Leonard, Please respond to the list!!! Easiest as respond to all...
> Am 27.01.2020 um 17:48 schrieb Léonard WAMBERGUE > <leonard.wambergue...@gmail.com>: > > Ok so i put 8443 in my connector but not yet the alias. Now i have in my > browser the error : ERR_CONNECTION_TIMED_OUT. > > I have this error in Catalina out with context.xml : > > 27-Jan-2020 16:40:12.646 SEVERE [main] > org.apache.catalina.startup.ContextConfig.processContextConfig Parse error in > context.xml for [/host-manager] > org.xml.sax.SAXParseException; systemId: > file:/opt/tomcat/webapps/host-manager/META-INF/context.xml; lineNumber: 19; > columnNumber: 7; Invalid byte 1 of 1-byte UTF-8 sequence. > at > java.xml/com.sun.org.apache.xerces.internal.util.ErrorHandlerWrapper.createSAXParseException(ErrorHandlerWrapper.java:204) > at > java.xml/com.sun.org.apache.xerces.internal.util.ErrorHandlerWrapper.fatalError(ErrorHandlerWrapper.java:178) > at > java.xml/com.sun.org.apache.xerces.internal.impl.XMLErrorReporter.reportError(XMLErrorReporter.java:400) > at > java.xml/com.sun.org.apache.xerces.internal.impl.XMLErrorReporter.reportError(XMLErrorReporter.java:306) > at > java.xml/com.sun.org.apache.xerces.internal.impl.XMLDocumentFragmentScannerImpl$FragmentContentDriver.next(XMLDocumentFragmentScannerImpl.java:3085) > at > java.xml/com.sun.org.apache.xerces.internal.impl.XMLDocumentScannerImpl.next(XMLDocumentScannerImpl.java:605) > at > java.xml/com.sun.org.apache.xerces.internal.impl.XMLDocumentFragmentScannerImpl.scanDocument(XMLDocumentFragmentScannerImpl.java:534) > at > java.xml/com.sun.org.apache.xerces.internal.parsers.XML11Configuration.parse(XML11Configuration.java:888) > at > java.xml/com.sun.org.apache.xerces.internal.parsers.XML11Configuration.parse(XML11Configuration.java:824) > at > java.xml/com.sun.org.apache.xerces.internal.parsers.XMLParser.parse(XMLParser.java:141) > > And this : > > 27-Jan-2020 16:40:12.639 WARNING [main] > org.apache.catalina.startup.SetContextPropertiesRule.begin > [SetContextPropertiesRule]{Context} Setting property 'antiResourceLocking' to > 'false' did not find a matching property. > 27-Jan-2020 16:40:12.641 SEVERE [main] > org.apache.tomcat.util.digester.Digester.fatalError Parse fatal error at line > [19] column [7] > org.xml.sax.SAXParseException; systemId: > file:/opt/tomcat/webapps/host-manager/META-INF/context.xml; lineNumber: 19; > columnNumber: 7; Invalid byte 1 of 1-byte UTF-8 sequence. > at > java.xml/com.sun.org.apache.xerces.internal.util.ErrorHandlerWrapper.createSAXParseException(ErrorHandlerWrapper.java:204) > at > java.xml/com.sun.org.apache.xerces.internal.util.ErrorHandlerWrapper.fatalError(ErrorHandlerWrapper.java:178) > > But i have not find the same error it’s seem like port 8443 solve the error > in my last email. I hadn’t edit the context.xml so i don’t understand this > problem. It can be wrong installation of tomcat ? > Ok, I’m at loss here. Maybe your web app did not get that far to load before you changed the port??? Could you please put the (redacted) content here? Peter > Thank for helping me ! > > Provenance : Courrier <https://go.microsoft.com/fwlink/?LinkId=550986> pour > Windows 10 > > De : logo <mailto:l...@kreuser.name> > Envoyé le :lundi 27 janvier 2020 17:32 > À : Tomcat Users List <mailto:users@tomcat.apache.org> > Cc : Léonard WAMBERGUE <mailto:leonard.wambergue...@gmail.com> > Objet :Re: RE : Install Comodo SSL in Tomcat > > Leonard, > > > Am 2020-01-27 16:53, schrieb Léonard WAMBERGUE: > > Ok so i have find this error (severe) in my Catalina.out about > > connector : > > > > 27-Jan-2020 10:52:23.625 INFO [main] > > org.apache.coyote.AbstractProtocol.init Initializing ProtocolHandler > > ["http-nio-194.5.159.189-8080"] > > 27-Jan-2020 10:52:23.760 INFO [main] > > org.apache.coyote.AbstractProtocol.init Initializing ProtocolHandler > > ["https-openssl-nio-443"] > > 27-Jan-2020 10:52:23.764 SEVERE [main] > > org.apache.catalina.util.LifecycleBase.handleSubClassException Failed > > to initialize component [Connector[HTTP/1.1-443]] > > org.apache.catalina.LifecycleException: Protocol handler > > initialization failed > > at > > org.apache.catalina.connector.Connector.initInternal(Connector.java:983) > > at > > org.apache.catalina.util.LifecycleBase.init(LifecycleBase.java:136) > > at > > org.apache.catalina.core.StandardService.initInternal(StandardService.java:533) > > at > > org.apache.catalina.util.LifecycleBase.init(LifecycleBase.java:136) > > at > > org.apache.catalina.core.StandardServer.initInternal(StandardServer.java:1057) > > at > > org.apache.catalina.util.LifecycleBase.init(LifecycleBase.java:136) > > at > > org.apache.catalina.startup.Catalina.load(Catalina.java:584) > > at > > org.apache.catalina.startup.Catalina.load(Catalina.java:607) > > at > > java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native > > Method) > > at > > java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62) > > at > > java.base/jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) > > at > > java.base/java.lang.reflect.Method.invoke(Method.java:566) > > at > > org.apache.catalina.startup.Bootstrap.load(Bootstrap.java:303) > > at > > org.apache.catalina.startup.Bootstrap.main(Bootstrap.java:473) > > Caused by: java.net.SocketException: Permission denied > > at java.base/sun.nio.ch.Net.bind0(Native Method) > > at java.base/sun.nio.ch.Net.bind(Net.java:455) > > at java.base/sun.nio.ch.Net.bind(Net.java:447) > > at > > > that looks like you're trying to start a privileged port without being > root. > > try to start on port 8443, and see if you can connect. > > After that you may need a natting to map port 443 to 8443. (you should > not start tomcat as root or privileged windows user) > > Peter. > > > java.base/sun.nio.ch.ServerSocketChannelImpl.bind(ServerSocketChannelImpl.java:227) > > at > > java.base/sun.nio.ch.ServerSocketAdaptor.bind(ServerSocketAdaptor.java:80) > > at > > org.apache.tomcat.util.net.NioEndpoint.initServerSocket(NioEndpoint.java:229) > > at > > org.apache.tomcat.util.net.NioEndpoint.bind(NioEndpoint.java:212) > > at > > org.apache.tomcat.util.net.AbstractEndpoint.bindWithCleanup(AbstractEndpoint.java:1141) > > at > > org.apache.tomcat.util.net.AbstractEndpoint.init(AbstractEndpoint.java:1154) > > at > > org.apache.coyote.AbstractProtocol.init(AbstractProtocol.java:575) > > at > > org.apache.coyote.http11.AbstractHttp11Protocol.init(AbstractHttp11Protocol.java:74) > > at > > org.apache.catalina.connector.Connector.initInternal(Connector.java:980) > > ... 13 more > > > > I will add an alias to my keystore and i had seen others errors in > > context.xml but i never edit this file. > > Provenance : Courrier pour Windows 10 > > > > De : Christopher Schultz > > Envoyé le :lundi 27 janvier 2020 14:24 > > À : users@tomcat.apache.org > > Objet :Re: Install Comodo SSL in Tomcat > > > > -----BEGIN PGP SIGNED MESSAGE----- > > Hash: SHA256 > > > > Léonard, > > > > On 1/27/20 4:57 AM, Léonard WAMBERGUE wrote: > >> I’m resending this email because i wasn’t well subscribed to users. > >> I have a VPS server which turn with Ubuntu and i had install > >> apache/maven and tomcat.> My server version is Apache > >> Tomcat/9.0.30. > >> > >> So i deploy my webapp with a ROOT.war file in tomcat. The website > >> is running on port 8080 and 80 with a redirection. Now i am trying > >> to install a Comodo SSL to my website and configure my 443 port in > >> order to use Something like https://mydomain.com. > >> > >> After purchasing my comodo certificate i received a zip which > >> containing a key file, a bundle and .crt like mydomain.crt. > > Are you sure Comodo send you a .key file? That would be very unusual. > > > > When you applied for the certificate, did you send them a Certificate > > Signing Request (CSR)? Or did *they* generate the server-key for you? > > You should never let anyone else generate your server key for you. > > > >> I had already configure mydomain.jks with a keystore and configure > >> my connector with this code : > > What is in the JKS file? Did you add anything from the ZIP file into > > the JKS file? > > > >> <Connector port="443" maxHttpHeaderSize="8192" maxThreads="150" > >> minSpareThreads="25" maxSpareThreads="75" enableLookups="false" > >> disableUploadTimeout="true" acceptCount="100" scheme="https" > >> secure="true" SSLEnabled="true" clientAuth="false" > >> sslProtocol="TLS" keystoreFile="/opt/tomcat/certs/my.jks" > >> keystorePass="myPass"/> > > > > That looks okay to me, except that you don't have a certificate > > "alias" listed, so Tomcat will choose the first certificate it finds > > in the store, which may not be the one you want to use. > > > > The contents of the JKS file are pretty important for us to see. You > > can dump the file like this: > > > > $ keytool -list -keystore /opt/tomcat/certs/my.jks -storetype JKS > > > >> But when i’m trying to connect to https://mydomain.com i have > >> err_connection_refused and this website don’t allow connexion. > > What do the logs say on startup? If the <Connector> cannot start, it > > won't bind to the socket and you'll get "connection refused" on the > > client side. > > > >> I had already search many hours how to configure my ssl and i’m a > >> beginner. I had already try to configure ufw but actually it > >> doesn’t work. > > > > You came to the right place. We'll get you going. > > > > - -chris > > -----BEGIN PGP SIGNATURE----- > > Comment: Using GnuPG with Thunderbird - https://www.enigmail.net/ > > > > iQIzBAEBCAAdFiEEMmKgYcQvxMe7tcJcHPApP6U8pFgFAl4u5JgACgkQHPApP6U8 > > pFjFvw//ReeWQaEbxaGq0Ae8lzedvNHTxwjE17/rD8nCD/Yr71lsUIoJt3Ej8NAz > > DsA8Idr00XRKFFmO1FkFiZ1Vw5XCxLr6fSSv5I6R66Ttj7asjGDrI6M6hfnzth4g > > cL1CMk2kL0Hn/fK0N+MrBpoQHDHElDgAbtiJyivzJP9cDkLxp99KDTguBesG887Q > > hyt8JmMomsXw5OyXe/sxzkyMQToiTwLw7VBRYKtklIpEXOnBo0rDOihWTPc/Ucht > > tl1QI4pDqwhITOIFUgGTfwrXhxfVXARgFbHc76ZNwDNuqn/OwxKn9mxAUTq1kYaU > > Ve51835QBoRz1Y3yoJ7C+MPR5FfnWnyqS+6Slx0+zu961nj889V4bali5hx0aABq > > Df7QOBNPsSA2qhX8y07BAoKLro4nf3oi6a9dSKZ7njw366nntvRBYXN8fUjioJ9i > > W5kWALj3wBM2gFHFQnw+srU31WiKRjezSWPKc8c51VHVTFLe2W/EHTE+XAO2179Z > > mo4SIa0dPVNoV7Yvxq03YAP+WvdjcFRErB4nSYm2HRLQv5t15MEmDW0fFQaCnQL/ > > uww5ENscU6RKXGtGrzooN6u9CfFt3x1SrqL+oGfVEj7plKTZKwNY+4BU4+u3XqSO > > oWRtTgPJUHvx0CZXJREQAJukDQLXvbQ16WfpUa2vIwZYt7blkNA= > > =EBS2 > > -----END PGP SIGNATURE----- > > > > --------------------------------------------------------------------- > > To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org > > For additional commands, e-mail: users-h...@tomcat.apache.org