RE: Keystore error trying to use SSL JSSE
It's not complaining about the file path, but about the property name. Capitalize the F - it should be keystoreFile= -Original Message- From: Tim Colletto [mailto:tcolle...@cra.com] Sent: Thursday, June 06, 2013 8:30 AM To: users@tomcat.apache.org Subject: Keystore error trying to use SSL JSSE Hello, Using the above method I receive the following in the log: WARNING: [SetAllPropertiesRule]{Server/Service/Connector} Setting property 'keystorefile' to 'c:\users\administrator\.keystore' did not find a matching property. The following is my main config: Connector port=80 redirectPort=443 protocol=HTTP/1.1 connectionTimeout=2/ Connector port=443 protocol=HTTP/1.1 SSLEnabled=true maxThreads=150 scheme=https secure=true keyAlias=tomcat keystorefile=c:\users\administrator\.keystore keystorePass=changeit acceptCount=100 clientAuth=false sslProtocol=TLS / Connector port=8009 redirectPort=443 protocol=AJP/1.3/ I've tried just about every combination of modifications with no luck. Tried different ports. Tried different keystore paths. I did the same steps on my windows 7 machine and it all worked fine. I tried the following protocols: protocol=org.apache.coyote.Http11NioProtocol protocol=org.apache.coyote.Http11Protocol Nothing worked. I'm at a complete dead end. I verified that .keystore was ok via keytool -l .keystore OS: Windows 2008 Tomcat 7.039 Thank you! + + + + + + + + + + + + + + + + Tim Colletto Network Administrator II/ISSO Charles River Analytics Inc. 617.491.3474 x527 www.cra.com THIS MESSAGE IS INTENDED FOR THE USE OF THE PERSON TO WHOM IT IS ADDRESSED. IT MAY CONTAIN INFORMATION THAT IS PRIVILEGED, CONFIDENTIAL AND EXEMPT FROM DISCLOSURE UNDER APPLICABLE LAW. If you are not the intended recipient, your use of this message for any purpose is strictly prohibited. If you have received this communication in error, please delete the message and notify the sender so that we may correct our records. - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
RE: Which version of tomcat for apache 2.2.24 and JDK 1.6.0
If you want to utilize Servlet spec 3.0 or JSP spec 2.2 then use Tomcat version 7.0.39. This is compatible with Java 1.6. If you prefer or are constrained to using the older servlet or JSP specifications, then use Tomcat version 6.0.36. If you don't know or don't care, then my recommendation would be to use the latest stable version of Tomcat 7 because of the bug fixes and security enhancements. Both Tomcat 6 and 7 are solid. Do you plan on using the AJP connector with Apache httpd? -Original Message- From: Dariusz Dolecki [mailto:dariusz.dole...@gmail.com] Sent: Tuesday, April 30, 2013 8:09 AM To: users@tomcat.apache.org Subject: Which version of tomcat for apache 2.2.24 and JDK 1.6.0 Hi, Which version of Tomcat is best for compatibility with these releases of apache and JDK. Please help, we are on a deadline. Regards, Dariusz - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
RE: Which version of tomcat for apache 2.2.24 and JDK 1.6.0
Then documentation needs to be updated http://tomcat.apache.org/whichversion.html -Original Message- From: Caldarale, Charles R [mailto:chuck.caldar...@unisys.com] Sent: Tuesday, April 30, 2013 8:57 AM To: Tomcat Users List Subject: RE: Which version of tomcat for apache 2.2.24 and JDK 1.6.0 From: Carrillo, Dan [mailto:dcarri...@idanalytics.com] Subject: RE: Which version of tomcat for apache 2.2.24 and JDK 1.6.0 If you want to utilize Servlet spec 3.0 or JSP spec 2.2 then use Tomcat version 7.0.39. This is compatible with Java 1.6. If you prefer or are constrained to using the older servlet or JSP specifications, then use Tomcat version 6.0.36. No, Tomcat 7 supports the older specs as well. No reason to use Tomcat 6 at this point. - Chuck THIS COMMUNICATION MAY CONTAIN CONFIDENTIAL AND/OR OTHERWISE PROPRIETARY MATERIAL and is thus for use only by the intended recipient. If you received this in error, please contact the sender and delete the e-mail and its attachments from all computers. - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
RE: SSL configuration on Tomcat7.
You didn't provide very much information. But one thing to check is that the domain name of your site matches what you specified for the certificate. -Original Message- From: Shahid Tamboli [mailto:shahid1...@gmail.com] Sent: Thursday, April 25, 2013 8:10 AM To: users@tomcat.apache.org Subject: SSL configuration on Tomcat7. Hello Everyone, I am Shahid Tamboli and working at Mobimedia Technologies, Pune, India. We are stuck up with configuring our server with SSL. We have taken an Ubuntu instance on Amazon. We have installed Tomcat on the server. The Tomcat version is Tomcat 7 We are facing issues of configuring SSL certificates on my Tomcat server We have followed the following steps of deploying the certificate. http://www.networksolutions.com/support/installation-for-java-based-webservers-e-g-tomcat-using-keytool/http://prolinks.rediffmailpro.com/cgi-bin/prored.cgi?red=http%3A%2F%2Fwww%2Enetworksolutions%2Ecom%2Fsupport%2Finstallation%2Dfor%2Djava%2Dbased%2Dwebservers%2De%2Dg%2Dtomcat%2Dusing%2Dkeytool%2FisImage=0BlockImage=0rediffng=0 On following the above steps we are getting error of certificate not trusted and on contacting the Certificate Provider they told us to check our installation again. Thus if anyone can help us on this issue Thank You -- Cheers Shahid!!! - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
RE: Diagnosing Silently Frozen Tomcats
Take a full thread dump of the PID. Linux kill -3, if Windows CTRL+BREAK if you have a console window open. This will allow you to see the state of all threads and see whether it's your own application class (likely), or Tomcat itself. -Original Message- From: Robinson, Eric [mailto:eric.robin...@psmnv.com] Sent: Friday, March 22, 2013 1:37 PM To: users@tomcat.apache.org Subject: Diagnosing Silently Frozen Tomcats When tomcat freezes silently, what is the best way to look inside the frozen tomcat or java instance and see the cause? We have 1500+ tomcat instances, and most of them run great most of the time. But a few times per week, an instance will become unresponsive. There is usually nothing suspicious in the tomcat or gc logs. There are no OOMEs and we don't see any full GC's that take more than 0.25 seconds. The process does not die. It stays running and the port is still listening, and you can even telnet to the port, but tomcat does not answer any requests until you restart it. Is there a way to peer into the frozen instance and see what's up? We use tomcat 6.0.16 and java 6.0.21 on RHEL 5 and RHEL 6. -- Eric Robinson Disclaimer - March 22, 2013 This email and any files transmitted with it are confidential and intended solely for users@tomcat.apache.org. If you are not the named addressee you should not disseminate, distribute, copy or alter this email. Any views or opinions presented in this email are solely those of the author and might not represent those of Physicians' Managed Care or Physician Select Management. Warning: Although Physicians' Managed Care or Physician Select Management has taken reasonable precautions to ensure no viruses are present in this email, the company cannot accept responsibility for any loss or damage arising from the use of this email or attachments. This disclaimer was added by Policy Patrol: http://www.policypatrol.com/ - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
RE: Achieve large number of concurrent websocket connections (~40000-50000)
You should consider setting up a cluster of Tomcat's to service your requests. With 40-50 thousand concurrent connections you're likely to need to balance the load anyway. Are you familiar with setting up a Tomcat cluster? -Original Message- From: Amit Bhagra [mailto:amit.bha...@agnity.com] Sent: Wednesday, February 13, 2013 7:20 AM To: users@tomcat.apache.org Subject: Achieve large number of concurrent websocket connections (~4-5) Hello All Tomcat Server: 7.0.35 Operating System Version: Red Hat Enterprise Linux Server release 5.5 (Tikanga) Java Version: java version 1.6.0_11 Memory:4137112 kB CPU: Intel(R) Xeon(R) CPU E5530 @ 2.40GHz (Quad core with HT enabled) I am developing a tomcat application which requires a large number of websocket connections to remain opened during the time users are logged in (around 40-50 thousand). I have a ruby script (written using faye-websocket) which can open as many websocket connections as we desire and then send random messages on websockets and receive response from server. This works well for small number of concurrent websocket connections. The issue is I am not able to achieve a very high number of websocket connections. Using the default blocking connector of Tomcat only that much connections can be opened as specified with maxThreads param (500-600). Configuring a NIO connector I am able to open around 1 connections after that the connections start to close automatically. I have set the fd-limit to 65535 accordingly and using a 1GB initial heap size. Even with an APR connector the number remains pretty much same. My question is what configurations or steps I can take in order to achieve desired number of concurrent websocket connections (4-5). Has anybody been able to achieve this much number of simultaneous websocket connections with a tomcat app? Thanks in advance for answering this. Regards Amit Bhagra - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
RE: Shutdown.sh doesn't. At least not reliably. (7.0.25)
If you take a thread dump you'll be able to see the state of both Tomcat's threads and your own application's threads to see where it's hanging. -Original Message- From: James Lampert [mailto:jam...@touchtonecorp.com] Sent: Tuesday, November 27, 2012 9:10 AM To: Tomcat Users List Subject: Shutdown.sh doesn't. At least not reliably. (7.0.25) Running Tomcat on various AS/400s (V6R1 or later OS), we've found that shutdown.sh doesn't reliably shut down the server, and we frequently have to shut it down forcibly (i.e., finding CATALINA on a WRKACTJOB, and giving it a 4 with OPTION(*IMMED)). Port 8009 does appear to be open before we call shutdown.sh, and it does appear to be closed after we call it. Any idea what the problem could be? Or where I should look for indications of what it could be? -- JHHL - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
sessions replication
Hi folks, My sessions are replicating across the cluster as indicated by my session listener debug output. E.g I can see the session created/destroyed messages in each respective log. I have a Service object that is serializable, which contains a String member variable (x) which is not initialized; null. As my load balancer round-robins the requests to each of these servers, each successfully retrieves the service instance from the session. Now, when service.x is set at some point in the workflow, I expect the other members to receive this updated object since it resides in the session. However, I'm finding that it is not, it remains null in all other containers. The tomcat config (http://tomcat.apache.org/tomcat-6.0-doc/cluster-howto.html) says that ..For each request the entire session is replicated, this allows code that modifies attributes in the session without calling setAttribute or removeAttribute to be replicated. Can someone clarify whether I do in fact need to reset the service object on the session in order for it to replicate? Thanks! Engine name=Catalina defaultHost=localhost jvmRoute=id2 Cluster className=org.apache.catalina.ha.tcp.SimpleTcpCluster channelSendOptions=6 Manager className=org.apache.catalina.ha.session.DeltaManager expireSessionsOnShutdown=false notifyListenersOnReplication=true/ Channel className=org.apache.catalina.tribes.group.GroupChannel Membership className=org.apache.catalina.tribes.membership.McastService address=231.10.12.6 port=35006 frequency=500 dropTime=3000/ Receiver className=org.apache.catalina.tribes.transport.nio.NioReceiver address=auto port=8117 selectorTimeout=100 maxThreads=6/ Sender className=org.apache.catalina.tribes.transport.ReplicationTransmitter Transport className=org.apache.catalina.tribes.transport.nio.PooledParallelSender/ /Sender Interceptor className=org.apache.catalina.tribes.group.interceptors.TcpFailureDetector/ Interceptor className=org.apache.catalina.tribes.group.interceptors.MessageDispatch15Interceptor/ Interceptor className=org.apache.catalina.tribes.group.interceptors.ThroughputInterceptor/ /Channel Valve className=org.apache.catalina.ha.tcp.ReplicationValve filter=.*\.gif;.*\.js;.*\.jpg;.*\.png;.*\.htm;.*\.html;.*\.css;.*\.txt;/ ClusterListener className=org.apache.catalina.ha.session.ClusterSessionListener/ /Cluster
RE: Unable to start cluster (java.net.BindException: Cannot assign requested address)
Hi Jeff, java.net.BindException: Address already in use indicates there is another process using this ip/port. You'll need to change it to a unique value. Dan -Original Message- From: Jeff Hall [mailto:jhall@gmail.com] Sent: Wednesday, August 15, 2012 12:50 PM To: users@tomcat.apache.org Subject: Unable to start cluster (java.net.BindException: Cannot assign requested address) I need help from the clustering experts here on the mailing list. I have two Tomcat instances (6.0.32) running on a Red Hat Enterprise server (hosted at RackSpace). When attempting to start the first instance in the cluster, it fails because the NioReceiver cannot start (it is unable to open a port between 4000 and 4099): From catalina.out: Aug 15, 2012 2:32:37 PM org.apache.catalina.core.AprLifecycleListener init INFO: The APR based Apache Tomcat Native library which allows optimal performance in production environments was not found on the java. library.path: /opt/jdk1.6.0_24/jre/lib/amd64/server:/opt/jdk1.6.0_24/jre/lib/amd64:/opt/jdk1.6.0_24/jre/../lib/amd64:/usr/java/packages /lib/amd64:/usr/lib64:/lib64:/lib:/usr/lib Aug 15, 2012 2:32:37 PM org.apache.catalina.startup.Catalina load INFO: Initialization processed in 1398 ms Aug 15, 2012 2:32:37 PM org.apache.catalina.core.StandardService start INFO: Starting service Catalina Aug 15, 2012 2:32:37 PM org.apache.catalina.core.StandardEngine start INFO: Starting Servlet Engine: Apache Tomcat/6.0.32 Aug 15, 2012 2:32:37 PM org.apache.catalina.ha.tcp.SimpleTcpCluster start INFO: Cluster is about to start Aug 15, 2012 2:32:40 PM org.apache.catalina.tribes.transport.ReceiverBase bind INFO: Unable to bind server socket to:/192.168.100.225:4099 throwing error. Aug 15, 2012 2:32:40 PM org.apache.catalina.tribes.transport.nio.NioReceiver start SEVERE: Unable to start cluster receiver java.net.BindException: Cannot assign requested address at sun.nio.ch.Net.bind(Native Method) at sun.nio.ch.ServerSocketChannelImpl.bind(ServerSocketChannelImpl.java:126) at sun.nio.ch.ServerSocketAdaptor.bind(ServerSocketAdaptor.java:59) at sun.nio.ch.ServerSocketAdaptor.bind(ServerSocketAdaptor.java:52) at org.apache.catalina.tribes.transport.ReceiverBase.bind(ReceiverBase.java:205) at org.apache.catalina.tribes.transport.ReceiverBase.bind(ReceiverBase.java:217) at org.apache.catalina.tribes.transport.ReceiverBase.bind(ReceiverBase.java:217) at org.apache.catalina.tribes.transport.ReceiverBase.bind(ReceiverBase.java:217) ... Aug 15, 2012 2:32:40 PM org.apache.catalina.ha.tcp.SimpleTcpCluster start SEVERE: Unable to start cluster. org.apache.catalina.tribes.ChannelException: java.net.BindException: Cannot assign requested address; No faulty members identified. at org.apache.catalina.tribes.group.ChannelCoordinator.internalStart(ChannelCoordinator.java:169) at org.apache.catalina.tribes.group.ChannelCoordinator.start(ChannelCoordinator.java:97) at org.apache.catalina.tribes.group.ChannelInterceptorBase.start(ChannelInterceptorBase.java:149) at org.apache.catalina.tribes.group.interceptors.MessageDispatchInterceptor.start(MessageDispatchInterceptor.java:147) at org.apache.catalina.tribes.group.ChannelInterceptorBase.start(ChannelInterceptorBase.java:149) ... Caused by: java.net.BindException: Cannot assign requested address at sun.nio.ch.Net.bind(Native Method) at sun.nio.ch.ServerSocketChannelImpl.bind(ServerSocketChannelImpl.java:126) at sun.nio.ch.ServerSocketAdaptor.bind(ServerSocketAdaptor.java:59) at sun.nio.ch.ServerSocketAdaptor.bind(ServerSocketAdaptor.java:52) at org.apache.catalina.tribes.transport.ReceiverBase.bind(ReceiverBase.java:205) ... Aug 15, 2012 2:32:40 PM org.apache.catalina.startup.Catalina start INFO: Server startup in 2807 ms Aug 15, 2012 2:32:40 PM org.apache.catalina.core.StandardServer await SEVERE: StandardServer.await: create[49352]: java.net.BindException: Address already in use at java.net.PlainSocketImpl.socketBind(Native Method) at java.net.PlainSocketImpl.bind(PlainSocketImpl.java:383) at java.net.ServerSocket.bind(ServerSocket.java:328) at java.net.ServerSocket.init(ServerSocket.java:194) at org.apache.catalina.core.StandardServer.await(StandardServer.java:406) at org.apache.catalina.startup.Catalina.await(Catalina.java:676) ... Aug 15, 2012 2:32:41 PM org.apache.catalina.core.StandardService stop INFO: Stopping service Catalina Aug 15, 2012 2:32:41 PM org.apache.catalina.startup.Catalina stop SEVERE: Catalina.stop LifecycleException: Pipeline has not been started at org.apache.catalina.core.StandardPipeline.stop(StandardPipeline.java:257) at org.apache.catalina.core.ContainerBase.stop(ContainerBase.java:1099) at org.apache.catalina.core.StandardEngine.stop(StandardEngine.java:468)
RE: Unable to start cluster (java.net.BindException: Cannot assign requested address)
Jeff, Can you include your entire server.xml for each instance and also your /etc/hosts? From: Jeff Hall [mailto:jhall@gmail.com] Sent: Wednesday, August 15, 2012 1:32 PM To: users@tomcat.apache.org Cc: Carrillo, Dan Subject: Re: Unable to start cluster (java.net.BindException: Cannot assign requested address) Dan, thanks for the reply. I don't know why port 49352 was in use when I ran the test. I started the cluster up a second time after making sure all java processes were stopped, and netstat reported no use of port 49352 (the shutdown port for tomcat instance #1). I relaunched it and the log showed my original problem with the bind failing on port 4099: Aug 15, 2012 3:20:57 PM org.apache.catalina.core.AprLifecycleListener init INFO: The APR based Apache Tomcat Native library which allows optimal performance in production environments was not found on the java.library.path: /opt/jdk1.6.0_24/jre/lib/amd64/server:/opt/jdk1.6.0_24/jre/lib/amd64:/opt/jdk1.6.0_24/jre/../lib/amd64:/usr/java/packages/lib/amd64:/usr/lib64:/lib64:/lib:/usr/lib 1.795: [Full GC (System) 1.796: [CMS: 0K-1655K(240896K), 0.0734030 secs] 12718K-1655K(260032K), [CMS Perm : 9989K-9979K(21248K)], 0.0735830 secs] [Times: user=0.08 sys=0.00, real=0.08 secs] Aug 15, 2012 3:20:58 PM org.apache.catalina.startup.Catalina load INFO: Initialization processed in 1462 ms Aug 15, 2012 3:20:58 PM org.apache.catalina.core.StandardService start INFO: Starting service Catalina Aug 15, 2012 3:20:58 PM org.apache.catalina.core.StandardEngine start INFO: Starting Servlet Engine: Apache Tomcat/6.0.32 Aug 15, 2012 3:20:58 PM org.apache.catalina.ha.tcp.SimpleTcpCluster start INFO: Cluster is about to start Aug 15, 2012 3:21:01 PM org.apache.catalina.tribes.transport.ReceiverBase bind INFO: Unable to bind server socket to:/192.168.100.225:4099 throwing error. Aug 15, 2012 3:21:01 PM org.apache.catalina.tribes.transport.nio.NioReceiver start SEVERE: Unable to start cluster receiver java.net.BindException: Cannot assign requested address at sun.nio.ch.Net.bind(Native Method) at sun.nio.ch.ServerSocketChannelImpl.bind(ServerSocketChannelImpl.java:126) at sun.nio.ch.ServerSocketAdaptor.bind(ServerSocketAdaptor.java:59) at sun.nio.ch.ServerSocketAdaptor.bind(ServerSocketAdaptor.java:52) at org.apache.catalina.tribes.transport.ReceiverBase.bind(ReceiverBase.java:205) at org.apache.catalina.tribes.transport.ReceiverBase.bind(ReceiverBase.java:217) at org.apache.catalina.tribes.transport.ReceiverBase.bind(ReceiverBase.java:217) at org.apache.catalina.tribes.transport.ReceiverBase.bind(ReceiverBase.java:217) ... // I suspect Tomcat is looping looking for a port between 4000 and 4099 here, as the bind at line 217 fails 100 times at org.apache.catalina.tribes.transport.nio.NioReceiver.bind(NioReceiver.java:132) at org.apache.catalina.tribes.transport.nio.NioReceiver.start(NioReceiver.java:102) at org.apache.catalina.tribes.group.ChannelCoordinator.internalStart(ChannelCoordinator.java:142) at org.apache.catalina.tribes.group.ChannelCoordinator.start(ChannelCoordinator.java:97) at org.apache.catalina.tribes.group.ChannelInterceptorBase.start(ChannelInterceptorBase.java:149) at org.apache.catalina.tribes.group.interceptors.MessageDispatchInterceptor.start(MessageDispatchInterceptor.java:147) at org.apache.catalina.tribes.group.ChannelInterceptorBase.start(ChannelInterceptorBase.java:149) at org.apache.catalina.tribes.group.ChannelInterceptorBase.start(ChannelInterceptorBase.java:149) at org.apache.catalina.tribes.group.GroupChannel.start(GroupChannel.java:407) at org.apache.catalina.ha.tcp.SimpleTcpCluster.start(SimpleTcpCluster.java:671) at org.apache.catalina.core.ContainerBase.start(ContainerBase.java:1043) at org.apache.catalina.core.StandardEngine.start(StandardEngine.java:463) at org.apache.catalina.core.StandardService.start(StandardService.java:525) at org.apache.catalina.core.StandardServer.start(StandardServer.java:754) at org.apache.catalina.startup.Catalina.start(Catalina.java:595) at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39) at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25) at java.lang.reflect.Method.invoke(Method.java:597) at org.apache.catalina.startup.Bootstrap.start(Bootstrap.java:289) at org.apache.catalina.startup.Bootstrap.main(Bootstrap.java:414) Aug 15, 2012 3:21:01 PM org.apache.catalina.ha.tcp.SimpleTcpCluster start SEVERE: Unable to start cluster. org.apache.catalina.tribes.ChannelException: java.net.BindException: Cannot assign requested address; No faulty members identified
RE: jsessionid cookie across webapps
Read up on the emptySessionPath connector setting in the Tomcat configuration guide. This will explain it. -Original Message- From: chad.da...@emc.com [mailto:chad.da...@emc.com] Sent: Monday, October 24, 2011 10:34 AM To: users@tomcat.apache.org Subject: jsessionid cookie across webapps As I understand it, sessions are unique to each webapp. However, I see the same jsessionid cookie being used for requests to two different webapps in the same container. Is this correct? Tomcat 5.5.34 - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org