SSL enabled connector keeps appearing in server.xml

Question

When ever I try to run my web application which was running fine before I keep getting the error

 java.lang.IllegalArgumentException: C:\Users\user\.IntelliJIdea2019.2\system\tomcat\projectName\conf\localhost-rsa.jks (The system cannot find the file specified)

So I diged into the problem and found my server.xml

  <Server port="8090" shutdown="SHUTDOWN">
  <Listener className="org.apache.catalina.startup.VersionLoggerListener" />
  <Listener className="org.apache.catalina.core.AprLifecycleListener" SSLEngine="on" />
  <Listener className="org.apache.catalina.core.JreMemoryLeakPreventionListener" />
  <Listener className="org.apache.catalina.mbeans.GlobalResourcesLifecycleListener" />
  <Listener className="org.apache.catalina.core.ThreadLocalLeakPreventionListener" />
  <GlobalNamingResources>
    <Resource name="UserDatabase" auth="Container" type="org.apache.catalina.UserDatabase" description="User database that can be updated and saved" factory="org.apache.catalina.users.MemoryUserDatabaseFactory" pathname="conf/tomcat-users.xml" />
  </GlobalNamingResources>
  <Service name="Catalina">
    <Connector port="8080" protocol="HTTP/1.1" connectionTimeout="20000" redirectPort="8443" />
    <Connector port="8443" protocol="org.apache.coyote.http11.Http11NioProtocol" maxThreads="150" SSLEnabled="true">
      <SSLHostConfig>
        <Certificate certificateKeystoreFile="conf/localhost-rsa.jks" type="RSA" />
      </SSLHostConfig>
    </Connector>
    <Connector port="8009" protocol="AJP/1.3" redirectPort="8443" />
    <Engine name="Catalina" defaultHost="localhost">
      <Realm className="org.apache.catalina.realm.LockOutRealm">
        <Realm className="org.apache.catalina.realm.UserDatabaseRealm" resourceName="UserDatabase" />
      </Realm>
      <Host name="localhost" appBase="C:\Program Files\Apache Software Foundation\Tomcat 9.0\webapps" unpackWARs="true" autoDeploy="true" deployOnStartup="false" deployIgnore="^(?!(manager)|(tomee)$).*">
        <Valve className="org.apache.catalina.valves.AccessLogValve" directory="logs" prefix="localhost_access_log" suffix=".txt" pattern="%h %l %u %t &quot;%r&quot; %s %b" />
      </Host>
    </Engine>
  </Service>
</Server>

Here I think the problem is there is a connector element with port 8443 which refers to the certificate , As I do not need https I remove the connector and restart the server from IntelliJ but the connector re appears and I have'nt specified any https port in run configuration too. What Am I doing wrong ? How could I fix this ?

What path is your server xml located ? Is this the file generated by intellij ? Or do you use from tomcat distribution. Intellj creates its own server xml for tomcat. Where is your tomcat home pointing in intellij Run/Debug configurations ? — s7vr, Mar 03 '20 at 14:24

score 0 · Answer 1 · answered Mar 03 '20 at 06:47

0

Remove redirectPort="8443", redirectPort used for handling https

<Connector port="8009" protocol="AJP/1.3" />

redirect port will come into picture when SSL request will come to the server and since http connector port cannot handle SSL requests it will redirect to the port defined.

answered Mar 03 '20 at 06:47

Ori Marko

56,308
23
131
233

Yeah I tried the same but the redirect port reappears , no matter what I change the server.xml comes to the previous state – Sree Vishnu Mar 03 '20 at 13:57
@SreeVishnu do you use apache server? – Ori Marko Mar 03 '20 at 14:01
Yes I do , version 9.0 – Sree Vishnu Mar 03 '20 at 14:03
@SreeVishnu I mean beside tomcat, apache application server or nginx or similar? – Ori Marko Mar 03 '20 at 14:10
No I do not have . Sorry I misunderstood your question – Sree Vishnu Mar 03 '20 at 14:17
@SreeVishnu remove also line `` – Ori Marko Mar 03 '20 at 14:40

score 0 · Answer 2 · answered Mar 09 '20 at 16:35

Check your project application server settings. Create new application server use that for running app. https://www.jetbrains.com/help/idea/configuring-and-managing-application-server-integration.html

I think you got code from somewhere which has settings for httpd and you cant figure out how to remove it.

score 0 · Answer 3 · answered Mar 09 '20 at 16:37

Check your project application server settings. Create new application server use that for running app. https://www.jetbrains.com/help/idea/configuring-and-managing-application-server-integration.html

I think you got code from somewhere which has settings for httpd and you cant figure out how to remove it. Check for JKS file or create new. JKS stands for Java KeyStore. It is a repository of certificates (signed public keys) and [private] keys. You can export a certificate stored in a JKS file into a separate file. You can use the "keytool" utility found in Java distributions to maintain your JKS trust and key repositories. Like other types of key repositories (e.g., PKCS12, CMS), a JKS repository is protected by a password because it may contain private keys, which must be protected because they are used to decrypt information encrypted by public keys. [Private] keys in repositories are also protected by a "key password," which may be the same as the key repository's password (not a good practice).

The following command would export the certificate associated with the alias/label "mycert" in the JKS file "mykeys.jks". The output file "mycert.cer" would contain the certificate (i.e., the signed public key) only.

keytool -exportcert -rfc -alias mycert -file mycert.cer -keystore mykeys.jks -storepass passw0rd

SSL enabled connector keeps appearing in server.xml

3 Answers3