Getting no such provider: Mozilla-JSS
petroniuchacz opened this issue · 2 comments
petroniuchacz commented
Hi, I'm trying to set up Tomcat 9 with tomcatjss-8.0.0-0.3.alpha2. I've build tomcatjss 8 and jss 5 as jars and installed them. During startup I'm getting no such provider: Mozilla-JSS. I found an instruction for Tomcat 8 to use protocol="org.apache.coyote.http11.Http11Protocol", but it's depracated for Tomcat 9. I tried with Nio and Nio2.
I successfully got the provider using the following class https://gist.github.com/nicoulaj/531761
#java -classpath "/root:/usr/lib/java/jss.jar:/usr/share/java/slf4j/*" SecurityProvidersAndAlgorithms
...
Mozilla-JSS version 5.0
Provider.id info
Provider.id className
Provider.id version
Provider.id name
Connector config
<Connector
SSLEnabled="true"
sslEnabledProtocols = "TLSv1.2"
ciphers="TLS_RSA_WITH_AES_128_GCM_SHA256,TLS_RSA_WITH_AES_256_GCM_SHA384,TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256,TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384,TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256,TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256"
clientAuth="false"
connectionTimeout="20000"
maxConnections="100" port="49586"
protocol="org.apache.coyote.http11.Http11Nio2Protocol"
scheme="https"
secure="true"
sslImplementationName="org.dogtagpki.tomcat.JSSImplementation"
catalina.properties
common.loader="${catalina.base}/lib","${catalina.base}/lib/*.jar","${catalina.home}/lib","${catalina.home}/lib/*.jar",/usr/lib64/jss/jss.jar,/usr/share/java/tomcatjss.jar,/usr/share/java/slf4j/*.jar
catalina.log
29-Sep-2021 05:43:56.894 SEVERE [main] org.apache.catalina.util.LifecycleBase.handleSubClassException Failed to initialize component [Connector[org.apache.coyote.http11.Http11Nio2Protocol-49586]]
org.apache.catalina.LifecycleException: Protocol handler initialization failed
at org.apache.catalina.connector.Connector.initInternal(Connector.java:983)
at org.apache.catalina.util.LifecycleBase.init(LifecycleBase.java:136)
at org.apache.catalina.core.StandardService.initInternal(StandardService.java:533)
at org.apache.catalina.util.LifecycleBase.init(LifecycleBase.java:136)
at org.apache.catalina.core.StandardServer.initInternal(StandardServer.java:1057)
at org.apache.catalina.util.LifecycleBase.init(LifecycleBase.java:136)
at org.apache.catalina.startup.Catalina.load(Catalina.java:584)
at org.apache.catalina.startup.Catalina.load(Catalina.java:607)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
at java.lang.reflect.Method.invoke(Method.java:498)
at org.apache.catalina.startup.Bootstrap.load(Bootstrap.java:303)
at org.apache.catalina.startup.Bootstrap.main(Bootstrap.java:473)
Caused by: java.lang.RuntimeException: no such provider: Mozilla-JSS
at org.dogtagpki.tomcat.JSSUtil.init(JSSUtil.java:68)
at org.dogtagpki.tomcat.JSSUtil.getImplementedProtocols(JSSUtil.java:119)
at org.apache.tomcat.util.net.SSLUtilBase.<init>(SSLUtilBase.java:93)
at org.apache.tomcat.util.net.SSLUtilBase.<init>(SSLUtilBase.java:83)
at org.dogtagpki.tomcat.JSSUtil.<init>(JSSUtil.java:52)
at org.dogtagpki.tomcat.JSSImplementation.getSSLUtil(JSSImplementation.java:59)
at org.apache.tomcat.util.net.AbstractJsseEndpoint.createSSLContext(AbstractJsseEndpoint.java:88)
at org.apache.tomcat.util.net.AbstractJsseEndpoint.initialiseSsl(AbstractJsseEndpoint.java:71)
at org.apache.tomcat.util.net.Nio2Endpoint.bind(Nio2Endpoint.java:142)
at org.apache.tomcat.util.net.AbstractEndpoint.bindWithCleanup(AbstractEndpoint.java:1141)
at org.apache.tomcat.util.net.AbstractEndpoint.init(AbstractEndpoint.java:1154)
at org.apache.coyote.AbstractProtocol.init(AbstractProtocol.java:575)
at org.apache.coyote.http11.AbstractHttp11Protocol.init(AbstractHttp11Protocol.java:74)
at org.apache.catalina.connector.Connector.initInternal(Connector.java:980)
... 13 more
Caused by: java.lang.RuntimeException: no such provider: Mozilla-JSS
at org.dogtagpki.tomcat.JSSContext.<init>(JSSContext.java:40)
at org.dogtagpki.tomcat.JSSUtil.init(JSSUtil.java:64)
... 26 more
Caused by: java.security.NoSuchProviderException: no such provider: Mozilla-JSS
at sun.security.jca.GetInstance.getService(GetInstance.java:83)
at sun.security.jca.GetInstance.getInstance(GetInstance.java:206)
at javax.net.ssl.KeyManagerFactory.getInstance(KeyManagerFactory.java:181)
at org.dogtagpki.tomcat.JSSContext.<init>(JSSContext.java:34)
... 27 more
java.security
security.provider.1=sun.security.provider.Sun
security.provider.2=sun.security.rsa.SunRsaSign
security.provider.3=sun.security.ec.SunEC
security.provider.4=com.sun.net.ssl.internal.ssl.Provider
security.provider.5=com.sun.crypto.provider.SunJCE
security.provider.6=sun.security.jgss.SunProvider
security.provider.7=com.sun.security.sasl.Provider
security.provider.8=org.jcp.xml.dsig.internal.dom.XMLDSigRI
security.provider.9=sun.security.smartcardio.SunPCSC
security.provider.10=sun.security.pkcs11.SunPKCS11 ${java.home}/lib/security/nss.cfg
security.provider.11=org.mozilla.jss.JSSProvider
fmarco76 commented
Hi @petroniuchacz, is this problem still present? In case, could you try to modify the connector with:
protocol="org.dogtagpki.tomcat.Http11NioProtocol"
ckelleyRH commented
I'm going to close out as this issue is old and inactive, please re-open @petroniuchacz if it is still an issue.