https://bz.apache.org/bugzilla/show_bug.cgi?id=62479
--- Comment #4 from Nicolas Therrien <nicolas.therr...@motorolasolutions.com> --- I didnt know how to edit the description so I'm putting steps to reproduce here: (on windows ) 1) Extract tomcat 9.0.1 to a folder 2) Change the Generate-Certificates script as to output both p12 and jks formats on the last line (see description). (just copy paste the last line and adjust) 2) Run the Generate-Certificates.ps1 powershell script, with the IP of the machine. 3) Copy the server_truststore.p12, server_truststore.jks and server_keystore.p12 files to the conf folder of the tomcat installation. 4) Overwrite default server.xml file with the one provided in this ticket. 5) Set up tomcat to run as service by calling the service.bat script (see documentation for details, but i think we need to set CATALINA_HOME and the run service.bat install Tomcat9 6) Start the server 7) Open catalina.out and notice the exception about truststore anchors being empty. Server connector failed to start, so any requests sent to the address will timeout. 8) Stop the server 9) Change server.xml as to use jks truststore. 10) Clear the logs 11) Start the server again 12) Open catalina.out and notice how the exception is now gone. Using keystore explorer tool (keystore-explorer.org) it is possible to verify that the contents of both containers are the same. -- You are receiving this mail because: You are the assignee for the bug. --------------------------------------------------------------------- To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
