Hi, I'm trying to connect to a tomcat9 server for which I made an entry in server.xml:
<Connector port="8443" protocol="org.apache.coyote.http11.Http11AprProtocol"
maxThreads="150" SSLEnabled="true" >
<UpgradeProtocol className="org.apache.coyote.http2.Http2Protocol" />
<SSLHostConfig>
<Certificate certificateKeyFile="conf/localhost-rsa-key.pem"
certificateFile="conf/localhost-rsa-cert.pem"
certificateChainFile="conf/localhost-rsa-chain.pem"
type="RSA" />
</SSLHostConfig>
</Connector>
and the following entries are also present, FWIW:
<Connector port="8082" maxHttpHeaderSize="8192" protocol="HTTP/1.1"
proxyName="cms.mysite.de" maxThreads="150" enableLookups="false"
redirectPort="8443" acceptCount="100" connectionTimeout="20000"
disableUploadTimeout="true" />
<Connector port="8081" maxHttpHeaderSize="8192" protocol="HTTP/1.1"
proxyName="othername.de" maxThreads="150" enableLookups="false"
redirectPort="8443" acceptCount="100" connectionTimeout="20000"
disableUploadTimeout="true" />
<Connector port="8080" maxHttpHeaderSize="8192" protocol="HTTP/1.1"
proxyName="other.de" maxThreads="150" enableLookups="false"
redirectPort="8443" acceptCount="100" connectionTimeout="20000"
disableUploadTimeout="true" />
<Connector port="8086" maxHttpHeaderSize="8192" protocol="HTTP/1.1"
proxyName="alternate.de" maxThreads="150" enableLookups="false"
redirectPort="8443" acceptCount="100" connectionTimeout="20000"
disableUploadTimeout="true" />
Connection to the server through port 8443 seems to work (filtered by ufw)
but I'm wondering why I don't see any tcp/v4 connection.
root@mail:/var/lib/tomcat9/logs# ufw status numbered
Status: active
To Action From
-- ------ ----
[ 1] 25 ALLOW IN Anywhere
[ 2] 443 ALLOW IN Anywhere
[ 3] 993 ALLOW IN Anywhere
[ 4] 587 ALLOW IN Anywhere
[ 5] 80 ALLOW IN Anywhere
[ 6] 22 ALLOW IN 33.180.24.29
[ 7] 8080/tcp ALLOW IN 33.180.24.29
[ 8] 8443/tcp ALLOW IN 33.180.24.29
[ 9] 25 (v6) ALLOW IN Anywhere (v6)
[10] 443 (v6) ALLOW IN Anywhere (v6)
[11] 993 (v6) ALLOW IN Anywhere (v6)
[12] 587 (v6) ALLOW IN Anywhere (v6)
[13] 80 (v6) ALLOW IN Anywhere (v6)
root@mail:/var/lib/tomcat9/logs# netstat -an | grep 8443
tcp6 0 0 :::8443 :::* LISTEN
08-Jan-2024 10:25:55.513 INFO [main]
org.apache.catalina.core.StandardEngine.startInternal Starting Servlet engine:
[Apache Tomcat/9.0.58 (Ubuntu)]
08-Jan-2024 10:25:55.532 INFO [main]
org.apache.catalina.startup.HostConfig.deployWAR Deploying web application
archive [/var/lib/tomcat9/webapps/ROOT.war]
08-Jan-2024 10:26:07.487 INFO [main]
org.apache.jasper.servlet.TldScanner.scanJars At least one JAR was scanned for
TLDs yet contained no TLDs. Enable debug logging for this logger for a complete
list of JARs that were scanned but no TLDs were found in them. Skipping
unneeded JARs during scanning can improve startup time and JSP compilation time.
08-Jan-2024 10:26:23.038 INFO [main]
org.apache.catalina.startup.HostConfig.deployWAR Deployment of web application
archive [/var/lib/tomcat9/webapps/ROOT.war] has finished in [27,506] ms
08-Jan-2024 10:26:23.043 INFO [main] org.apache.coyote.AbstractProtocol.start
Starting ProtocolHandler ["http-nio-8082"]
08-Jan-2024 10:26:23.079 INFO [main] org.apache.coyote.AbstractProtocol.start
Starting ProtocolHandler ["http-nio-8081"]
08-Jan-2024 10:26:23.094 INFO [main] org.apache.coyote.AbstractProtocol.start
Starting ProtocolHandler ["http-nio-8080"]
08-Jan-2024 10:26:23.098 INFO [main] org.apache.coyote.AbstractProtocol.start
Starting ProtocolHandler ["http-nio-8086"]
08-Jan-2024 10:26:23.108 INFO [main] org.apache.coyote.AbstractProtocol.start
Starting ProtocolHandler ["https-openssl-apr-8443"]
08-Jan-2024 10:26:23.133 INFO [main] org.apache.catalina.startup.Catalina.start
Server startup in [27735] milliseconds
root@mail:/var/lib/tomcat9/logs# lsof -i :8443
COMMAND PID USER FD TYPE DEVICE SIZE/OFF NODE NAME
java 177550 tomcat 43u IPv6 1853946 0t0 TCP *:8443 (LISTEN)
root@mail:/var/lib/tomcat9/logs#
--
Christoph
smime.p7s
Description: S/MIME cryptographic signature
