cancel
Showing results for 
Search instead for 
Did you mean: 

Enabling HTTPS/SSL on the WACS

Former Member
0 Kudos

Hi All,

I have a new BO 4.1SP3 environment I'm working on setting up.  I've followed along on the Business Intelligence Platform Administrator's Guide in order to enable SSL on my WACS for client web browsers.  I stepped through section 12.1.4 - Configuring HTTPS/SSL using the IIS/MMC method.  I exported the PKCS12 certificate file store from the Certificates MMC and then updated the properties in the CMC to point at that certificate store file.  When I restart the WACS it fails to listen on the https port (http is still fine).  In the log I see the following error, but I'm not sure where to go from here.  Any ideas on how to further troubleshoot would be appreciated.

SEVERE: Failed to start connector [Connector[HTTP/1.1-8443]]

org.apache.catalina.LifecycleException: Failed to start component [Connector[HTTP/1.1-8443]]

  at org.apache.catalina.util.LifecycleBase.start(LifecycleBase.java:154)

  at org.apache.catalina.core.StandardService.addConnector(StandardService.java:241)

  at org.apache.catalina.startup.Embedded.addConnector(Embedded.java:321)

  at com.businessobjects.framework.services.webappcontainer.wrapper.WACSEmbeddedTomcat.addConnector(WACSEmbeddedTomcat.java:322)

  at com.businessobjects.framework.services.webappcontainer.wrapper.WACSConnector.startConnector(WACSConnector.java:102)

  at com.businessobjects.framework.services.webappcontainer.HttpConnector.startConnector(HttpConnector.java:208)

  at com.businessobjects.framework.services.webappcontainer.HttpConnector.doStart(HttpConnector.java:46)

  at com.businessobjects.framework.servers.platform.deployment.core.BeanComponent.getBeanInternal(BeanComponent.java:604)

  at com.businessobjects.framework.servers.platform.deployment.core.BeanComponent.getBean(BeanComponent.java:323)

  at com.businessobjects.framework.servers.platform.deployment.core.BeanComponent.getBeanInstance(BeanComponent.java:336)

  at com.businessobjects.framework.servers.platform.deployment.core.BeanComponent.getReferenceByName(BeanComponent.java:420)

  at com.businessobjects.framework.servers.platform.deployment.core.BeanComponent.getBeanInternal(BeanComponent.java:582)

  at com.businessobjects.framework.servers.platform.deployment.core.BeanComponent.getBean(BeanComponent.java:323)

  at com.businessobjects.framework.servers.platform.deployment.core.BeanComponent.getBeanInstance(BeanComponent.java:336)

  at com.businessobjects.framework.servers.platform.modules.messageinfo.MessageInfoCallback.<init>(MessageInfoCallback.java:43)

  at com.businessobjects.framework.servers.platform.modules.messageinfo.MessageInfoModule.process(MessageInfoModule.java:58)

  at com.businessobjects.framework.servers.platform.deployment.DeploymentEngine.execute(DeploymentEngine.java:221)

  at com.businessobjects.framework.servers.platform.deployment.DeploymentEngine.startService(DeploymentEngine.java:165)

  at com.businessobjects.framework.servers.platform.deployment.AbstractPJSService.activateService(AbstractPJSService.java:121)

  at com.businessobjects.framework.servers.platform.deployment.servicebuilder.AbstractServiceBuilder.startService(AbstractServiceBuilder.java:332)

  at com.businessobjects.framework.servers.platform.lifecycle.internal.LifeCycleManager$ServiceController.startSvc(LifeCycleManager.java:226)

  at com.businessobjects.framework.servers.platform.lifecycle.internal.LifeCycleManager$ServiceController.call(LifeCycleManager.java:177)

  at com.businessobjects.framework.servers.platform.lifecycle.internal.LifeCycleManager$ServiceController.call(LifeCycleManager.java:155)

  at java.util.concurrent.FutureTask$Sync.innerRun(FutureTask.java:303)

  at java.util.concurrent.FutureTask.run(FutureTask.java:138)

  at java.util.concurrent.ThreadPoolExecutor$Worker.runTask(ThreadPoolExecutor.java:895)

  at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:918)

  at java.lang.Thread.run(Thread.java:761)

Caused by: org.apache.catalina.LifecycleException: service.getName(): "null";  Protocol handler start failed

  at org.apache.catalina.connector.Connector.startInternal(Connector.java:1017)

  at org.apache.catalina.util.LifecycleBase.start(LifecycleBase.java:150)

  ... 27 more

Caused by: java.io.IOException: Could not decrypt data.

  at com.rsa.cryptoj.f.eS.b(Unknown Source)

  at com.rsa.cryptoj.f.eS.a(Unknown Source)

  at com.rsa.cryptoj.f.eS.a(Unknown Source)

  at com.rsa.cryptoj.f.eS.a(Unknown Source)

  at com.rsa.cryptoj.f.eS.a(Unknown Source)

  at com.rsa.cryptoj.f.eS.engineLoad(Unknown Source)

  at java.security.KeyStore.load(KeyStore.java:1183)

  at org.apache.tomcat.util.net.jsse.JSSESocketFactory.getStore(JSSESocketFactory.java:407)

  at org.apache.tomcat.util.net.jsse.JSSESocketFactory.getKeystore(JSSESocketFactory.java:306)

  at org.apache.tomcat.util.net.jsse.JSSESocketFactory.getKeyManagers(JSSESocketFactory.java:565)

  at org.apache.tomcat.util.net.jsse.JSSESocketFactory.getKeyManagers(JSSESocketFactory.java:505)

  at org.apache.tomcat.util.net.jsse.JSSESocketFactory.init(JSSESocketFactory.java:449)

  at org.apache.tomcat.util.net.jsse.JSSESocketFactory.createSocket(JSSESocketFactory.java:169)

  at org.apache.tomcat.util.net.JIoEndpoint.bind(JIoEndpoint.java:396)

  at org.apache.tomcat.util.net.AbstractEndpoint.start(AbstractEndpoint.java:617)

  at org.apache.coyote.AbstractProtocol.start(AbstractProtocol.java:444)

  at org.apache.catalina.connector.Connector.startInternal(Connector.java:1010)

  ... 28 more

|5EA8AD906124465AAA44A8899DCB00A569|2014 11 10 09:23:02.995|-0600|Error| |==|E| |wacs_servername.WebApplicationContainerServer| 9716|  57|service builder-2| ||||||||||||||||||||com.businessobjects.framework.services.webappcontainer.wrapper.WACSConnector||Server wacs_servername.WebApplicationContainerServer

HTTPS Port

Failed to listen on port(s): 0.0.0.0:8443.

|5EA8AD906124465AAA44A8899DCB00A56a|2014 11 10 09:23:02.995|-0600|Error| |==|E| |wacs_servername.WebApplicationContainerServer| 9716|  57|service builder-2| ||||||||||||||||||||WebApplicationContainer EventLog||Server wacs_servername.WebApplicationContainerServer

HTTPS Port

Failed to listen on port(s): 0.0.0.0:8443.

Accepted Solutions (0)

Answers (2)

Answers (2)

r078578
Discoverer
0 Kudos

Hi

NB: I realize this post is almost a year old, but I'm posting this in case someone else comes here with the same problem.

I was in the same situation as you. I was able to overcome the issue by using a JKS keystore instead of PCKS12. I do not know why the PCKS12 was not working for me. I had followed the directions in the Admin Guide with no luck.

On the other hand, I used the instructions in the following KB article to create a JKS keystore and using it my WACS is fully functional:

1618311 - How to configure SSL on WACS using JKS(Java Key Store) as certificate store type in BOE XI...

I realize the KB article was written for XI 3.1 however the same instructions applied to BI 4.1 SP4 on  Windows 2008 R2.

Hopefully this helps someone else.

- Joseph

0 Kudos

Hi,

do you have also installed the shipped Tomcat WAS or is any Tomcat installed on the Host?

I see the error Message "Failed to listen on port(s): 0.0.0.0:8443."

Did you modified the WACS that he is listening on port 8443?! Usually this is the HTTPS Port for the Tomcat WAS.

Plase change the HTTPS Port of the WACS to something else and retry. Check also:

http://service.sap.com/sap/support/notes/1915758

Regards

-Seb.

Former Member
0 Kudos

It is definitely not a port issue - I've tried 443, 8443, and a couple oddball port numbers like 9019 but none of them work.  I also checked at the command line to make sure nothing was listening on those ports.

0 Kudos

Hi,

a couple of things that came in my mind:

1. Under "Bind to Hostname ir IP Adress" enter the same IP Adress or FQDN which you used when creating the PCKS12 Certificate

2. Veryify the "Private Key Access Password". If you have a "$" or "@" in you password, re- create the PCKS12 Certifikate without these special characters.

3. You propably also have a root certificate and or chain certificate in your Filestore. Specify the correct alias under "Certificate Alias" that you used for your WACS.

4. Verify the "Certificate Trust List Private Key Access Password" - Also here no special charachters

Inside your posted log you receuve the error "Caused by: java.io.IOException: Could not decrypt data." This usually points to a password missmatch. So i hope 2 and or 4 will solve the problem.

Regards

-Seb.

Former Member
0 Kudos

Thanks for the ideas Seb - I tried them out but unfortunately I could not get any further.