search cancel

CEMETOM Failing to start after zOS 2.3 maintenance

book

Article ID: 241025

calendar_today

Updated On:

Products

Compliance Event Manager

Issue/Introduction

After installing zOS 2.3 maintenance and updating Java that CEMETOM uses, CEMETOM is failing with:

SEVERE: Failed to initialize component ÝConnectorÝHTTP/1.1-8443¨

Caused by: java.lang.IllegalArgumentException: No cryptographic provider to support protocol TLSv1.3

The config is set to use 1.2, shown as:

<Connector port="8443" protocol="org.apache.coyote.http11.Http11NioProtoco
           maxThreads="150" SSLEnabled="true" scheme="https" secure="true"
           clientAuth="false" sslProtocol="TLS" />                        
-->                                                                       
<Connector port="8443" maxHttpHeaderSize="8192"                           
           address="10.xxx.xxx.xxx"                                        
           maxThreads="150" minSpareThreads="25"                          
           enableLookups="false" disableUploadTimeout="true"              
           SSLEnabled="true"                                              
           algorithm="IbmX509"                                            
           acceptCount="100" scheme="https" secure="true"                 
           clientAuth="false" sslProtocol="TLS"                           
           sslEnabledProtocols="+TLSv1.2"                                 
           keystoreType="JCECCARACFKS"                                    
           keystoreFile="safkeyring://Ringowner/Ringname"                     
           sslImplementationName="com.ca.sslsocket.CASSLImplementation" />

 

 

Environment

Release : 6.0

Component :

Resolution

SEVERE: Failed to initialize component ÝConnectorÝHTTP/1.1-8443¨¨
Caused by: java.net.BindException: EDC8115I Address already in use.
 
SEVERE: Failed to create server shutdown socket on address Ýlocalhost¨ an d port Ý8005¨
java.net.BindException: EDC8115I Address already in use. (Bind failed)  
 
 The ports in server.xml. need to be changed
 
Site is not using DD:SRVXML or the ports override so it should be in /cai/tomcat/CCS/tpv/tomcat/conf
 
<Server port="8005" shutdown="CASHUTDOWN">
 
 <Connector port="8080" protocol="HTTP/1.1"
 
            connectionTimeout="20000"
 
            redirectPort="8443" />                 
 
In OMVS you could use 
netstat -P 8443 to verify that these are being used.
 
when the bind on the shutdown port fails tomcat will automatically shutdown. You could disable this feature by changing it to -1 like this:
<Server port="-1" shutdown="CASHUTDOWN">