Leonard,
Please respond to the list!!! Easiest as respond to all...
> Am 27.01.2020 um 17:48 schrieb Léonard WAMBERGUE
> <leonard.wambergue...@gmail.com>:
>
> Ok so i put 8443 in my connector but not yet the alias. Now i have in my
> browser the error : ERR_CONNECTION_TIMED_OUT.
>
> I have this error in Catalina out with context.xml :
>
> 27-Jan-2020 16:40:12.646 SEVERE [main]
> org.apache.catalina.startup.ContextConfig.processContextConfig Parse error in
> context.xml for [/host-manager]
> org.xml.sax.SAXParseException; systemId:
> file:/opt/tomcat/webapps/host-manager/META-INF/context.xml; lineNumber: 19;
> columnNumber: 7; Invalid byte 1 of 1-byte UTF-8 sequence.
> at
> java.xml/com.sun.org.apache.xerces.internal.util.ErrorHandlerWrapper.createSAXParseException(ErrorHandlerWrapper.java:204)
> at
> java.xml/com.sun.org.apache.xerces.internal.util.ErrorHandlerWrapper.fatalError(ErrorHandlerWrapper.java:178)
> at
> java.xml/com.sun.org.apache.xerces.internal.impl.XMLErrorReporter.reportError(XMLErrorReporter.java:400)
> at
> java.xml/com.sun.org.apache.xerces.internal.impl.XMLErrorReporter.reportError(XMLErrorReporter.java:306)
> at
> java.xml/com.sun.org.apache.xerces.internal.impl.XMLDocumentFragmentScannerImpl$FragmentContentDriver.next(XMLDocumentFragmentScannerImpl.java:3085)
> at
> java.xml/com.sun.org.apache.xerces.internal.impl.XMLDocumentScannerImpl.next(XMLDocumentScannerImpl.java:605)
> at
> java.xml/com.sun.org.apache.xerces.internal.impl.XMLDocumentFragmentScannerImpl.scanDocument(XMLDocumentFragmentScannerImpl.java:534)
> at
> java.xml/com.sun.org.apache.xerces.internal.parsers.XML11Configuration.parse(XML11Configuration.java:888)
> at
> java.xml/com.sun.org.apache.xerces.internal.parsers.XML11Configuration.parse(XML11Configuration.java:824)
> at
> java.xml/com.sun.org.apache.xerces.internal.parsers.XMLParser.parse(XMLParser.java:141)
>
> And this :
>
> 27-Jan-2020 16:40:12.639 WARNING [main]
> org.apache.catalina.startup.SetContextPropertiesRule.begin
> [SetContextPropertiesRule]{Context} Setting property 'antiResourceLocking' to
> 'false' did not find a matching property.
> 27-Jan-2020 16:40:12.641 SEVERE [main]
> org.apache.tomcat.util.digester.Digester.fatalError Parse fatal error at line
> [19] column [7]
> org.xml.sax.SAXParseException; systemId:
> file:/opt/tomcat/webapps/host-manager/META-INF/context.xml; lineNumber: 19;
> columnNumber: 7; Invalid byte 1 of 1-byte UTF-8 sequence.
> at
> java.xml/com.sun.org.apache.xerces.internal.util.ErrorHandlerWrapper.createSAXParseException(ErrorHandlerWrapper.java:204)
> at
> java.xml/com.sun.org.apache.xerces.internal.util.ErrorHandlerWrapper.fatalError(ErrorHandlerWrapper.java:178)
>
> But i have not find the same error it’s seem like port 8443 solve the error
> in my last email. I hadn’t edit the context.xml so i don’t understand this
> problem. It can be wrong installation of tomcat ?
>
Ok, I’m at loss here. Maybe your web app did not get that far to load before
you changed the port??? Could you please put the (redacted) content here?
Peter
> Thank for helping me !
>
> Provenance : Courrier <https://go.microsoft.com/fwlink/?LinkId=550986> pour
> Windows 10
>
> De : logo <mailto:l...@kreuser.name>
> Envoyé le :lundi 27 janvier 2020 17:32
> À : Tomcat Users List <mailto:users@tomcat.apache.org>
> Cc : Léonard WAMBERGUE <mailto:leonard.wambergue...@gmail.com>
> Objet :Re: RE : Install Comodo SSL in Tomcat
>
> Leonard,
>
>
> Am 2020-01-27 16:53, schrieb Léonard WAMBERGUE:
> > Ok so i have find this error (severe) in my Catalina.out about
> > connector :
> >
> > 27-Jan-2020 10:52:23.625 INFO [main]
> > org.apache.coyote.AbstractProtocol.init Initializing ProtocolHandler
> > ["http-nio-194.5.159.189-8080"]
> > 27-Jan-2020 10:52:23.760 INFO [main]
> > org.apache.coyote.AbstractProtocol.init Initializing ProtocolHandler
> > ["https-openssl-nio-443"]
> > 27-Jan-2020 10:52:23.764 SEVERE [main]
> > org.apache.catalina.util.LifecycleBase.handleSubClassException Failed
> > to initialize component [Connector[HTTP/1.1-443]]
> > org.apache.catalina.LifecycleException: Protocol handler
> > initialization failed
> > at
> > org.apache.catalina.connector.Connector.initInternal(Connector.java:983)
> > at
> > org.apache.catalina.util.LifecycleBase.init(LifecycleBase.java:136)
> > at
> > org.apache.catalina.core.StandardService.initInternal(StandardService.java:533)
> > at
> > org.apache.catalina.util.LifecycleBase.init(LifecycleBase.java:136)
> > at
> > org.apache.catalina.core.StandardServer.initInternal(StandardServer.java:1057)
> > at
> > org.apache.catalina.util.LifecycleBase.init(LifecycleBase.java:136)
> > at
> > org.apache.catalina.startup.Catalina.load(Catalina.java:584)
> > at
> > org.apache.catalina.startup.Catalina.load(Catalina.java:607)
> > at
> > java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native
> > Method)
> > at
> > java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
> > at
> > java.base/jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
> > at
> > java.base/java.lang.reflect.Method.invoke(Method.java:566)
> > at
> > org.apache.catalina.startup.Bootstrap.load(Bootstrap.java:303)
> > at
> > org.apache.catalina.startup.Bootstrap.main(Bootstrap.java:473)
> > Caused by: java.net.SocketException: Permission denied
> > at java.base/sun.nio.ch.Net.bind0(Native Method)
> > at java.base/sun.nio.ch.Net.bind(Net.java:455)
> > at java.base/sun.nio.ch.Net.bind(Net.java:447)
> > at
>
>
> that looks like you're trying to start a privileged port without being
> root.
>
> try to start on port 8443, and see if you can connect.
>
> After that you may need a natting to map port 443 to 8443. (you should
> not start tomcat as root or privileged windows user)
>
> Peter.
>
> > java.base/sun.nio.ch.ServerSocketChannelImpl.bind(ServerSocketChannelImpl.java:227)
> > at
> > java.base/sun.nio.ch.ServerSocketAdaptor.bind(ServerSocketAdaptor.java:80)
> > at
> > org.apache.tomcat.util.net.NioEndpoint.initServerSocket(NioEndpoint.java:229)
> > at
> > org.apache.tomcat.util.net.NioEndpoint.bind(NioEndpoint.java:212)
> > at
> > org.apache.tomcat.util.net.AbstractEndpoint.bindWithCleanup(AbstractEndpoint.java:1141)
> > at
> > org.apache.tomcat.util.net.AbstractEndpoint.init(AbstractEndpoint.java:1154)
> > at
> > org.apache.coyote.AbstractProtocol.init(AbstractProtocol.java:575)
> > at
> > org.apache.coyote.http11.AbstractHttp11Protocol.init(AbstractHttp11Protocol.java:74)
> > at
> > org.apache.catalina.connector.Connector.initInternal(Connector.java:980)
> > ... 13 more
> >
> > I will add an alias to my keystore and i had seen others errors in
> > context.xml but i never edit this file.
> > Provenance : Courrier pour Windows 10
> >
> > De : Christopher Schultz
> > Envoyé le :lundi 27 janvier 2020 14:24
> > À : users@tomcat.apache.org
> > Objet :Re: Install Comodo SSL in Tomcat
> >
> > -----BEGIN PGP SIGNED MESSAGE-----
> > Hash: SHA256
> >
> > Léonard,
> >
> > On 1/27/20 4:57 AM, Léonard WAMBERGUE wrote:
> >> I’m resending this email because i wasn’t well subscribed to users.
> >> I have a VPS server which turn with Ubuntu and i had install
> >> apache/maven and tomcat.> My server version is Apache
> >> Tomcat/9.0.30.
> >>
> >> So i deploy my webapp with a ROOT.war file in tomcat. The website
> >> is running on port 8080 and 80 with a redirection. Now i am trying
> >> to install a Comodo SSL to my website and configure my 443 port in
> >> order to use Something like https://mydomain.com.
> >>
> >> After purchasing my comodo certificate i received a zip which
> >> containing a key file, a bundle and .crt like mydomain.crt.
> > Are you sure Comodo send you a .key file? That would be very unusual.
> >
> > When you applied for the certificate, did you send them a Certificate
> > Signing Request (CSR)? Or did *they* generate the server-key for you?
> > You should never let anyone else generate your server key for you.
> >
> >> I had already configure mydomain.jks with a keystore and configure
> >> my connector with this code :
> > What is in the JKS file? Did you add anything from the ZIP file into
> > the JKS file?
> >
> >> <Connector port="443" maxHttpHeaderSize="8192" maxThreads="150"
> >> minSpareThreads="25" maxSpareThreads="75" enableLookups="false"
> >> disableUploadTimeout="true" acceptCount="100" scheme="https"
> >> secure="true" SSLEnabled="true" clientAuth="false"
> >> sslProtocol="TLS" keystoreFile="/opt/tomcat/certs/my.jks"
> >> keystorePass="myPass"/>
> >
> > That looks okay to me, except that you don't have a certificate
> > "alias" listed, so Tomcat will choose the first certificate it finds
> > in the store, which may not be the one you want to use.
> >
> > The contents of the JKS file are pretty important for us to see. You
> > can dump the file like this:
> >
> > $ keytool -list -keystore /opt/tomcat/certs/my.jks -storetype JKS
> >
> >> But when i’m trying to connect to https://mydomain.com i have
> >> err_connection_refused and this website don’t allow connexion.
> > What do the logs say on startup? If the <Connector> cannot start, it
> > won't bind to the socket and you'll get "connection refused" on the
> > client side.
> >
> >> I had already search many hours how to configure my ssl and i’m a
> >> beginner. I had already try to configure ufw but actually it
> >> doesn’t work.
> >
> > You came to the right place. We'll get you going.
> >
> > - -chris
> > -----BEGIN PGP SIGNATURE-----
> > Comment: Using GnuPG with Thunderbird - https://www.enigmail.net/
> >
> > iQIzBAEBCAAdFiEEMmKgYcQvxMe7tcJcHPApP6U8pFgFAl4u5JgACgkQHPApP6U8
> > pFjFvw//ReeWQaEbxaGq0Ae8lzedvNHTxwjE17/rD8nCD/Yr71lsUIoJt3Ej8NAz
> > DsA8Idr00XRKFFmO1FkFiZ1Vw5XCxLr6fSSv5I6R66Ttj7asjGDrI6M6hfnzth4g
> > cL1CMk2kL0Hn/fK0N+MrBpoQHDHElDgAbtiJyivzJP9cDkLxp99KDTguBesG887Q
> > hyt8JmMomsXw5OyXe/sxzkyMQToiTwLw7VBRYKtklIpEXOnBo0rDOihWTPc/Ucht
> > tl1QI4pDqwhITOIFUgGTfwrXhxfVXARgFbHc76ZNwDNuqn/OwxKn9mxAUTq1kYaU
> > Ve51835QBoRz1Y3yoJ7C+MPR5FfnWnyqS+6Slx0+zu961nj889V4bali5hx0aABq
> > Df7QOBNPsSA2qhX8y07BAoKLro4nf3oi6a9dSKZ7njw366nntvRBYXN8fUjioJ9i
> > W5kWALj3wBM2gFHFQnw+srU31WiKRjezSWPKc8c51VHVTFLe2W/EHTE+XAO2179Z
> > mo4SIa0dPVNoV7Yvxq03YAP+WvdjcFRErB4nSYm2HRLQv5t15MEmDW0fFQaCnQL/
> > uww5ENscU6RKXGtGrzooN6u9CfFt3x1SrqL+oGfVEj7plKTZKwNY+4BU4+u3XqSO
> > oWRtTgPJUHvx0CZXJREQAJukDQLXvbQ16WfpUa2vIwZYt7blkNA=
> > =EBS2
> > -----END PGP SIGNATURE-----
> >
> > ---------------------------------------------------------------------
> > To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
> > For additional commands, e-mail: users-h...@tomcat.apache.org
