1

I'm using an application that comes bundled with Java 1.8.0_77-b03 and Jetty 9.3.3.v20150827. Everything works great until I import my Let's Encrypt certificate into the Jetty JKS. Once I do that, Jetty crashes on start with the error: 

Exception: Starting Jetty failed:
java.net.BindException: Address already in use
[... stackdump ...]

I've confirmed that the ports are free and that I have rights to bind to those ports. If I start Jetty without HTTPs or if I use a default, self-signed, certificate generated by my app then everything works fine.

My Let's Encrypt certificates work with Nginx. I'm using https://gist.github.com/xkr47/920ffe94f6a4c171ee59 or a similar (pem -> pkcs12 -> jks) method to import the certificate.

Is there something that I'm missing that would cause Jetty to crash like this? I've asked google every way that I can think of and gotten nothing. Thanks! :-)

If it matters, I'm doing this on Arch Linux. And the app is Aspect CXP 15. Thanks again!

eeach
  • 11
  • 2
  • `Address already in use` means *something* is using that port. It could be some other program or an old instance of Jetty that didn't die, or you could somehow be getting Jetty to open that port twice. `lsof -i :443 | grep LISTEN` maybe? – DerfK Dec 30 '16 at 21:55
  • Yeah, that's how I confirmed that the ports are clear. Well, lsof -i that is. Here is the output of lsof when CXP is running (with the self-signed cert): [ ooh, character limits... ] and then after it is shutdown: [ both the console dumps are at the URL below. ] if I drop my Let's Encrypt JKS in and start CXP, it'll crash. The console logs do show Jetty starting twice in the problem case. I took that as a re-attempt after the first crash (and just confirmed that by blocking the ports and starting the server). http://pastebin.com/hmLF93Zy – eeach Dec 30 '16 at 22:47

0 Answers0