0

We got from business task to upgrade secure connection between them to TLS 1.3. We are using is Java 8 / WildFly 8.2, so we want to try using Azule OpenJSSE solution there:

https://mvnrepository.com/artifact/org.openjsse

So I installed it on ext directory, add provider to java.security and also add dependency to pom.xml of our project. Nothing special happens, application works correctly. Now I want to try if those changes gave some effect. I have mock application, that trying to emulates somehow one of our client external server.

This is Spring Boot application (2.1.3.RELEASE). If I add to its pom.xml openjsse dependency and change application.properties:

server.ssl.enabled-protocols=TLSv1.3

And I ran it from IntelliJ, it started normally. But if I created package from mvn package and I run this jar normally

java -jar target\mock.jar

I got something like this:


org.apache.catalina.LifecycleException: Protocol handler start failed
        at org.apache.catalina.connector.Connector.startInternal(Connector.java:1008) ~[tomcat-embed-core-9.0.16.jar!/:9.0.16]
        at org.apache.catalina.util.LifecycleBase.start(LifecycleBase.java:183) ~[tomcat-embed-core-9.0.16.jar!/:9.0.16]
        at org.apache.catalina.core.StandardService.addConnector(StandardService.java:226) [tomcat-embed-core-9.0.16.jar!/:9.0.16]
        at org.springframework.boot.web.embedded.tomcat.TomcatWebServer.addPreviouslyRemovedConnectors(TomcatWebServer.java:259) [spring-boot-2.1.3.RELEAS
E.jar!/:2.1.3.RELEASE]
        at org.springframework.boot.web.embedded.tomcat.TomcatWebServer.start(TomcatWebServer.java:197) [spring-boot-2.1.3.RELEASE.jar!/:2.1.3.RELEASE]
        at org.springframework.boot.web.servlet.context.ServletWebServerApplicationContext.startWebServer(ServletWebServerApplicationContext.java:311) [sp
ring-boot-2.1.3.RELEASE.jar!/:2.1.3.RELEASE]
        at org.springframework.boot.web.servlet.context.ServletWebServerApplicationContext.finishRefresh(ServletWebServerApplicationContext.java:164) [spr
ing-boot-2.1.3.RELEASE.jar!/:2.1.3.RELEASE]
        at org.springframework.context.support.AbstractApplicationContext.refresh(AbstractApplicationContext.java:552) [spring-context-5.1.5.RELEASE.jar!/
:5.1.5.RELEASE]
        at org.springframework.boot.web.servlet.context.ServletWebServerApplicationContext.refresh(ServletWebServerApplicationContext.java:142) [spring-bo
ot-2.1.3.RELEASE.jar!/:2.1.3.RELEASE]
        at org.springframework.boot.SpringApplication.refresh(SpringApplication.java:775) [spring-boot-2.1.3.RELEASE.jar!/:2.1.3.RELEASE]
        at org.springframework.boot.SpringApplication.refreshContext(SpringApplication.java:397) [spring-boot-2.1.3.RELEASE.jar!/:2.1.3.RELEASE]
        at org.springframework.boot.SpringApplication.run(SpringApplication.java:316) [spring-boot-2.1.3.RELEASE.jar!/:2.1.3.RELEASE]
        at org.springframework.boot.SpringApplication.run(SpringApplication.java:1260) [spring-boot-2.1.3.RELEASE.jar!/:2.1.3.RELEASE]
        at org.springframework.boot.SpringApplication.run(SpringApplication.java:1248) [spring-boot-2.1.3.RELEASE.jar!/:2.1.3.RELEASE]
        at com.abb.mock.server.mockserver.MockServerApplication.main(MockServerApplication.java:10) [classes!/:0.0.1-SNAPSHOT]
        at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) ~[na:1.8.0_172]
        at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62) ~[na:1.8.0_172]
        at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) ~[na:1.8.0_172]
        at java.lang.reflect.Method.invoke(Method.java:498) ~[na:1.8.0_172]
        at org.springframework.boot.loader.MainMethodRunner.run(MainMethodRunner.java:48) [mock-server-0.0.1-SNAPSHOT.jar:0.0.1-SNAPSHOT]
        at org.springframework.boot.loader.Launcher.launch(Launcher.java:87) [mock-server-0.0.1-SNAPSHOT.jar:0.0.1-SNAPSHOT]
        at org.springframework.boot.loader.Launcher.launch(Launcher.java:50) [mock-server-0.0.1-SNAPSHOT.jar:0.0.1-SNAPSHOT]
        at org.springframework.boot.loader.JarLauncher.main(JarLauncher.java:51) [mock-server-0.0.1-SNAPSHOT.jar:0.0.1-SNAPSHOT]
Caused by: java.lang.IllegalArgumentException: None of the [protocols] specified are supported by the SSL engine : [[TLSv1.3]]
        at org.apache.tomcat.util.net.SSLUtilBase.getEnabled(SSLUtilBase.java:112) ~[tomcat-embed-core-9.0.16.jar!/:9.0.16]
        at org.apache.tomcat.util.net.SSLUtilBase.<init>(SSLUtilBase.java:70) ~[tomcat-embed-core-9.0.16.jar!/:9.0.16]
        at org.apache.tomcat.util.net.jsse.JSSEUtil.<init>(JSSEUtil.java:150) ~[tomcat-embed-core-9.0.16.jar!/:9.0.16]
        at org.apache.tomcat.util.net.jsse.JSSEUtil.<init>(JSSEUtil.java:145) ~[tomcat-embed-core-9.0.16.jar!/:9.0.16]
        at org.apache.tomcat.util.net.jsse.JSSEImplementation.getSSLUtil(JSSEImplementation.java:50) ~[tomcat-embed-core-9.0.16.jar!/:9.0.16]
        at org.apache.tomcat.util.net.AbstractJsseEndpoint.createSSLContext(AbstractJsseEndpoint.java:102) ~[tomcat-embed-core-9.0.16.jar!/:9.0.16]
        at org.apache.tomcat.util.net.AbstractJsseEndpoint.initialiseSsl(AbstractJsseEndpoint.java:85) ~[tomcat-embed-core-9.0.16.jar!/:9.0.16]
        at org.apache.tomcat.util.net.NioEndpoint.bind(NioEndpoint.java:224) ~[tomcat-embed-core-9.0.16.jar!/:9.0.16]
        at org.apache.tomcat.util.net.AbstractEndpoint.bindWithCleanup(AbstractEndpoint.java:1085) ~[tomcat-embed-core-9.0.16.jar!/:9.0.16]
        at org.apache.tomcat.util.net.AbstractEndpoint.start(AbstractEndpoint.java:1171) ~[tomcat-embed-core-9.0.16.jar!/:9.0.16]
        at org.apache.coyote.AbstractProtocol.start(AbstractProtocol.java:568) ~[tomcat-embed-core-9.0.16.jar!/:9.0.16]
        at org.apache.catalina.connector.Connector.startInternal(Connector.java:1005) ~[tomcat-embed-core-9.0.16.jar!/:9.0.16]
        ... 22 common frames omitted

2020-08-12 08:22:13.743  INFO 18368 --- [           main] o.apache.catalina.core.StandardService   : Stopping service [Tomcat]
2020-08-12 08:22:13.760  INFO 18368 --- [           main] ConditionEvaluationReportLoggingListener :

Error starting ApplicationContext. To display the conditions report re-run your application with 'debug' enabled.
2020-08-12 08:22:13.762 ERROR 18368 --- [           main] o.s.b.d.LoggingFailureAnalysisReporter   :

***************************
APPLICATION FAILED TO START
***************************

Description:

The Tomcat connector configured to listen on port 10443 failed to start. The port may already be in use or the connector may be misconfigured.

Action:

Verify the connector's configuration, identify and stop any process that's listening on port 10443, or configure this application to listen on another por
t.

2020-08-12 08:22:13.789  INFO 18368 --- [           main] o.s.s.concurrent.ThreadPoolTaskExecutor  : Shutting down ExecutorService 'applicationTaskExecuto
r'

I dont get it, why there is different. Guys, can you help me? :P

SoftwareJanush
  • 11
  • 2

2 Answers2

0

Your console log contains the line 'The Tomcat connector configured to listen on port 10443 failed to start. The port may already be in use or the connector may be misconfigured.'. Please check if your port is already used and change it. Maybe your application still runs in your IDE and the port is still blocked?

edit: As suggest in comments please also use TLSv1.2 instead of TLSv1.3.

Milgo
  • 2,617
  • 4
  • 22
  • 37
  • In exception os also logged that TLS1.3v is not supported. If you will change in application.properties valid to TLSv.1.2 IT is worki well – SoftwareJanush Aug 12 '20 at 09:47
0

The port 10443 on which you run before is not disconnected properly. Try changing the port number or restarting the system!!

Harisudha
  • 527
  • 5
  • 5
  • Its not true. Even on fresh windows after start its same problem. In stacktrace there is note about that Tomcat not supports TLS 1.3v. after changing that valid on application.properties to TLS 1.2v IT worka correctly – SoftwareJanush Aug 12 '20 at 12:14