https://bz.apache.org/bugzilla/show_bug.cgi?id=59832
--- Comment #8 from Steve Mekkelsen Madden <steve.mad...@pega.com> --- Thank for you the response. I've been testing this all day and trying to figure out a way to reproduce it and was able to reproduce and resolve the problem. But as you pointed out, yes I was forced to change the connector to what I provided to the more expanded version for it to startup without any errors. A symptom of a different issue - probably so since it should just work, but what I found today was this: https://tomcat.apache.org/tomcat-8.5-doc/config/http.html#SSL_Support_-_Connector_-_NIO_and_NIO2_(deprecated). Not sure why I couldn't earlier, but it does show that the arguments have been deprecated (possibly too harshly??). After changing my connector to: <Connector port="8443" protocol="org.apache.coyote.http11.Http11Nio2Protocol" maxThreads="150" disableUploadTimeout="true" SSLEnabled="true" sslDefaultHost="vgcspsteste1.rpega.com"> <SSLHostConfig hostName="vgcspsteste1.rpega.com" sslProtocol="TLS" sslEnabledProtocols="TLSv1.1,TLSv1.2"> <Certificate certificateKeystoreFile="D:\certificates\rpegagdwc.keystore" certificateKeystorePassword="changeit" certificateKeyAlias="rpega" type="RSA"/> </SSLHostConfig> </Connector> The application no longer complained about the xml returned. Note: the only change was adding sslProtocol and sslEnabledProtocols to the SSLHostConfig option. Without those two added, this is what I see which kind of makes sense now that I found where the problem is. These parameters were in the previous version, but I took it too literally about being deprecated and part of SSLHostConfig thinking I no longer needed it. I've attached it as saxparseexception.txt. So the bug I believe can be qualified now as if the two arguments are not included and you specify NIO2, it breaks the app. However, with NIO you don't need the two arguments and it still works. -- You are receiving this mail because: You are the assignee for the bug. --------------------------------------------------------------------- To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
