Failed to initialize the Tomcat on port 443

Document ID : KB000129913
Last Modified Date : 22/03/2019
Show Technical Document Details
Issue:
The HTTPS on port 443 is not initialized by the Tomcat

The following error is logged in the Tomcat's log file (stdout.log or catalina.out file):
INFO: Initializing ProtocolHandler ["https-jsse-nio-443"]
Mar 22, 2019 3:47:45 PM org.apache.catalina.util.LifecycleBase handleSubClassException
SEVERE: Failed to initialize component [Connector[HTTP/1.1-443]]
org.apache.catalina.LifecycleException: Protocol handler initialization failed
    at org.apache.catalina.connector.Connector.initInternal(Connector.java:935)
    at org.apache.catalina.util.LifecycleBase.init(LifecycleBase.java:136)
    at org.apache.catalina.core.StandardService.initInternal(StandardService.java:530)
    at org.apache.catalina.util.LifecycleBase.init(LifecycleBase.java:136)
    at org.apache.catalina.core.StandardServer.initInternal(StandardServer.java:852)
    at org.apache.catalina.util.LifecycleBase.init(LifecycleBase.java:136)
    at org.apache.catalina.startup.Catalina.load(Catalina.java:633)
    at org.apache.catalina.startup.Catalina.load(Catalina.java:656)
    at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
    at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
    at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
    at java.lang.reflect.Method.invoke(Method.java:498)
    at org.apache.catalina.startup.Bootstrap.load(Bootstrap.java:306)
    at org.apache.catalina.startup.Bootstrap.main(Bootstrap.java:491)
Caused by: java.lang.IllegalArgumentException: the trustAnchors parameter must be non-empty
    at org.apache.tomcat.util.net.AbstractJsseEndpoint.createSSLContext(AbstractJsseEndpoint.java:114)
    at org.apache.tomcat.util.net.AbstractJsseEndpoint.initialiseSsl(AbstractJsseEndpoint.java:85)
    at org.apache.tomcat.util.net.NioEndpoint.bind(NioEndpoint.java:216)
    at org.apache.tomcat.util.net.AbstractEndpoint.init(AbstractEndpoint.java:1043)
    at org.apache.coyote.AbstractProtocol.init(AbstractProtocol.java:540)
    at org.apache.coyote.http11.AbstractHttp11Protocol.init(AbstractHttp11Protocol.java:74)
    at org.apache.catalina.connector.Connector.initInternal(Connector.java:932)
    ... 13 more
Caused by: java.security.InvalidAlgorithmParameterException: the trustAnchors parameter must be non-empty
    at java.security.cert.PKIXParameters.setTrustAnchors(PKIXParameters.java:200)
    at java.security.cert.PKIXParameters.<init>(PKIXParameters.java:157)
    at java.security.cert.PKIXBuilderParameters.<init>(PKIXBuilderParameters.java:130)
    at org.apache.tomcat.util.net.jsse.JSSEUtil.getParameters(JSSEUtil.java:389)
    at org.apache.tomcat.util.net.jsse.JSSEUtil.getTrustManagers(JSSEUtil.java:313)
    at org.apache.tomcat.util.net.AbstractJsseEndpoint.createSSLContext(AbstractJsseEndpoint.java:112)
    ... 19 more
Environment:
CA Spectrum 10.3.x
Cause:
The $SPECROOT/custom/keystore/cacerts file was deleted.
Resolution:
Recover the $SPECROOT/custom/keystore/cacerts file from a previous backup or get from another CA Spectrum environment.

The cacerts file cannot be deleted.
If you want to remove the entries from the cacerts file, run the following syntax (example):
./keytool.exe -delete -alias tomcatssl -keyalg RSA -keystore c:/win32app/Spectrum/custom/keystore/cacerts