Created attachment 36146 [details] Debugging session in Eclipse When pressing this button, I do get a NPE: > java.lang.NullPointerException > org.apache.catalina.manager.ManagerServlet.getConnectorCerts(ManagerServlet.java:1814) > org.apache.catalina.manager.HTMLManagerServlet.sslConnectorCerts(HTMLManagerServlet.java:770) > org.apache.catalina.manager.HTMLManagerServlet.doGet(HTMLManagerServlet.java:144) > org.apache.catalina.manager.HTMLManagerServlet.doPost(HTMLManagerServlet.java:227) > javax.servlet.http.HttpServlet.service(HttpServlet.java:661) > javax.servlet.http.HttpServlet.service(HttpServlet.java:742) > org.apache.catalina.filters.CsrfPreventionFilter.doFilter(CsrfPreventionFilter.java:136) > org.apache.tomcat.websocket.server.WsFilter.doFilter(WsFilter.java:52) > org.apache.catalina.filters.SetCharacterEncodingFilter.doFilter(SetCharacterEncodingFilter.java:109) My server.xml is: > <Connector port="8444" connectionTimeout="20000" > maxHttpHeaderSize="24576" maxThreads="250" > SSLEnabled="true" scheme="https" secure="true" > defaultSSLHostConfigName="@main-host@"> > <SSLHostConfig hostName="@main-host@" protocols="TLSv1.2" > honorCipherOrder="true" ciphers="HIGH:!aNULL:!eNULL:!EXPORT:!DES:!RC4:!3DES:!MD5:!PSK:!DSS"> > <Certificate certificateFile="/etc/opt/ssl/@main-host@/cert/public.pem" > certificateKeyFile="/etc/opt/ssl/@main-host@/key/private.pem" > certificateKeyPassword="@password@" > type="RSA" /> > </SSLHostConfig> > <SSLHostConfig hostName="@alias-host@" protocols="TLSv1.2" > honorCipherOrder="true" ciphers="HIGH:!aNULL:!eNULL:!EXPORT:!DES:!RC4:!3DES:!MD5:!PSK:!DSS"> > <Certificate certificateFile="/etc/opt/ssl/@alias-host@/cert/public.pem" > certificateKeyFile="/etc/opt/ssl/@alias-host@/key/private.pem" > certificateKeyPassword="@password@" > type="RSA" /> > </SSLHostConfig> > </Connector> > Runtime config is: > 2018-09-11T11:18:31.570 INFORMATION [main] org.apache.catalina.startup.VersionLoggerListener.log Server version: Apache Tomcat/8.5.34 > 2018-09-11T11:18:31.577 INFORMATION [main] org.apache.catalina.startup.VersionLoggerListener.log Server built: Sep 4 2018 22:28:22 UTC > 2018-09-11T11:18:31.577 INFORMATION [main] org.apache.catalina.startup.VersionLoggerListener.log Server number: 8.5.34.0 > 2018-09-11T11:18:31.578 INFORMATION [main] org.apache.catalina.startup.VersionLoggerListener.log OS Name: HP-UX > 2018-09-11T11:18:31.578 INFORMATION [main] org.apache.catalina.startup.VersionLoggerListener.log OS Version: B.11.31 > 2018-09-11T11:18:31.578 INFORMATION [main] org.apache.catalina.startup.VersionLoggerListener.log Architecture: IA64N > 2018-09-11T11:18:31.578 INFORMATION [main] org.apache.catalina.startup.VersionLoggerListener.log Java Home: /opt/java8/jre > 2018-09-11T11:18:31.579 INFORMATION [main] org.apache.catalina.startup.VersionLoggerListener.log JVM Version: 1.8.0.14-hp-ux-b1 > 2018-09-11T11:18:31.579 INFORMATION [main] org.apache.catalina.startup.VersionLoggerListener.log JVM Vendor: Hewlett Packard Enterprise Company > 2018-09-11T11:18:31.579 INFORMATION [main] org.apache.catalina.startup.VersionLoggerListener.log CATALINA_BASE: /var/opt/tomcat-services > 2018-09-11T11:18:31.580 INFORMATION [main] org.apache.catalina.startup.VersionLoggerListener.log CATALINA_HOME: /opt/apache-tomcat-8.5.34 > 2018-09-11T11:18:31.580 INFORMATION [main] org.apache.catalina.startup.VersionLoggerListener.log Command line argument: -Djava.util.logging.config.file=/var/opt/tomcat-services/conf/logging.properties > 2018-09-11T11:18:31.581 INFORMATION [main] org.apache.catalina.startup.VersionLoggerListener.log Command line argument: -Djava.util.logging.manager=org.apache.juli.ClassLoaderLogManager > 2018-09-11T11:18:31.581 INFORMATION [main] org.apache.catalina.startup.VersionLoggerListener.log Command line argument: -Xms256M > 2018-09-11T11:18:31.581 INFORMATION [main] org.apache.catalina.startup.VersionLoggerListener.log Command line argument: -Xmx512M > 2018-09-11T11:18:31.582 INFORMATION [main] org.apache.catalina.startup.VersionLoggerListener.log Command line argument: -Xbootclasspath/p:/opt/apache-tomcat-8.5.34/bin/activedirectory-ldap-hack-0.2.1.jar > 2018-09-11T11:18:31.582 INFORMATION [main] org.apache.catalina.startup.VersionLoggerListener.log Command line argument: -Djava.awt.headless=true > 2018-09-11T11:18:31.584 INFORMATION [main] org.apache.catalina.startup.VersionLoggerListener.log Command line argument: -Dfile.encoding=UTF-8 > 2018-09-11T11:18:31.584 INFORMATION [main] org.apache.catalina.startup.VersionLoggerListener.log Command line argument: -Djava.security.auth.login.config=/opt/apache-tomcat-8.5.34/conf/login.conf > 2018-09-11T11:18:31.584 INFORMATION [main] org.apache.catalina.startup.VersionLoggerListener.log Command line argument: -Djavax.security.auth.useSubjectCredsOnly=false > 2018-09-11T11:18:31.585 INFORMATION [main] org.apache.catalina.startup.VersionLoggerListener.log Command line argument: -Djava.security.krb5.conf=/etc/krb5.conf > 2018-09-11T11:18:31.585 INFORMATION [main] org.apache.catalina.startup.VersionLoggerListener.log Command line argument: -Doracle.net.tns_admin=/net/smartld/admin/conf/oracle > 2018-09-11T11:18:31.585 INFORMATION [main] org.apache.catalina.startup.VersionLoggerListener.log Command line argument: -Doracle.net.wallet_location=/net/smartld/admin/conf/oracle/wallet > 2018-09-11T11:18:31.585 INFORMATION [main] org.apache.catalina.startup.VersionLoggerListener.log Command line argument: -Djdk.tls.ephemeralDHKeySize=2048 > 2018-09-11T11:18:31.586 INFORMATION [main] org.apache.catalina.startup.VersionLoggerListener.log Command line argument: -Djava.protocol.handler.pkgs=org.apache.catalina.webresources > 2018-09-11T11:18:31.586 INFORMATION [main] org.apache.catalina.startup.VersionLoggerListener.log Command line argument: -Dorg.apache.catalina.security.SecurityListener.UMASK=027 > 2018-09-11T11:18:31.586 INFORMATION [main] org.apache.catalina.startup.VersionLoggerListener.log Command line argument: -Dorg.apache.jasper.runtime.BodyContentImpl.LIMIT_BUFFER=true > 2018-09-11T11:18:31.586 INFORMATION [main] org.apache.catalina.startup.VersionLoggerListener.log Command line argument: -Dtomcat.systemEnv=IECMIG > 2018-09-11T11:18:31.587 INFORMATION [main] org.apache.catalina.startup.VersionLoggerListener.log Command line argument: -Dmail.smtp.host=@mail-server@ > 2018-09-11T11:18:31.587 INFORMATION [main] org.apache.catalina.startup.VersionLoggerListener.log Command line argument: -Dmail.smtp.localhost=@main-host@ > 2018-09-11T11:18:31.587 INFORMATION [main] org.apache.catalina.startup.VersionLoggerListener.log Command line argument: -Djava.endorsed.dirs=/opt/apache-tomcat-8.5.34/endorsed > 2018-09-11T11:18:31.588 INFORMATION [main] org.apache.catalina.startup.VersionLoggerListener.log Command line argument: -Dcatalina.base=/var/opt/tomcat-services > 2018-09-11T11:18:31.588 INFORMATION [main] org.apache.catalina.startup.VersionLoggerListener.log Command line argument: -Dcatalina.home=/opt/apache-tomcat-8.5.34 > 2018-09-11T11:18:31.588 INFORMATION [main] org.apache.catalina.startup.VersionLoggerListener.log Command line argument: -Djava.io.tmpdir=/var/opt/tomcat-services/temp > 2018-09-11T11:18:31.589 INFORMATION [main] org.apache.catalina.core.AprLifecycleListener.lifecycleEvent Loaded APR based Apache Tomcat Native library [1.2.17] using APR version [1.6.3]. > 2018-09-11T11:18:31.589 INFORMATION [main] org.apache.catalina.core.AprLifecycleListener.lifecycleEvent APR capabilities: IPv6 [true], sendfile [true], accept filters [false], random [true]. > 2018-09-11T11:18:31.589 INFORMATION [main] org.apache.catalina.core.AprLifecycleListener.lifecycleEvent APR/OpenSSL configuration: useAprConnector [true], useOpenSSL [true] > 2018-09-11T11:18:31.605 INFORMATION [main] org.apache.catalina.core.AprLifecycleListener.initializeSSL OpenSSL successfully initialized [OpenSSL 1.0.2k 26 Jan 2017] > 2018-09-11T11:18:32.264 INFORMATION [main] org.apache.coyote.AbstractProtocol.init Initializing ProtocolHandler ["https-openssl-apr-8444"] > 2018-09-11T11:18:32.601 INFORMATION [main] org.apache.catalina.startup.Catalina.load Initialization processed in 2366 ms > 2018-09-11T11:18:32.669 INFORMATION [main] org.apache.catalina.core.StandardService.startInternal Starting service [Catalina] > 2018-09-11T11:18:32.670 INFORMATION [main] org.apache.catalina.core.StandardEngine.startInternal Starting Servlet Engine: Apache Tomcat/8.5.34 Please also see the attached screenshot. I assume that the code expects a JKS-based approach while I am using PEM files for OpenSSL. Are those buttons actually suited for non-JSSE?
The same happens for Trusted Certificates.
It is the APR connector it doesn't like. Neither NIO+JSSE and NIO+OpenSSL trigger an NPE in this case. It happens in 9.0.x as well. Investigating...
The same issue applies to the button below the one mentioned. Shall I spawn a new ticket for that?
No need. I'll have it patched shortly.
Thanks for the report. Fixed in: - trunk for 9.0.13 onwards - 8.5.x for 8.5.35 onwards
(In reply to Mark Thomas from comment #5) > Thanks for the report. > > Fixed in: > - trunk for 9.0.13 onwards > - 8.5.x for 8.5.35 onwards Charming, thanks!