expired crl file

2014-01-04 Thread Ja kub
When I place expired crl file tomcat starts without any visible stack trace in logs, but I cannot login with valid certificates. Is there any solution for this feature? BTW, how can I check validity/expiration date of crl file ? Regards Jakub

Re: expired crl file

2014-01-04 Thread Ja kub
RTFM man keytool -printcrl -file crl_ {-v} Reads the certificate revocation list (CRL) from the file crl_file. A Certificate Revocation List (CRL) is a list of digital certificates which have been revoked by the Certificate Authority (CA) that issued them. The CA

RE: expired crl file

2014-01-04 Thread Martin Gainty
Date: Sat, 4 Jan 2014 09:18:22 +0100 Subject: expired crl file From: jjaku...@gmail.com To: users@tomcat.apache.org When I place expired crl file tomcat starts without any visible stack trace in logs, but I cannot login with valid certificates. MG $CATALINA_HOME/conf/setevnv.sh #

Re: TLS is not working in 6.0.37, 7.0.42, 7.0.47

2014-01-04 Thread Mudassir Aftab
Here is my test with latest openssl and tomcat Tools: openssl: 1.0.1e apache-tomcat-7.0.47 apr-1.5.0. tomcat-native-1.1.29 Connector: Connector port=8443 protocol=org.apache.coyote.http11.Http11AprProtocol maxThreads=200 clientAuth=false

Re: TLS is not working in 6.0.37, 7.0.42, 7.0.47

2014-01-04 Thread Christopher Schultz
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Mudassir, On 1/2/14, 7:41 PM, Mudassir Aftab wrote: Thanks for keep replying, is there any way to restrict the cipher suite in the connector configuration?

Re: TLS is not working in 6.0.37, 7.0.42, 7.0.47

2014-01-04 Thread Christopher Schultz
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Chuck, On 1/3/14, 12:32 PM, Caldarale, Charles R wrote: From: Mudassir Aftab [mailto:withmudas...@gmail.com] Subject: Re: TLS is not working in 6.0.37, 7.0.42, 7.0.47 Connector port=8443 protocol=org.apache.coyote.http11.Http11AprProtocol

Re: max_packet_size for data in mod_jk

2014-01-04 Thread Rainer Jung
On 02.01.2014 15:42, frenchc44 wrote: Thanks Rainer. To be honest, we don't really know what to expect from a larger packet size, but we think it could only help since it would reduce round trips between apache/tomcat. My main objective with this thread is to confirm my suspicion that the

Re: TLS is not working in 6.0.37, 7.0.42, 7.0.47

2014-01-04 Thread Christopher Schultz
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Musassir, On 1/3/14, 5:27 PM, Mudassir Aftab wrote: Again, we have to submit this as a bug.TLS 1.2 is not working in Tomcat Tomcat 7.0.74 Oracle Java 1.7.0_45 tcnative 1.1.29 trunk (essentially 1.2.29 tcnative$ make clean tcnative$

Re: rc-10 bug?

2014-01-04 Thread Christopher Schultz
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Peter, On 1/3/14, 12:42 PM, Peter wrote: I have 2 integration scenarios, both work in all earlier tomcat 6,7,and 8.0.0.rc5: 1) tomcat.zip , unzipped, deployed ServletSample.war 2) tomcat.zip, unzipped, Spring jars added to tomcat lib,

Re: TLS is not working in 6.0.37, 7.0.42, 7.0.47

2014-01-04 Thread Christopher Schultz
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Musassir, On 1/4/14, 4:08 PM, Christopher Schultz wrote: Musassir, On 1/3/14, 5:27 PM, Mudassir Aftab wrote: Again, we have to submit this as a bug.TLS 1.2 is not working in Tomcat Tomcat 7.0.74 Oracle Java 1.7.0_45 tcnative 1.1.29

Re: TLS is not working in 6.0.37, 7.0.42, 7.0.47

2014-01-04 Thread Mark Eggers
On 1/4/2014 1:18 PM, Christopher Schultz wrote: -BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Musassir, On 1/4/14, 4:08 PM, Christopher Schultz wrote: Musassir, On 1/3/14, 5:27 PM, Mudassir Aftab wrote: Again, we have to submit this as a bug.TLS 1.2 is not working in Tomcat Tomcat

Re: TLS is not working in 6.0.37, 7.0.42, 7.0.47

2014-01-04 Thread Christopher Schultz
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Mark, On 1/4/14, 6:37 PM, Mark Eggers wrote: On 1/4/2014 1:18 PM, Christopher Schultz wrote: -BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Musassir, On 1/4/14, 4:08 PM, Christopher Schultz wrote: Musassir, On 1/3/14, 5:27 PM, Mudassir

Re: All worker threads of my tomcat have been occupied!

2014-01-04 Thread Christopher Schultz
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Benimaur, On 1/3/14, 1:16 AM, Benimaur Gao wrote: gotcha! I moved tomcat home directory to another partition by using 'cp -r' at that time. That's why tomcat start to reload. Since you didn't use the -p switch, all of your timestamps were

Re: TLS is not working in 6.0.37, 7.0.42, 7.0.47

2014-01-04 Thread Sanaullah
you can create the ECC self singed certificates using the below two commands of Openssl openssl ecparam -out sinful.key -name prime256v1 -genkey openssl req -x509 -new -key sinful.key -out sinful-ca.pem -outform PEM -days 3650 root@ubuntu:/# openssl s_client -connect localhost:8443

Re: TLS is not working in 6.0.37, 7.0.42, 7.0.47

2014-01-04 Thread Sanaullah
there is also a bug fixed for the support of TLS1.1 and TLS1.2 by Marcel Ĺ ebek. may be that need to apply https://issues.apache.org/bugzilla/show_bug.cgi?id=53952#c1 On Sun, Jan 5, 2014 at 8:18 AM, Sanaullah sanaulla...@gmail.com wrote: you can create the ECC self singed certificates using

Re: TLS is not working in 6.0.37, 7.0.42, 7.0.47

2014-01-04 Thread Terence M. Bandoian
On 1/4/2014 3:08 PM, Christopher Schultz wrote: Musassir, On 1/3/14, 5:27 PM, Mudassir Aftab wrote: Again, we have to submit this as a bug.TLS 1.2 is not working in Tomcat Tomcat 7.0.74 Oracle Java 1.7.0_45 tcnative 1.1.29 trunk (essentially 1.2.29 tcnative$ make clean tcnative$

Re: TLS is not working in 6.0.37, 7.0.42, 7.0.47

2014-01-04 Thread Terence M. Bandoian
On 1/4/2014 3:08 PM, Christopher Schultz wrote: Musassir, On 1/3/14, 5:27 PM, Mudassir Aftab wrote: Again, we have to submit this as a bug.TLS 1.2 is not working in Tomcat Tomcat 7.0.74 Oracle Java 1.7.0_45 tcnative 1.1.29 trunk (essentially 1.2.29 tcnative$ make clean tcnative$