Hello,
I'm trying to install a new certificate on our attlasion server.
I have used the guide that is provided on the website (https://confluence.atlassian.com/doc/running-confluence-over-ssl-or-https-161203.html) to generate the CSR, and requested a new certificate using that CSR.
I have imported the website certificate as stated in the guide, and modified the config file, rebooted the server, but the server isn't reachable over https.
additionally i have imported the root and intermediate certificate with the following commands:
keytool -importcert -alias root -file [root certificate] -keystore cacerts
keytool -importcert -alias root -file [root certificate] -keystore [keystore file name]
keytool -importcert -alias intermediate -file [intermediate certificate] -keystore [key store file name]
After this, it still doesnt work.
I'm not sure what i'm doing wrong.
In the logs of the server i can see that:
"java.io.IOException: jsse.invalid_ssl_conf
at org.apache.tomcat.util.net.jsse.JSSESocketFactory.checkConfig(JSSESocketFactory.java:817)
at org.apache.tomcat.util.net.jsse.JSSESocketFactory.init(JSSESocketFactory.java:522)
at org.apache.tomcat.util.net.jsse.JSSESocketFactory.createSocket(JSSESocketFactory.java:156)
at org.apache.tomcat.util.net.JIoEndpoint.init(JIoEndpoint.java:538)
at org.apache.tomcat.util.net.JIoEndpoint.start(JIoEndpoint.java:565)
at org.apache.coyote.http11.Http11Protocol.start(Http11Protocol.java:203)
at org.apache.catalina.connector.Connector.start(Connector.java:1095)
at org.apache.catalina.core.StandardService.start(StandardService.java:540)
at org.apache.catalina.core.StandardServer.start(StandardServer.java:754)
at org.apache.catalina.startup.Catalina.start(Catalina.java:595)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
at java.lang.reflect.Method.invoke(Method.java:597)
at org.apache.catalina.startup.Bootstrap.start(Bootstrap.java:289)
at org.apache.catalina.startup.Bootstrap.main(Bootstrap.java:414)
Caused by: javax.net.ssl.SSLException: No available certificate or key corresponds to the SSL cipher suites which are enabled.
at com.sun.net.ssl.internal.ssl.SSLServerSocketImpl.checkEnabledSuites(SSLServerSocketImpl.java:310)
at com.sun.net.ssl.internal.ssl.SSLServerSocketImpl.accept(SSLServerSocketImpl.java:255)
at org.apache.tomcat.util.net.jsse.JSSESocketFactory.checkConfig(JSSESocketFactory.java:813)
... 15 more
31-okt-2017 13:25:24 org.apache.catalina.core.StandardService start
SEVERE: Failed to start connector [Connector[HTTP/1.1-8443]]
LifecycleException: service.getName(): "Tomcat-Standalone"; Protocol handler start failed: java.io.IOException:
at org.apache.catalina.connector.Connector.start(Connector.java:1102)
at org.apache.catalina.core.StandardService.start(StandardService.java:540)
at org.apache.catalina.core.StandardServer.start(StandardServer.java:754)
at org.apache.catalina.startup.Catalina.start(Catalina.java:595)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
at java.lang.reflect.Method.invoke(Method.java:597)
at org.apache.catalina.startup.Bootstrap.start(Bootstrap.java:289)
at org.apache.catalina.startup.Bootstrap.main(Bootstrap.java:414)
31-okt-2017 13:25:24 org.apache.catalina.startup.Catalina start"
Also i have noticed that the keystore that was used before had the .pcks extension. The one that i've generated has the .keystore extension.
Also as mentioned in the guide i tried to convert them to the pcks12 but without succes.
Thanks in advance.
Kind regards, Jonathan.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.