Showing results for 
Search instead for 
Did you mean: 
Sign up Log in

Earn badges and make progress

You're on your way to the next level! Join the Kudos program to earn points and save your progress.

Deleted user Avatar
Deleted user

Level 1: Seed

25 / 150 points

Next: Root


1 badge earned


Participate in fun challenges

Challenges come and go, but your rewards stay with you. Do more to earn more!


Gift kudos to your peers

What goes around comes around! Share the love by gifting kudos to your peers.


Rise up in the ranks

Keep earning points to reach the top of the leaderboard. It resets every quarter so you always have a chance!


Come for the products,
stay for the community

The Atlassian Community can help you and your team get more value out of Atlassian products and practices.

Atlassian Community about banner
Community Members
Community Events
Community Groups

Severe error due to SSL Certificate


I installed the SSL certificate in crowd and it worked fine, but as soon as I rebooted the server (wanted to check if crowd was starting automatically), it didn't start back and it was giving me the following error:

SEVERE [main] org.apache.coyote.AbstractProtocol.init Failed to initialize end point associated with ProtocolHandler ["https-jsse-nio-8443"]

ava.lang.IllegalArgumentException: None of the [ciphers] specified are supported by the SSL engine : (and a huge list of ciphers).


I can delete my keystore and start again but I'm just struggling to understand which commands I should use. I need to create a keystore, create a csr and once the certificates are issued, which ones I should import and install?


The connector <crowd installation>/apache-tomcat/conf/server.xml I just followed this documentation:

so it looks like this:

<Connector port="8443" protocol="org.apache.coyote.http11.Http11Protocol"
           maxThreads="150" SSLEnabled="true" scheme="https" secure="true"
           clientAuth="false" sslProtocol="TLS"
           keystoreFile="${user.home}/.keystore" keystorePass="changeit"
           keyAlias="tomcat" keyPass="changeit"/> 

of course the keystoreFile points to my keystore.


Thanks for your help.


1 answer

0 votes
Atlassian Team
Atlassian Team members are employees working across the company in a wide variety of roles.
May 02, 2018

Hi Andrea, 

I have a feeling that the issue is not your keystore, but rather the protocol defined in the connector in server.xml.

Your connector directive looks the same as in the document, but I think the guide may be outdated (will follow up with doc team after we get you sorted). The example connectors in the Tomcat Guide all use other protocols. The example files for other Atlassian products use:


instead of 


The protocol you are using has caused issues with Jira starting up (Tomcat will not start in 7.3 with protocol="org.apache.coyote.http11.Http11Protocol") so I recommend changing it and restarting Crowd. I look forward to hearing the result.



Hi Ann,

I resolved by changing the protocol and added the cyphers.

My connector looks like this:

<Connector port="8443" protocol="org.apache.coyote.http11.Http11NioProtocol"
maxThreads="150" SSLEnabled="true" scheme="https" secure="true"
clientAuth="false" sslProtocols="TLS"
keystoreFile="${user.home}/.keystore" keystorePass="changeit"
keyAlias="tomcat" keyPass="changeit"/>


May I suggest that the documentations should be updated? I spent so many hours on this and it's not easy to troubleshoot.

Also, it would be really appreciated a much more in dept documentation on how to generate the keystore, how to generate the csr and how to import and install the certificates.

It's just a few command lines but there's so many options that it would nice to know which ones are the most accurate and up-to-date ones.



Suggest an answer

Log in or Sign up to answer
AUG Leaders

Atlassian Community Events