cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 

This product reached the end of support date on March 31, 2021.

HTTPS enabled CAS 2017 fails to start

andre_vdveen
DynaMight Pro
DynaMight Pro

I've done a fresh CAS 2017 installation and opted to SSL enable it using a self signed key; the installation completed without errors or warnings.

When I start up the CAS, it never starts and I see the following in the server.log:

T HTTP17-06-21 10:02:55.233Starting HTTP server ...
W JUL17-06-21 10:02:56.314WARNING:org.apache.tomcat.util.net.SSLHostConfig:setProperty:<The property [disableSessionTickets] was set on the SSLHostConfig named [_default_] and is for connectors of type [OPENSSL] but the SSLHostConfig is being used with a connector of type [JSSE]>
W JUL17-06-21 10:02:56.336WARNING:org.apache.tomcat.util.net.SSLHostConfig:setProperty:<The property [disableSessionTickets] was set on the SSLHostConfig named [_default_] and is for connectors of type [OPENSSL] but the SSLHostConfig is being used with a connector of type [JSSE]>
T JUL17-06-21 10:02:56.343INFO:org.apache.catalina.core.AprLifecycleListener:lifecycleEvent:<Loaded APR based Apache Tomcat Native library 1.2.12 using APR version 1.5.2.>
T JUL17-06-21 10:02:56.343INFO:org.apache.catalina.core.AprLifecycleListener:lifecycleEvent:<APR capabilities: IPv6 [true], sendfile [true], accept filters [false], random [true].>
T JUL17-06-21 10:02:56.343INFO:org.apache.catalina.core.AprLifecycleListener:lifecycleEvent:<APR/OpenSSL configuration: useAprConnector [false], useOpenSSL [true]>
T JUL17-06-21 10:02:57.510INFO:org.apache.catalina.core.AprLifecycleListener:initializeSSL:<OpenSSL successfully initialized (OpenSSL 1.0.2k 26 Jan 2017)>
T JUL17-06-21 10:02:58.405INFO:org.apache.coyote.AbstractProtocol:init:<Initializing ProtocolHandler ["https-openssl-nio-443"]>

No further entries are added to the log after this point.

Any idea what the warning means or how to resolve it? I've reverted back to HTTP connection and CAS starts up fine.

3 REPLIES 3

adam_piotrowicz
Dynatrace Pro
Dynatrace Pro

RDP to CAS machine using

mstsc /console

and see if there is prompt for password if you SSL key is encrypted.

andre_vdveen
DynaMight Pro
DynaMight Pro

No prompt, neither via RDP session or direct console access. I left the tick box 'Remember the Key Password' enabled during setup and provided a key password.

andre_vdveen
DynaMight Pro
DynaMight Pro

I reconfigured it again, this time I left the key password (passphrase) field and confirmation field empty - CAS starts up using port 443. Perhaps a problem with the encryption of the key or reading the saved key password?