Shibboleth IDP Installation on Tomcat 8 : Found error java.lang.ClassNotFoundException: net.shibboleth.utilities.ssl.TrustAnyCertificate

Question

I follow the step by step to setup shibboleth idp on tomcat 8 based on this link https://wiki.shibboleth.net/confluence/display/IDP30/ApacheTomcat8

I have successfully installed the shibboleth-idp and build the war file.

And I found error during the launching in tomcat, it said class not found "net.shibboleth.utilities.ssl.TrustAnyCertificate"

Please find my configuration setup below :

Edit file {tomcat_home}/bin/setenv.bat

@echo off
set JAVA_HOME=C:\java\jdk1.7.0_75
set CATALINA_OPTS=-server -Xmx512M -XX:MaxPermSize=128M -Dfile.encoding=utf-8 -Djava.awt.headless=true -Dcom.sun.security.enableCRLDP=true -Didp.home=C:/shibboleth-idp-3.1.1

Edit file {tomcat_home}/conf/server.xml

Connector port="8443" protocol="org.apache.coyote.http11.Http11NioProtocol"
  maxThreads="150" SSLEnabled="true" scheme="https" secure="true"
  clientAuth="want" keystoreFile="C:/shibboleth-idp-3.1.1/credentials/idp-backchannel.p12"
  keystorePass="pass***" keystoreType="PKCS12"
  trustManagerClassName="net.shibboleth.utilities.ssl.TrustAnyCertificate"

However, i got error class not found after i run the tomcat server

30-Apr-2015 11:05:40.161 SEVERE [main] org.apache.coyote.AbstractProtocol.init Failed to initialize end point associated with ProtocolHandler ["http-nio-8443"]
 java.lang.ClassNotFoundException: net.shibboleth.utilities.ssl.TrustAnyCertificate
    at java.net.URLClassLoader$1.run(URLClassLoader.java:366)
    at java.net.URLClassLoader$1.run(URLClassLoader.java:355)
    at java.security.AccessController.doPrivileged(Native Method)
    at java.net.URLClassLoader.findClass(URLClassLoader.java:354)
    at java.lang.ClassLoader.loadClass(ClassLoader.java:425)
    at java.lang.ClassLoader.loadClass(ClassLoader.java:358)
    at org.apache.tomcat.util.net.jsse.JSSESocketFactory.getTrustManagers(JSSESocketFactory.java:635)
    at org.apache.tomcat.util.net.jsse.JSSESocketFactory.getTrustManagers(JSSESocketFactory.java:559)
    at org.apache.tomcat.util.net.NioEndpoint.bind(NioEndpoint.java:357)
    at org.apache.tomcat.util.net.AbstractEndpoint.init(AbstractEndpoint.java:737)
    at org.apache.coyote.AbstractProtocol.init(AbstractProtocol.java:457)
    at org.apache.coyote.http11.AbstractHttp11JsseProtocol.init(AbstractHttp11JsseProtocol.java:120)
    at org.apache.catalina.connector.Connector.initInternal(Connector.java:960)
    at org.apache.catalina.util.LifecycleBase.init(LifecycleBase.java:102)
    at org.apache.catalina.core.StandardService.initInternal(StandardService.java:567)
    at org.apache.catalina.util.LifecycleBase.init(LifecycleBase.java:102)
    at org.apache.catalina.core.StandardServer.initInternal(StandardServer.java:851)
    at org.apache.catalina.util.LifecycleBase.init(LifecycleBase.java:102)
    at org.apache.catalina.startup.Catalina.load(Catalina.java:576)
    at org.apache.catalina.startup.Catalina.load(Catalina.java:599)
    at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
    at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:57)
    at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
    at java.lang.reflect.Method.invoke(Method.java:606)
    at org.apache.catalina.startup.Bootstrap.load(Bootstrap.java:310)
    at org.apache.catalina.startup.Bootstrap.main(Bootstrap.java:484)

Please help me to solve this one, thanks.

Answer 1

You are missing file trustany-ssl-1.0.0.jar in your Tomcat's lib folder. It can be downloaded from this page https://wiki.shibboleth.net/confluence/display/IDP30/ApacheTomcat8 , mentioned as "plugin component that supports the requirements on the back-channel"