cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 

HTTPS enabled CAS 2017 fails to start

I've done a fresh CAS 2017 installation and opted to SSL enable it using a self signed key; the installation completed without errors or warnings.

When I start up the CAS, it never starts and I see the following in the server.log:

T HTTP17-06-21 10:02:55.233Starting HTTP server ...
W JUL17-06-21 10:02:56.314WARNING:org.apache.tomcat.util.net.SSLHostConfig:setProperty:<The property [disableSessionTickets] was set on the SSLHostConfig named [_default_] and is for connectors of type [OPENSSL] but the SSLHostConfig is being used with a connector of type [JSSE]>
W JUL17-06-21 10:02:56.336WARNING:org.apache.tomcat.util.net.SSLHostConfig:setProperty:<The property [disableSessionTickets] was set on the SSLHostConfig named [_default_] and is for connectors of type [OPENSSL] but the SSLHostConfig is being used with a connector of type [JSSE]>
T JUL17-06-21 10:02:56.343INFO:org.apache.catalina.core.AprLifecycleListener:lifecycleEvent:<Loaded APR based Apache Tomcat Native library 1.2.12 using APR version 1.5.2.>
T JUL17-06-21 10:02:56.343INFO:org.apache.catalina.core.AprLifecycleListener:lifecycleEvent:<APR capabilities: IPv6 [true], sendfile [true], accept filters [false], random [true].>
T JUL17-06-21 10:02:56.343INFO:org.apache.catalina.core.AprLifecycleListener:lifecycleEvent:<APR/OpenSSL configuration: useAprConnector [false], useOpenSSL [true]>
T JUL17-06-21 10:02:57.510INFO:org.apache.catalina.core.AprLifecycleListener:initializeSSL:<OpenSSL successfully initialized (OpenSSL 1.0.2k 26 Jan 2017)>
T JUL17-06-21 10:02:58.405INFO:org.apache.coyote.AbstractProtocol:init:<Initializing ProtocolHandler ["https-openssl-nio-443"]>

No further entries are added to the log after this point.

Any idea what the warning means or how to resolve it? I've reverted back to HTTP connection and CAS starts up fine.

3 REPLIES 3

adam_piotrowicz
Dynatrace Pro
Dynatrace Pro

RDP to CAS machine using

mstsc /console

and see if there is prompt for password if you SSL key is encrypted.

No prompt, neither via RDP session or direct console access. I left the tick box 'Remember the Key Password' enabled during setup and provided a key password.

I reconfigured it again, this time I left the key password (passphrase) field and confirmation field empty - CAS starts up using port 443. Perhaps a problem with the encryption of the key or reading the saved key password?