Unable to load certificate key C:apache-tomcat-8.5.38conf/abc.key (error:0909006C:PEM routines:get_name:no start line)

Question

Need help on below error: Just added a new certificate and copied key , chain and crt to /conf. after starting the tomcat getting below error.

I read in blog that needs to add native="false" in subsystem , may i know whee that needs to be added.

<Connector port="8443" protocol="org.apache.coyote.http11.Http11AprProtocol"
               maxThreads="150" SSLEnabled="true" >
        <UpgradeProtocol className="org.apache.coyote.http2.Http2Protocol" />
        <SSLHostConfig>
            <Certificate certificateKeyFile="conf/abc.key"
                         certificateFile="conf/abc.crt"
                         certificateChainFile="conf/abc.chn"
                         type="RSA" />
            <subsystem   native="false"  />
        </SSLHostConfig>
    </Connector>

02-May-2019 05:28:31.955 SEVERE [main] org.apache.catalina.core.StandardService.initInternal Failed to initialize connector [Connector[org.apache.coyote.http11.Http11AprProtocol-8443]]
 org.apache.catalina.LifecycleException: Failed to initialize component [Connector[org.apache.coyote.http11.Http11AprProtocol-8443]]
    at org.apache.catalina.util.LifecycleBase.init(LifecycleBase.java:112)
    at org.apache.catalina.core.StandardService.initInternal(StandardService.java:552)
    at org.apache.catalina.util.LifecycleBase.init(LifecycleBase.java:107)
    at org.apache.catalina.core.StandardServer.initInternal(StandardServer.java:875)
    at org.apache.catalina.util.LifecycleBase.init(LifecycleBase.java:107)
    at org.apache.catalina.startup.Catalina.load(Catalina.java:639)
    at org.apache.catalina.startup.Catalina.load(Catalina.java:662)
    at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
    at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
    at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
    at java.lang.reflect.Method.invoke(Method.java:498)
    at org.apache.catalina.startup.Bootstrap.load(Bootstrap.java:309)
    at org.apache.catalina.startup.Bootstrap.main(Bootstrap.java:492)
Caused by: org.apache.catalina.LifecycleException: Protocol handler initialization failed
    at org.apache.catalina.connector.Connector.initInternal(Connector.java:995)
    at org.apache.catalina.util.LifecycleBase.init(LifecycleBase.java:107)
    ... 12 more
Caused by: java.lang.Exception: Unable to load certificate key C:\apache-tomcat-8.5.38\conf/ltrkarkvm657.mgmt.windstream.net.key (error:0909006C:PEM routines:get_name:no start line)
    at org.apache.tomcat.jni.SSLContext.setCertificate(Native Method)
    at org.apache.tomcat.util.net.AprEndpoint.createSSLContext(AprEndpoint.java:503)
    at org.apache.tomcat.util.net.AprEndpoint.bind(AprEndpoint.java:376)
    at org.apache.tomcat.util.net.AbstractEndpoint.init(AbstractEndpoint.java:1087)
    at org.apache.coyote.AbstractProtocol.init(AbstractProtocol.java:581)
    at org.apache.coyote.http11.AbstractHttp11Protocol.init(AbstractHttp11Protocol.java:68)
    at org.apache.catalina.connector.Connector.initInternal(Connector.java:993)
    ... 13 more

score 1 · Answer 1 · answered May 02 '19 at 14:11

1

Convert all the files (crt, chain, key) to PEM format. For example they wouldn't work in CER format. Make sure that each of the files contain lines that include strings BEGIN and END.

answered May 02 '19 at 14:11

kubanczyk

13,812
5
41
55

Unable to load certificate key C:apache-tomcat-8.5.38conf/abc.key (error:0909006C:PEM routines:get_name:no start line)

1 Answers1