Tomcat connector configured to listen port 8443 failed to start.

[deric-dominic]

I have just downloaded a fresh copy of the docker image for cas, but after doing ./build.sh and ./run.sh , the build is fine, but Tomcat is complaining that 8443 is being occupied in the image itself. Is this normal ? What should I do with it?

---

APPLICATION FAILED TO START

---

Description:

The Tomcat connector configured to listen on port 8443 failed to start. The port may already be in use or the connector may be misconfigured.

Action:

Verify the connector's configuration, identify and stop any process that's listening on port 8443, or configure this application to listen on another port.

[jsamaniegog]

Same problem... i tried version 5.1.6 and 5.1.5.

[kuancz]

same problem, and when i put the war package into offical docker image, same problem again

[cwmoo740]

Same issue - it looks like the error message given is a red herring.

Is it preceded by...

Caused by: java.io.IOException: No aliases for private keys found in key store
        at org.apache.tomcat.util.net.jsse.JSSEUtil.getKeyManagers(JSSEUtil.java:229) ~[tomcat-embed-core-8.5.24.jar!/:8.5.24]
        at org.apache.tomcat.util.net.AbstractJsseEndpoint.createSSLContext(AbstractJsseEndpoint.java:114) ~[tomcat-embed-core-8.5.24.jar!/:8.5.24]
        at org.apache.tomcat.util.net.AbstractJsseEndpoint.initialiseSsl(AbstractJsseEndpoint.java:87) ~[tomcat-embed-core-8.5.24.jar!/:8.5.24]
        at org.apache.tomcat.util.net.NioEndpoint.bind(NioEndpoint.java:225) ~[tomcat-embed-core-8.5.24.jar!/:8.5.24]
        at org.apache.tomcat.util.net.AbstractEndpoint.start(AbstractEndpoint.java:1146) ~[tomcat-embed-core-8.5.24.jar!/:8.5.24]
        at org.apache.coyote.AbstractProtocol.start(AbstractProtocol.java:591) ~[tomcat-embed-core-8.5.24.jar!/:8.5.24]
        at org.apache.catalina.connector.Connector.startInternal(Connector.java:1018) ~[tomcat-embed-core-8.5.24.jar!/:8.5.24]
        at org.apache.catalina.util.LifecycleBase.start(LifecycleBase.java:150) ~[tomcat-embed-core-8.5.24.jar!/:8.5.24]
        ... 20 more
2018-02-08 16:00:12,149 ERROR [org.springframework.boot.diagnostics.LoggingFailureAnalysisReporter] - <

I think this is an issue with certs and keys. Better build instructions in the readme would be really helpful!

[kellenmurphy]

@cwmoo740 is right. If you attempt to use thekeystore that's in the repo you get this error. Or at least I did.

Generate some self-signed certs for your machine, copy those in, and add some RUN statements to the Dockerfile to build your keystore. See https://tomcat.apache.org/tomcat-7.0-doc/ssl-howto.html#Prepare_the_Certificate_Keystore for instructions.

I also updated /etc/cas/config/cas.properties to change the hostname of my box to something DNS knows about...

cas.server.name: https://my-server.my-domain:8443
cas.server.prefix: https://my-server.my-domain:8443/cas

... that got things to a workable starting state for me.

[linkerx]

Hi, i cant get it working. i will apreciate if someone who made it work help me with a list of steps or something. Thanks

[liudonghua123]

I have the same problem after I using v5.2.2

[liudonghua123]

It is the same keystore related issue. see #17 (comment)

[yaponeczka]

me 2 :/

[tcco]

@kellenmurphy in your workable state, what other services have you connected cas to? Also, did you reach the cas gui with https://my-server.my-domain:8443 or could you do so locally as well?

Any guidance helps, am almost off the ground & running

[kellenmurphy]

@tcco All I did with it was connect to a apareo/phpCAS test environment, and configured the LDAP connector.

The CAS gui only appears on /cas... I never thought about changing that to / namely because this was a dev environment for a client that wanted to use the /cas location. I would guess that if you set

cas.server.prefix: https://my-server.my-domain:8443

... then it'd probably run on the root level at that point.

I just checked to see if I still have the AWS snapshot for this instance laying around and I don't, unfortunately. Sorry :-(

[bgaisford]

I followed the steps outlined by @kellenmurphy to create thekeystore for my particular server. Those steps are quite standard for configuring HTTPS for Tomcat (or other Java based servlet container). I also made the updates to cas.properties to add appropriate entries for cas.server.name and cas.server.prefix.

The last thing I had to do was update the Dockerfile to clone a specific branch (5.3 in this case) of the cas-overlay. The Dockerfile on the master branch of this project is cloning the 6.0.x cas-overlay branch by default which is missing assets such as mvnw. The Dockerfile build then tries to execute commands against those missing assets and fails. The updated line within Dockerfile for pulling the 5.3 branch is shown below:

git clone -b 5.3 --depth 1 --single-branch https://github.com/apereo/cas-overlay-template.git cas-overlay

Once I pulled the correct cas-overlay branch, everything worked for me. I was able to successfully build the v.5.3 docker image and get everything up and running. Hopefully this will help others get up and running.

[GTAtWork]

Hey @bgaisford , I'm still experiencing issues to make things working and very much appreciate your input on this. I will give it another try in the morning. Thanks!

[retpolanne]

I got it working on 5.2 (I have cloned the branch 5.2 from the Overlay Template). @liudonghua123's comment #17 (comment) helped here.

I ran this
keytool -genkeypair -alias cas -keyalg RSA -keypass changeit -storepass changeit -keystore ./thekeystore -ext SAN="dns:localhost,ip:127.0.0.1" before running build.sh.