I set the Connector properties as
LOGGER.debug("ksPath=>" + ksPath);
httpsConnector.setAttribute("keystoreFile",ksPath);
httpsConnector.setAttribute("keystorePass", keyStorePass);
httpsConnector.setAttribute("clientAuth", "false");
httpsConnector.setAttribute("sslProtocol", "TLS");
httpsConnector.setAttribute("sslEnabledProtocols", tlsProtocols);
httpsConnector.setAttribute("SSLEnabled", true);
Connector defaultConnector = tomcat.getConnector();
defaultConnector.setRedirectPort(port);
What I see in logs (when it runs)
ksPath=>jar:file:/shn/lp/main-1.0-SNAPSHOT-jar-with-dependencies.jar!/my.keystore
However, the deployment fails and I see logs as
SEVERE: Failed to load keystore type JKS with path /shn/lp/jar:file:/shn/lp/main-1.0-SNAPSHOT-jar-with-dependencies.jar!/my.keystore due to /shn/lp/jar:file:/shn/lp/main-1.0-SNAPSHOT-jar-with-dependencies.jar!/my.keystore (No such file or directory)
java.io.FileNotFoundException: /shn/lp/jar:file:/shn/lp/main-1.0-SNAPSHOT-jar-with-dependencies.jar!/my.keystore (No such file or directory)
at java.io.FileInputStream.open(Native Method)
at java.io.FileInputStream.<init>(FileInputStream.java:146)
at org.apache.tomcat.util.net.jsse.JSSESocketFactory.getStore(JSSESocketFactory.java:413)
at org.apache.tomcat.util.net.jsse.JSSESocketFactory.getKeystore(JSSESocketFactory.java:319)
at org.apache.tomcat.util.net.jsse.JSSESocketFactory.getKeyManagers(JSSESocketFactory.java:577)
at org.apache.tomcat.util.net.jsse.JSSESocketFactory.getKeyManagers(JSSESocketFactory.java:517)
at org.apache.tomcat.util.net.jsse.JSSESocketFactory.init(JSSESocketFactory.java:462)
at org.apache.tomcat.util.net.jsse.JSSESocketFactory.createSocket(JSSESocketFactory.java:209)
Observation
jar:file:/shn/lp/main-1.0-SNAPSHOT-jar-with-dependencies.jar!/my.keystore
is different from
/shn/lp/jar:file:/shn/lp/main-1.0-SNAPSHOT-jar-with-dependencies.jar!my.keystore
the latter starts with /shn/lp/
However to assert, I see that the file is infact present in jar
jar -tvf /shn/lp/main-1.0-SNAPSHOT-jar-with-dependencies.jar | grep my.keystore
4704 Tue Jun 09 09:29:26 PDT 2015 my.keystore
What's up with it?
How do I resolve this issue?
Seems it does not understand the protocol, maybe because of the missing leading slash? Have you tried: