The logs you see above from FileTrustStoreSslSocketFactory have nothing to do with Tomcat whether external or internal, or the connection exposed over http.
And if you have not anything explicit to enable or disable the internal tomcat, then you get it by default. So you end up with a CAS application that is pregnant with an apache tomcat instance. If you deploy to an external tomcat, the embedded tomcat will automatically back away and will have no effect. To disable it from inclusion, you should make sure this is set to blank: https://github.com/apereo/cas-overlay-template/blob/master/gradle.properties#L5-L7 On Fri, Feb 5, 2021 at 8:41 PM Baron Fujimoto <[email protected]> wrote: > > AFAIK, our CAS 5.0.x instances are using external Tomcat. We've always set > the protocols and ciphers in its own config. Everything that connects to us > (e.g. SSL Labs server tests) suggests we are using this external Tomcat. Yet > we still get the logs provided previously, and I don't think we've done > anything to explicitly enable or disable any internal Tomcat. Where would I > find information on doing so? > > On Thu, Feb 4, 2021 at 9:12 PM Misagh Moayyed <[email protected]> > wrote: >> >> That depends on whether you are running embedded or external. If external, >> you should be changes to tomcat yourself and manually and you should review >> the tomcat documentation. If embedded, then you should consider using >> `server.ssl.enabled-protocols=` which is a setting provided by Spring Boot >> to CAS that controls the enabled protocols and auto-configures the embedded >> tomcat. >> >> >> -- >> - Website: https://apereo.github.io/cas >> - Gitter Chatroom: https://gitter.im/apereo/cas >> - List Guidelines: https://goo.gl/1VRrw7 >> - Contributions: https://goo.gl/mh7qDG >> --- >> You received this message because you are subscribed to the Google Groups >> "CAS Community" group. >> To unsubscribe from this group and stop receiving emails from it, send an >> email to [email protected]. >> To view this discussion on the web visit >> https://groups.google.com/a/apereo.org/d/msgid/cas-user/b865a483-8388-4dcd-b12e-31a4d5efecc1n%40apereo.org. > > > > -- > Baron Fujimoto <[email protected]> :: UH Information Technology Services > minutas cantorum, minutas balorum, minutas carboratum desendus pantorum > > -- > - Website: https://apereo.github.io/cas > - Gitter Chatroom: https://gitter.im/apereo/cas > - List Guidelines: https://goo.gl/1VRrw7 > - Contributions: https://goo.gl/mh7qDG > --- > You received this message because you are subscribed to the Google Groups > "CAS Community" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to [email protected]. > To view this discussion on the web visit > https://groups.google.com/a/apereo.org/d/msgid/cas-user/CAAjLUL0%2Bxt0onQDqd-m%2BjAdYym%2BPyZu27ouMM24Fy%3DPEjaxLBw%40mail.gmail.com. -- - Website: https://apereo.github.io/cas - Gitter Chatroom: https://gitter.im/apereo/cas - List Guidelines: https://goo.gl/1VRrw7 - Contributions: https://goo.gl/mh7qDG --- You received this message because you are subscribed to the Google Groups "CAS Community" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/CAGSBKkdPJSXh1CPOz3ee9QhLH1KoybnJ%2ByDNxmWQKHr5vNmuTw%40mail.gmail.com.
