SSL Connector Fails to Initialize During Tomcat Startup

Platform Notice: Data Center Only - This article only applies to Atlassian products on the Data Center platform.

Note that this KB was created for the Data Center version of the product. Data Center KBs for non-Data-Center-specific features may also work for Server versions of the product, however they have not been tested. Support for Server* products ended on February 15th 2024. If you are running a Server product, you can visit the Atlassian Server end of support announcement to review your migration options.

*Except Fisheye and Crucible

Symptoms

After starting Confluence, you are unable to connect to https://<BASE_URL>:8443.

The following appears in catalina.out:

1 2 3 4 5 6 7 SEVERE: Failed to initialize connector [Connector[HTTP/1.1-8443]] org.apache.catalina.LifecycleException: Failed to initialize component [Connector[HTTP/1.1-8443]] ... Caused by: java.io.FileNotFoundException: /var/root/.keystore (No such file or directory)

Cause

The Keystore used to store the SSL certificates is not located in the default location.

Resolution

  • Edit the server configuration file at this location: <CONFLUENCE-INSTALL>/conf/server.xml

  • You will need to add the attribute keystoreFile="<MY_CERTIFICATE_LOCATION>" to the Connector element so that the element looks like this:

    1 2 3 4 5 6 7 <Connector port="8443" maxHttpHeaderSize="8192" maxThreads="150" minSpareThreads="25" maxSpareThreads="75" enableLookups="false" disableUploadTimeout="true" acceptCount="100" scheme="https" secure="true" clientAuth="false" sslProtocol="TLS" SSLEnabled="true" URIEncoding="UTF-8" keystorePass="<MY_CERTIFICATE_PASSWORD>" keystoreFile="<MY_CERTIFICATE_LOCATION>"/>

If you generated a self-signed certificate, the location will be in that user's home directory

Updated on April 8, 2025
Platform
Data Center only
Product
Confluence Data Center
On this pageSymptomsCauseResolution

Still need help?

The Atlassian Community is here for you.
Ask the Community