Error org.apache.tomcat.util.net.NioEndpoint when setting up SSL with Tomcat

marielle.spiteri
Blog Categories: 

Component: SSL | Version: N/A | Edition: Subscription

Problem

You have setup SSL in your Bonita server. This enables you to use secure HTTP (HTTPS) to access the portal.

The failure occurs when you try to start the Tomcat:
The Tomcat starts, and the Bonita engine is initialized, but then immediately after that, the tomcat stops.
These message is generated in the catalina log file:
    2020-03-10 12:25:28.175 +0200 INFOS: org.apache.catalina.startup.Catalina Server startup in 59510 ms 2020-03-10 12:25:29.631 +0200 GRAVE: [org.apache.tomcat.util.net](https://org.apache.tomcat.util.net).NioEndpoint java.lang.UnsatisfiedLinkError: org.apache.tomcat.jni.SSL.renegotiatePending(J)I at org.apache.tomcat.jni.SSL.renegotiatePending(Native Method) at [org.apache.tomcat.util.net](https://org.apache.tomcat.util.net).openssl.OpenSSLEngine.getHandshakeStatus(OpenSSLEngine.java:1037) at [org.apache.tomcat.util.net](https://org.apache.tomcat.util.net).openssl.OpenSSLEngine.wrap(OpenSSLEngine.java:458) at [javax.net](https://javax.net).ssl.SSLEngine.wrap(Unknown Source) at [org.apache.tomcat.util.net](https://org.apache.tomcat.util.net).SecureNioChannel.handshakeWrap(SecureNioChannel.java:449) at [org.apache.tomcat.util.net](https://org.apache.tomcat.util.net).SecureNioChannel.handshake(SecureNioChannel.java:210) at [org.apache.tomcat.util.net](https://org.apache.tomcat.util.net).NioEndpoint$SocketProcessor.doRun(NioEndpoint.java:1477) at [org.apache.tomcat.util.net](https://org.apache.tomcat.util.net).SocketProcessorBase.run(SocketProcessorBase.java:49) at java.util.concurrent.ThreadPoolExecutor.runWorker(Unknown Source) at java.util.concurrent.ThreadPoolExecutor$Worker.run(Unknown Source) at org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:61) at java.lang.Thread.run(Unknown Source)    

Why do you have this error?

If you read the few lines above this error in your catalina log file, the call stack suggests that the error is generated when handling incoming HTTP requests, very early in the SSL protocol (handshake): which directs the investigation towards Apache Tomcat Native and OpenSSL.

If you search in your log file, you will most likely find this log information:
    2020-03-10 12:24:27.376 +0200 INFO: org.apache.catalina.core.AprLifecycleListener An older version [1.2.17] of the APR based Apache Tomcat Native library is installed, while Tomcat recommends a minimum version of [1.2.23]    
This means, an older version of the Tomcat Native library is installed on your server.

Resolution

You need to upgrade the Tomcat Native library to the minimum required on your server, as specified in the log. In this example, upgrade to at least  1.2.23

Here is the Tomcat official documentation: https://tomcat.apache.org/tomcat-8.5-doc/apr.html

The required version is also available out of the box in the Tomcat Bundle provided by Bonita, for example in version 7.10.0, the version 1.2.23, in folder: BonitaSubscription-7.10.0/server/bin/tomcat-native.tar.gz.

Notifications