Oneclick SSL webpage is not displayed


Article ID: 143250


Updated On:


CA eHealth CA Spectrum


One click configured for SSL displays error message (this website cannot be reached). I have uncommented the connector section in the  server.xml  located under $SPECROOT/tomcat/conf (connector section) and restarted tomcat. 



Check tomcat log for the following error:

SEVERE [main] org.apache.catalina.util.LifecycleBase.handleSubClassException Failed to initialize component [Connector[HTTP/1.1-8443]]
 org.apache.catalina.LifecycleException: Protocol handler initialization failed
      at org.apache.catalina.connector.Connector.initInternal(
      at org.apache.catalina.util.LifecycleBase.init(
      at org.apache.catalina.core.StandardService.initInternal(
      at org.apache.catalina.util.LifecycleBase.init(
      at org.apache.catalina.core.StandardServer.initInternal(
      at org.apache.catalina.util.LifecycleBase.init(
      at org.apache.catalina.startup.Catalina.load(
      at org.apache.catalina.startup.Catalina.load(
      at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
      at sun.reflect.NativeMethodAccessorImpl.invoke(
      at sun.reflect.DelegatingMethodAccessorImpl.invoke(
      at java.lang.reflect.Method.invoke(
      at org.apache.catalina.startup.Bootstrap.load(
      at org.apache.catalina.startup.Bootstrap.main(
Caused by: java.lang.IllegalArgumentException: Alias name [null] does not identify a key entry

The certificate imported is using the wrong key entry for the tomcat ssl alias. 


Release : 10.4

Component : Spectrum Core / SpectroSERVER





The keystore is missing private key and the certificate imported is a trustedCertEntry instead of PrivateKeyEntry 

To verify this run the keytool command and list the certificates:

keytool -list -v -keystore mykeystore.jks -alias tomcat
Enter keystore password:
Alias name: tomcat
Creation date: December 22, 2019
Entry type: trustedCertEntry

Ensure the certificates are imported as privatekey and not a trustedcertificate.