Hello,
Ever since we started using jdk10 and up we get this error message whenever
we do ./shutdown.sh.
NOTE: Picked up JDK_JAVA_OPTIONS:
--add-opens=java.base/java.lang=ALL-UNNAMED
--add-opens=java.base/java.io=ALL-UNNAMED
--add-opens=java.rmi/sun.rmi.transport=ALL-UNNAMED
We need to fix the
erschultz.net> wrote:
> -BEGIN PGP SIGNED MESSAGE-
> Hash: SHA256
>
> John,
>
> On 12/31/18 10:12, John Larsen wrote:
> > Ever since we started using jdk10 and up we get this error message
> > whenever we do ./shutdown.sh.
> >
> > NOTE: Picked up
I have run into this and solved it.
Basically its due to JDK versions 7 and older.
Two options to fix.
1. upgrade to jdk8
2. Add the following to your JAVA_OPTS or CATALINA_OPTS:
-Dhttps.protocols=TLSv1.2
-Dhttps.cipherSuites=TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256
John
On Sun, Jan 6, 2019 at
You need to allow access in your webapps/manager/META-INF/context.xml file
replace
allow="127\.\d+\.\d+\.\d+|::1|0:0:0:0:0:0:0:1"
with
allow=".*"
Or set it to more restrictive if needed.
Restart tomcat and you should be able to access.
John
On Mon, Jan 7, 2019 at 12:25 PM Joel Saunders
Setup an init script.
This is similar to how I do it.
https://gist.github.com/katesclau/0ff6e41fd698e94eb43c
John Larsen
On Tue, Jan 8, 2019 at 10:01 AM Joel Saunders
wrote:
> All,
>
>
>
> I just installed Tomcat 8.5 on RedHat.
>
>
>
> The previous tomcat6 instal
I simply tie systemd with the init script. Our servers host around 20-30
tomcat instances. I found it easier do it this way.
John Larsen
On Tue, Jan 8, 2019 at 10:26 AM Igal Sapir wrote:
> On Tue, Jan 8, 2019 at 9:08 AM John Larsen
> wrote:
>
> > Setup an init script.
&g
How can I surpress it if its not an error? Problem I have is the output
causes the script thinks its an error.
Thanks,
John
On Thu, Jan 3, 2019 at 12:51 PM Mark Thomas wrote:
> On 31/12/2018 15:12, John Larsen wrote:
> > Hello,
> >
> > Ever since we started usin
Tomcat 8 uses tomcat/lib instead of tomcat/common/ you'll need to adjust
your script.
John Larsen
On Tue, Mar 12, 2019 at 7:43 AM Joel Griffith wrote:
> I'm upgrading a webapp server from Tomcat 7 to Tomcat 8 on Ubuntu 16.04.
> At installation, Tomcat 7 creates a directory `/var/lib/t
You can use apache with mod_jk and then just setup the ssl through apache
and tomcat will use the 443 port through apache.
If you want to use letencrypt you need to add JkUnMount for /.well-known/*
directory so that when you run lets encrypt it can create and get to this
directory through apache.
Thats a really good question. We've simply replaced the entire tomcat
installation and then rerun auto config.
Be nice if apache provided patches.
John
On Wed, Feb 6, 2019 at 7:39 PM Murtaza Doctor wrote:
> Dear Support,
>
> We request your help/advice for the Tomcat Patch Management. We
I am interested in this too. Basically we've had to set another port in
which the app can access tomcat for websockets directly. We've not been
able to get this to work over httpd.
John
On Wed, Feb 6, 2019 at 5:32 PM Jesse Schulman wrote:
> Is it possible for tomcat to run with HTTP2 and
Why windows - especially from 2003. If app is in java you'll get huge
performance boost moving to linux.
John Larsen
On Wed, Jun 26, 2019 at 11:11 AM Kumar R wrote:
> Hi Team,
> Is it possible to go for higher version of JDK(64 bit) and Tomcat(64bit) on
> 32 bit window 2003 arc
:139932601325312] [error]
ajp_service::jk_ajp_common.c (2796): (w314) connecting to tomcat failed
(rc=-3, errors=2, client_errors=0).
[Thu Apr 25 04:14:07.458 2019] [30178:139932601325312] [info]
jk_handler::mod_jk.c (2991): Service error=-3 for worker=w314
I tried updating mod_jk to 1.2.46
John Larsen
We do the same - via mod_jk we utilize apache httpd to handle the SSL.
Keeps things simple and works well.
John Larsen
On Wed, Apr 17, 2019 at 7:44 AM TurboChargedDad .
wrote:
> We terminated SSL above the tomcat layer using NGINX or Apache to avoid
> the complexities that come with ma
I usually handle the redirect on the webserver side and set the alias in
server.xml to the subdomain.
John Larsen
On Tue, Aug 6, 2019 at 7:11 AM Simon Funnell wrote:
> Hi,
>
> I was going to do a redirect at my dns provider from the naked domain to
> the www subdomain.
ector will not start unless the secret
attribute is configured to a non-null, non-zero length String. (markt)"
Or can i just change this to false? What it its purpose?
Thanks!
John Larsen
Thanks for the info. Will this change be backported to 8.5 and 7?
John Larsen
On Fri, Feb 14, 2020 at 9:03 AM Mark Thomas wrote:
> On 14/02/2020 15:56, John Larsen wrote:
> > From my testing.
> >
> > secretRequired="false" is still needed though docs says its
er acceptance of localhost by default and then add secret for
remote ajp servers.
John Larsen
On Fri, Feb 14, 2020 at 7:37 AM Mark Thomas wrote:
> On 14/02/2020 14:21, John Larsen wrote:
> > I apologize - coffee started to kick in. The address="::1" portion is
> > commented o
I apologize - coffee started to kick in. The address="::1" portion is
commented out.
Will adding secret="false"? in the server.xml bypass this issue?
Thanks,
John Larsen
On Fri, Feb 14, 2020 at 6:52 AM Mark Thomas wrote:
> On 14/02/2020 13:45, John Larsen wrote:
Worker host also needs to be 127.0.0.1 in your mod_jk workers.properties
file. That is if you were using host=localhost previously.
John Larsen
On Tue, Feb 18, 2020 at 5:36 AM Friderike Hofmeister <
friderike.hofmeis...@mbsupport.de> wrote:
> Hi,
>
> for our application we have
have to implement it?
>
> Regards,
> Friderike Hofmeister
>
> >
>
> > John Larsen hat am 18. Februar 2020 13:49
> geschrieben:
> >
> >
> > Worker host also needs to be 127.0.0.1 in your mod_jk workers.properties
> > file. That is if you were usin
It doesn't work otherwise. Before you guys changed the AJP we always used
locahost for host in workers.
John Larsen
On Tue, Feb 18, 2020 at 9:27 AM Christopher Schultz <
ch...@christopherschultz.net> wrote:
> -BEGIN PGP SIGNED MESSAGE-
> Hash: SHA256
>
> John,
&g
ot;" - not sure that would solve the problem - i mean logically
it doesnt make sense, but I will give it a try.
John Larsen
On Thu, Apr 23, 2020 at 1:15 PM Mark Thomas wrote:
> On 23/04/2020 20:10, John Larsen wrote:
> > Ok so my next question is how to handle this better? The goal
to comment out the above context, start tomcat
so the war will deploy, uncomment and then restart tomcat again.
John Larsen
Ok so my next question is how to handle this better? The goal here is so
that one does not have to enter /webappName/ on the end of the domain.
We use the context to tell Tomcat which webapp to load instead of ROOT.
John Larsen
On Thu, Apr 23, 2020 at 12:47 PM Christopher Schultz <
Turns out the developer was deleting the app dir along with war and
restarting.
John
On Thu, Apr 23, 2020 at 1:19 PM John Larsen
wrote:
> Ah doing ROOT.war is my pet peeve. I find this bad practice. Its nice to
> have ROOT especially when the developer insists theres something
Should be chmod 644 and also I wouldnt recommend running tomcat as root.
John Larsen
On Tue, May 12, 2020 at 9:28 AM Patrick Baldwin
wrote:
> I've gotten passed an odd (to me, anyway) issue with one of our clients
> CentOS systems.
>
> When our webapp starts running, tomcat
This is why we set up SSL through the web server instead of tomcat.
Apache webserver -> SSL -> Mod_jk <-> Tomcat
John Larsen
On Sat, Dec 26, 2020 at 10:43 AM Jerry Malcolm
wrote:
> We have a production environment where we rarely reboot Tomcat.
> LetsEncrypt auto-update
No need to be discouraged. Docker is just a set of tools. You can still use
docker to create images, but you dont need docker to use those images in a
container. K8s is using industry standard containerd.
https://kubernetes.io/blog/2020/12/02/dont-panic-kubernetes-and-docker/
John Larsen
I usually let the apache webserver or nginx handle the SSL while proxying
to the tomcat. To use tomcat's built in server you'll need to import the
SSL certificate into the keystore via your jdk.
John Larsen
On Tue, Mar 2, 2021 at 3:06 PM Alex wrote:
> Hi.
>
> I try to make a &quo
30 matches
Mail list logo
