it. Maybe it could be "important" or something, I mean, in a box with [!]... but then we could put almost everything into box :) So let it be, sorry for false alarm.
Release Notes Docs Status: Removed: Not Yet Documented Release Notes Text: Removed: **This should go to docs, not Release Notes.** I just don't see a textbox for "just docs". On Windows, Tomcat needs to have the `<EWS_HOME>\bin` directory added to the `PATH` env var of the user under which the service runs (SYSTEM by default). Without that, JVM fails to find the `libtcnative-1.dll` and resorts to default JSSE connector for SSL. Through this connector, JVM then fails to find the `.keystore` file under the default location, which is current user's home, which is `C:\` for the SYSTEM user. Due to that, SSL connector does not work. This requirement will be removed in future Enterprise Web Server release. Docs QE Status: Removed: NEW