from:"Hardibo Pierre\-Jean"

Re: Tomcat 8 doesn't listen in https

2016-08-29 Thread Hardibo Pierre-Jean


It was memory heap problems i added more memory in /etc/default/tomcat8


Le 29/08/2016 à 23:38, James H. H. Lampert a écrit :

"It doesn't work" is not very informative.
What does not work ?
What do the Tomcat logfiles say about the problem ?


Does NETSTAT (or WRKTCPSTS, for IBM Midrange Systems, or other tools 
on other systems) tell you the port actually opened?


Do any of the log files tell you that it didn't, and/or give a reason 
why?


One thing did jump out at me: in


I don't see any "keystoreFile" clauses, or the APR equivalent; my 
understanding is that for an HTTPS port to open, Tomcat needs to be 
able to find a keystore of some sort.


--
JHHL


-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org



--

Hardibo Pierre-Jean

Développeur web <https://www.hardibopj.com>

Tomcat 8 doesn't listen in https

2016-08-29 Thread Hardibo Pierre-Jean


Hello !

i get this connector for tomcat 8 to listen in port 8443 :



but it doesn't work (it works on http) you can see at 
https://www.hardibopj.com (iptables redirect 443 to 8443)


Thanks for your help !
--

Hardibo Pierre-Jean

Développeur web <https://www.hardibopj.com>

Re: Tomcat 9 realm datasource digest attribute

2016-06-11 Thread Hardibo Pierre-Jean


yes finally i puted that inside of my Realm Tag :

className="org.apache.catalina.realm.MessageDigestCredentialHandler"  
algorithm="md5"  / >




Le 11/06/2016 20:21, Felix Schumacher a écrit :


Am 10. Juni 2016 22:12:02 MESZ, schrieb Hardibo Pierre-Jean 
:

Hello, it seems realm's digest attribute is depreciated in tomcat9, how

can i replace it ? (MD5) thanks

I think you are looking for the nested component CredentialHandler ( 
http://tomcat.apache.org/tomcat-9.0-doc/config/credentialhandler.html ).

Chris gave a talk about them at the last apache con.

Regards,
Felix


-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org


-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org

Re: Problem with Apache in front of Tomcat

2016-06-11 Thread Hardibo Pierre-Jean


you can use that :
iptables -t nat -A PREROUTING -p tcp --dport 80 -j REDIRECT --to-port 8080

and no need to give the port, or listen tomcat on port 80 (server.xml)

Le 11/06/2016 18:52, Edwin Quijada a écrit :

Redirect all traffic of port 80 to 8080 ? but the client will be the address 
ip:8080/myapp ?




From: Hardibo Pierre-Jean 
Sent: Saturday, June 11, 2016 4:45 PM
To: Tomcat Users List
Subject: Re: Problem with Apache in front of Tomcat

if there are only java websites in your server you can make a
redirection with iptables, no need to use apache.

Le 11/06/2016 18:43, Edwin Quijada a écrit :

Hi!
I am trying to put Apache in front of Tomcat , DEbian Jessie but it become a 
titanic work without success. I read all info about this and seems it is easy 
but doesnt work.


I am using APache 2.4+ Jessie +Tomcat 8.035 , I use this tuto 
http://www.zeitoun.net/articles/configure-mod_proxy_ajp-with-tomcat/start

How to configure mod_proxy_ajp with Tomcat - 
Zeitoun<http://www.zeitoun.net/articles/configure-mod_proxy_ajp-with-tomcat/start>
www.zeitoun.net
mod_proxy_ajp is an Apache module which can be used to forward a client HTTP 
request to an internal Tomcat application server using the AJP protocol.



How to configure mod_proxy_ajp with Tomcat - 
Zeitoun<http://www.zeitoun.net/articles/configure-mod_proxy_ajp-with-tomcat/start>
www.zeitoun.net<http://www.zeitoun.net>
mod_proxy_ajp is an Apache module which can be used to forward a client HTTP 
request to an internal Tomcat application server using the AJP protocol.

but doesnt work , I seek others sources and all has the same info but I cant 
work for me


When I go myserver.com I get an error "Server Not Found" when I go to the logs 
catalina.out and error.log for apache doesnt say anything


This is my 000-default.conf



  ServerAdmin webmaster@localhost
  #DocumentRoot /var/www/html

  ErrorLog ${APACHE_LOG_DIR}/error.log
  CustomLog ${APACHE_LOG_DIR}/access.log combined

  #
  
  AddDefaultCharset Off
  Order deny,allow
  Allow from all
  

   # this will pass all the requests from httpd to tomcat8
   ProxyPass / ajp://localhost:8009/fortunamovil
   ProxyPassReverse / ajp://localhost:8009/fortunamovil



I have installed AJP modules for Apache and everything but really I dont know 
to do



I activate the coneecto AJP in the server.xml


Please, any cluees , help because this is make me crazy!!




-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org





-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org

Re: Problem with Apache in front of Tomcat

2016-06-11 Thread Hardibo Pierre-Jean

if there are only java websites in your server you can make a 
redirection with iptables, no need to use apache.


Le 11/06/2016 18:43, Edwin Quijada a écrit :

Hi!
I am trying to put Apache in front of Tomcat , DEbian Jessie but it become a 
titanic work without success. I read all info about this and seems it is easy 
but doesnt work.


I am using APache 2.4+ Jessie +Tomcat 8.035 , I use this tuto 
http://www.zeitoun.net/articles/configure-mod_proxy_ajp-with-tomcat/start

How to configure mod_proxy_ajp with Tomcat - 
Zeitoun
www.zeitoun.net
mod_proxy_ajp is an Apache module which can be used to forward a client HTTP 
request to an internal Tomcat application server using the AJP protocol.

but doesnt work , I seek others sources and all has the same info but I cant 
work for me


When I go myserver.com I get an error "Server Not Found" when I go to the logs 
catalina.out and error.log for apache doesnt say anything


This is my 000-default.conf



 ServerAdmin webmaster@localhost
 #DocumentRoot /var/www/html

 ErrorLog ${APACHE_LOG_DIR}/error.log
 CustomLog ${APACHE_LOG_DIR}/access.log combined

 #
 
 AddDefaultCharset Off
 Order deny,allow
 Allow from all
 

  # this will pass all the requests from httpd to tomcat8
  ProxyPass / ajp://localhost:8009/fortunamovil
  ProxyPassReverse / ajp://localhost:8009/fortunamovil



I have installed AJP modules for Apache and everything but really I dont know 
to do



I activate the coneecto AJP in the server.xml


Please, any cluees , help because this is make me crazy!!





-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org

Tomcat 9 realm datasource digest attribute

2016-06-10 Thread Hardibo Pierre-Jean

Hello, it seems realm's digest attribute is depreciated in tomcat9, how 
can i replace it ? (MD5) thanks


-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org

Re: 403 Access Denied on manager app

2016-06-07 Thread Hardibo Pierre-Jean


you have to declare also tags role for admin and manager

Le 07/06/2016 21:41, saved lion a écrit :









were added. the problem still exists.


On Tue, Jun 7, 2016 at 3:20 PM, Hardibo Pierre-Jean 
wrote:


try to add roles : manager and admin


Le 07/06/2016 21:17, saved lion a écrit :


my host ip is 192.168.44.131, but it is 192.168.44.1 in the access log, is
it a problem?

inet addr:192.168.44.131  Bcast:192.168.44.255  Mask:255.255.255.0


On Tue, Jun 7, 2016 at 3:14 PM, saved lion  wrote:

at the first, I added below entries, the problem is same.











On Tue, Jun 7, 2016 at 3:09 PM, Hardibo Pierre-Jean <
cont...@hardibopj.com


wrote:
me i put : manager, manager-ui, admin and admin-ui roles


Le 07/06/2016 21:07, saved lion a écrit :

Hi,

I installed an instance on  /opt/tomcat9/apache-tomcat-9.0.0.M6/. No
problems to browse http://host_ip:8080.

There is one issue to access 'manager app," though I copied and pasted
the
two lines for role and user.

http://tomcat.apache.org/xml";
 xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance";
 xsi:schemaLocation="http://tomcat.apache.org/xml
tomcat-users.xsd"
 version="1.0">






$ cat


/opt/tomcat9/apache-tomcat-9.0.0.M6/logs/localhost_access_log.2016-06-07.txt
192.168.44.1 - - [07/Jun/2016:11:08:37 -0700] "GET / HTTP/1.1" 200
11254
192.168.44.1 - - [07/Jun/2016:11:08:40 -0700] "GET /manager/html
HTTP/1.1"
403 3429
192.168.44.1 - - [07/Jun/2016:11:11:02 -0700] "GET / HTTP/1.1" 200
11254
192.168.44.1 - - [07/Jun/2016:11:12:26 -0700] "GET /manager/status
HTTP/1.1" 403 3429
192.168.44.1 - - [07/Jun/2016:11:15:50 -0700] "GET /manager/status
HTTP/1.1" 403 3429
192.168.44.1 - - [07/Jun/2016:11:15:55 -0700] "GET /manager/html
HTTP/1.1"
403 3429
192.168.44.1 - - [07/Jun/2016:11:55:58 -0700] "GET /manager/html
HTTP/1.1"
403 3429
$

The problem looks simple, it did spend  couple of days.

Any quick help?
Thanks,
sl


-

To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org




-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org





-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org

Re: 403 Access Denied on manager app

2016-06-07 Thread Hardibo Pierre-Jean


try to add roles : manager and admin

Le 07/06/2016 21:17, saved lion a écrit :

my host ip is 192.168.44.131, but it is 192.168.44.1 in the access log, is
it a problem?

inet addr:192.168.44.131  Bcast:192.168.44.255  Mask:255.255.255.0


On Tue, Jun 7, 2016 at 3:14 PM, saved lion  wrote:


at the first, I added below entries, the problem is same.











On Tue, Jun 7, 2016 at 3:09 PM, Hardibo Pierre-Jean 
wrote:
me i put : manager, manager-ui, admin and admin-ui roles


Le 07/06/2016 21:07, saved lion a écrit :


Hi,

I installed an instance on  /opt/tomcat9/apache-tomcat-9.0.0.M6/. No
problems to browse http://host_ip:8080.

There is one issue to access 'manager app," though I copied and pasted
the
two lines for role and user.

http://tomcat.apache.org/xml";
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance";
xsi:schemaLocation="http://tomcat.apache.org/xml
tomcat-users.xsd"
version="1.0">






$ cat

/opt/tomcat9/apache-tomcat-9.0.0.M6/logs/localhost_access_log.2016-06-07.txt
192.168.44.1 - - [07/Jun/2016:11:08:37 -0700] "GET / HTTP/1.1" 200 11254
192.168.44.1 - - [07/Jun/2016:11:08:40 -0700] "GET /manager/html
HTTP/1.1"
403 3429
192.168.44.1 - - [07/Jun/2016:11:11:02 -0700] "GET / HTTP/1.1" 200 11254
192.168.44.1 - - [07/Jun/2016:11:12:26 -0700] "GET /manager/status
HTTP/1.1" 403 3429
192.168.44.1 - - [07/Jun/2016:11:15:50 -0700] "GET /manager/status
HTTP/1.1" 403 3429
192.168.44.1 - - [07/Jun/2016:11:15:55 -0700] "GET /manager/html
HTTP/1.1"
403 3429
192.168.44.1 - - [07/Jun/2016:11:55:58 -0700] "GET /manager/html
HTTP/1.1"
403 3429
$

The problem looks simple, it did spend  couple of days.

Any quick help?
Thanks,
sl



-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org





-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org

Re: 403 Access Denied on manager app

2016-06-07 Thread Hardibo Pierre-Jean


me i put : manager, manager-ui, admin and admin-ui roles

Le 07/06/2016 21:07, saved lion a écrit :

Hi,

I installed an instance on  /opt/tomcat9/apache-tomcat-9.0.0.M6/. No
problems to browse http://host_ip:8080.

There is one issue to access 'manager app," though I copied and pasted the
two lines for role and user.

http://tomcat.apache.org/xml";
   xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance";
   xsi:schemaLocation="http://tomcat.apache.org/xml
tomcat-users.xsd"
   version="1.0">






$ cat
/opt/tomcat9/apache-tomcat-9.0.0.M6/logs/localhost_access_log.2016-06-07.txt
192.168.44.1 - - [07/Jun/2016:11:08:37 -0700] "GET / HTTP/1.1" 200 11254
192.168.44.1 - - [07/Jun/2016:11:08:40 -0700] "GET /manager/html HTTP/1.1"
403 3429
192.168.44.1 - - [07/Jun/2016:11:11:02 -0700] "GET / HTTP/1.1" 200 11254
192.168.44.1 - - [07/Jun/2016:11:12:26 -0700] "GET /manager/status
HTTP/1.1" 403 3429
192.168.44.1 - - [07/Jun/2016:11:15:50 -0700] "GET /manager/status
HTTP/1.1" 403 3429
192.168.44.1 - - [07/Jun/2016:11:15:55 -0700] "GET /manager/html HTTP/1.1"
403 3429
192.168.44.1 - - [07/Jun/2016:11:55:58 -0700] "GET /manager/html HTTP/1.1"
403 3429
$

The problem looks simple, it did spend  couple of days.

Any quick help?
Thanks,
sl




-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org

Re: Need help to install GoDaddy's SSL certificates on Tomcat 8.0.32 (Amazon Linux)

2016-06-03 Thread Hardibo Pierre-Jean


there's the tuto :
https://fr.godaddy.com/help/tomcat-generate-csrs-and-install-certificates-5239
use sha2 root and intermediate and for the last use my_certificate
here's the repo :

https://certs.godaddy.com/repository/

Le 04/06/2016 00:18, Hardibo Pierre-Jean a écrit :
gdig2.crt is intermediate my_certificate must be the last to configure 
so i think bundle may be the root.




Le 04/06/2016 00:13, Conor Skyler a écrit :

Hello Pierre,

Yes, I contacted the technical support at GoDaddy and then basically 
told

me that I'm on my own and that I should find someone that knows how to
handle the configuration -- that's all the aid they gave me.

I think that there two separate problems here.
First one, the mismatch between the files I receive zipped and the ones
referred in the website when it reads:

"The file names for your root and intermediate certificates depend on 
your

signature algorithm.

- SHA-1 root certificate: gd_class2_root.crt
- SHA-2 root certificate: gdroot-g2.crt
- SHA-1 intermediate certificate: gd.intermediate.crt
- SHA-2 intermediate certificate: gdig2.crt
- (*Java 6/7 only*) SHA-2 Root Certificate: gdroot-g2_cross.crt"

But the files I get when I unzip the downloaded archive are:

my_certificate.crt
gd_bundle-g2-g1.crt
gdig2.crt

So first thing here is that I don't how to use them when following the
instructions stated on the site (the only one I can identify is
my_certificate.crt).

With the second issue my guess is that it might be related to the 
KeyStore

file not holding the private key:
I wasn't given the original tomcat.keystore file (following the 
example on
GoDaddy's website) so here I'm starting from the scratch, generating 
a new

KeyStore.
What I have though is a PEM file from the person I presume the .csr 
request
file; is there a way to add it to the KeyStore file I create when 
following

the instructions on GoDaddy's site?

Thank you very much for stepping in!
-Conor



On Fri, Jun 3, 2016 at 6:09 PM, Hardibo Pierre-Jean 


wrote:


there's all here no ?

https://fr.godaddy.com/help/tomcat-generate-csrs-and-install-certificates-5239 



Le 03/06/2016 22:37, Conor Skyler a écrit :


Hi again,

At this point I don't know what else to try: I carefully gone 
through the

process stated at GoDaddy's website once again trying different
combinations with the certificates (as the instructions provided by
GoDaddy
doesn't match the certificates you download)  but the result was 
the same

as before, it didn't work.

Early today I found this post in StackOverflow:

http://stackoverflow.com/questions/24269293/how-to-import-godaddy-certificates-in-tomcat-given-gd-bundle-g2-g1-crt-gdig2-cr 

which somehow brought some hope to me as the title states literally 
the

issue I'm having: '

http://stackoverflow.com/questions/24269293/how-to-import-godaddy-certificates-in-tomcat-given-gd-bundle-g2-g1-crt-gdig2-crt 


'

Sadly after trying everything what's shown there and reading tons 
of stuff

I still can't make the KeyStore work with my Tomcat server.

Any help will be greatly appreciated.
-Conor



On Wed, Jun 1, 2016 at 6:12 PM, Conor Skyler 
wrote:

Hi Daniel,

Thank you very much for stepping in, I’m processing a new set of
certificates that I hope to try tomorrow.

Warm regards,
-Conor


On Tue, May 31, 2016 at 8:41 AM, Daniel Mikusa 
wrote:

On Mon, May 30, 2016 at 11:26 PM, Conor Skyler 


wrote:

Hello list,
I'm trying to install the certificates I bought from GoDaddy 
into my



Tomcat


server, however so far I've been unsuccessful to achieve this.

My system specs are:
OS: Amazon Linux (fully updated)
Tomcat version: 8.0.32, installed from the repos
Java version: $ java -version
openjdk version "1.8.0_91"
OpenJDK Runtime Environment (build 1.8.0_91-b14)
OpenJDK 64-Bit Server VM (build 25.91-b14, mixed mode)

To install the certificates I followed this tutorial from GoDaddy


website:



https://ar.godaddy.com/help/tomcat-generate-csrs-and-install-certificates-5239 



which explains how to create a KeyStore and configure the 


in
the server.xml file.

Follow these instructions.


Now, judging from the official Tomcat documentation in

https://tomcat.apache.org/tomcat-8.0-doc/ssl-howto.html it's stated


that I


first need to conver the .crt files provided by GoDaddy to PKCS12


format --


I wonder then why the instructions in GoDaddy's website state other


thing!
There's more than one way to do this.  If you started out by 
following

the
GoDaddy instructions to generate your CSR, then continue to 
follow them

to
import your signed certificate.


But then I read this piece of documentation that left me completely

bewildered:
To import an existing certificate signed by your own CA into a 
PKCS12

keystore using OpenSSL you would execute a command like:

openssl pkcs12 -export -in mycert.crt -inkey mykey.key

Re: Need help to install GoDaddy's SSL certificates on Tomcat 8.0.32 (Amazon Linux)

2016-06-03 Thread Hardibo Pierre-Jean


gdig2.crt is intermediate my_certificate must be the last to configure so i 
think bundle may be the root.



Le 04/06/2016 00:13, Conor Skyler a écrit :

Hello Pierre,

Yes, I contacted the technical support at GoDaddy and then basically told
me that I'm on my own and that I should find someone that knows how to
handle the configuration -- that's all the aid they gave me.

I think that there two separate problems here.
First one, the mismatch between the files I receive zipped and the ones
referred in the website when it reads:

"The file names for your root and intermediate certificates depend on your
signature algorithm.

- SHA-1 root certificate: gd_class2_root.crt
- SHA-2 root certificate: gdroot-g2.crt
- SHA-1 intermediate certificate: gd.intermediate.crt
- SHA-2 intermediate certificate: gdig2.crt
- (*Java 6/7 only*) SHA-2 Root Certificate: gdroot-g2_cross.crt"

But the files I get when I unzip the downloaded archive are:

my_certificate.crt
gd_bundle-g2-g1.crt
gdig2.crt

So first thing here is that I don't how to use them when following the
instructions stated on the site (the only one I can identify is
my_certificate.crt).

With the second issue my guess is that it might be related to the KeyStore
file not holding the private key:
I wasn't given the original tomcat.keystore file (following the example on
GoDaddy's website) so here I'm starting from the scratch, generating a new
KeyStore.
What I have though is a PEM file from the person I presume the .csr request
file; is there a way to add it to the KeyStore file I create when following
the instructions on GoDaddy's site?

Thank you very much for stepping in!
-Conor



On Fri, Jun 3, 2016 at 6:09 PM, Hardibo Pierre-Jean 
wrote:


there's all here no ?

https://fr.godaddy.com/help/tomcat-generate-csrs-and-install-certificates-5239

Le 03/06/2016 22:37, Conor Skyler a écrit :


Hi again,

At this point I don't know what else to try: I carefully gone through the
process stated at GoDaddy's website once again trying different
combinations with the certificates (as the instructions provided by
GoDaddy
doesn't match the certificates you download)  but the result was the same
as before, it didn't work.

Early today I found this post in StackOverflow:

http://stackoverflow.com/questions/24269293/how-to-import-godaddy-certificates-in-tomcat-given-gd-bundle-g2-g1-crt-gdig2-cr
which somehow brought some hope to me as the title states literally the
issue I'm having: '

http://stackoverflow.com/questions/24269293/how-to-import-godaddy-certificates-in-tomcat-given-gd-bundle-g2-g1-crt-gdig2-crt
'

Sadly after trying everything what's shown there and reading tons of stuff
I still can't make the KeyStore work with my Tomcat server.

Any help will be greatly appreciated.
-Conor



On Wed, Jun 1, 2016 at 6:12 PM, Conor Skyler 
wrote:

Hi Daniel,

Thank you very much for stepping in, I’m processing a new set of
certificates that I hope to try tomorrow.

Warm regards,
-Conor


On Tue, May 31, 2016 at 8:41 AM, Daniel Mikusa 
wrote:

On Mon, May 30, 2016 at 11:26 PM, Conor Skyler 

wrote:

Hello list,

I'm trying to install the certificates I bought from GoDaddy into my


Tomcat


server, however so far I've been unsuccessful to achieve this.

My system specs are:
OS: Amazon Linux (fully updated)
Tomcat version: 8.0.32, installed from the repos
Java version: $ java -version
openjdk version "1.8.0_91"
OpenJDK Runtime Environment (build 1.8.0_91-b14)
OpenJDK 64-Bit Server VM (build 25.91-b14, mixed mode)

To install the certificates I followed this tutorial from GoDaddy


website:




https://ar.godaddy.com/help/tomcat-generate-csrs-and-install-certificates-5239


which explains how to create a KeyStore and configure the 
in
the server.xml file.

Follow these instructions.


Now, judging from the official Tomcat documentation in

https://tomcat.apache.org/tomcat-8.0-doc/ssl-howto.html it's stated


that I


first need to conver the .crt files provided by GoDaddy to PKCS12


format --


I wonder then why the instructions in GoDaddy's website state other


thing!
There's more than one way to do this.  If you started out by following
the
GoDaddy instructions to generate your CSR, then continue to follow them
to
import your signed certificate.


But then I read this piece of documentation that left me completely

bewildered:
To import an existing certificate signed by your own CA into a PKCS12
keystore using OpenSSL you would execute a command like:

openssl pkcs12 -export -in mycert.crt -inkey mykey.key
 -out mycert.p12 -name tomcat -CAfile myCA.crt
 -caname root -chain

In this example there's a reference to a 'mykey.key' file that I don't
have a clue how to obtain it or from where it comes since when I
download the certificates provided by GoDaddy, there

Re: Need help to install GoDaddy's SSL certificates on Tomcat 8.0.32 (Amazon Linux)

2016-06-03 Thread Hardibo Pierre-Jean


there's all here no ?
https://fr.godaddy.com/help/tomcat-generate-csrs-and-install-certificates-5239

Le 03/06/2016 22:37, Conor Skyler a écrit :

Hi again,

At this point I don't know what else to try: I carefully gone through the
process stated at GoDaddy's website once again trying different
combinations with the certificates (as the instructions provided by GoDaddy
doesn't match the certificates you download)  but the result was the same
as before, it didn't work.

Early today I found this post in StackOverflow:
http://stackoverflow.com/questions/24269293/how-to-import-godaddy-certificates-in-tomcat-given-gd-bundle-g2-g1-crt-gdig2-cr
which somehow brought some hope to me as the title states literally the
issue I'm having: '
http://stackoverflow.com/questions/24269293/how-to-import-godaddy-certificates-in-tomcat-given-gd-bundle-g2-g1-crt-gdig2-crt
'

Sadly after trying everything what's shown there and reading tons of stuff
I still can't make the KeyStore work with my Tomcat server.

Any help will be greatly appreciated.
-Conor



On Wed, Jun 1, 2016 at 6:12 PM, Conor Skyler  wrote:


Hi Daniel,

Thank you very much for stepping in, I’m processing a new set of
certificates that I hope to try tomorrow.

Warm regards,
-Conor


On Tue, May 31, 2016 at 8:41 AM, Daniel Mikusa  wrote:


On Mon, May 30, 2016 at 11:26 PM, Conor Skyler 
wrote:


Hello list,

I'm trying to install the certificates I bought from GoDaddy into my

Tomcat

server, however so far I've been unsuccessful to achieve this.

My system specs are:
OS: Amazon Linux (fully updated)
Tomcat version: 8.0.32, installed from the repos
Java version: $ java -version
openjdk version "1.8.0_91"
OpenJDK Runtime Environment (build 1.8.0_91-b14)
OpenJDK 64-Bit Server VM (build 25.91-b14, mixed mode)

To install the certificates I followed this tutorial from GoDaddy

website:



https://ar.godaddy.com/help/tomcat-generate-csrs-and-install-certificates-5239

which explains how to create a KeyStore and configure the  in
the server.xml file.


Follow these instructions.



Now, judging from the official Tomcat documentation in
https://tomcat.apache.org/tomcat-8.0-doc/ssl-howto.html it's stated

that I

first need to conver the .crt files provided by GoDaddy to PKCS12

format --

I wonder then why the instructions in GoDaddy's website state other

thing!
There's more than one way to do this.  If you started out by following the
GoDaddy instructions to generate your CSR, then continue to follow them to
import your signed certificate.



But then I read this piece of documentation that left me completely
bewildered:
To import an existing certificate signed by your own CA into a PKCS12
keystore using OpenSSL you would execute a command like:

openssl pkcs12 -export -in mycert.crt -inkey mykey.key
-out mycert.p12 -name tomcat -CAfile myCA.crt
-caname root -chain

In this example there's a reference to a 'mykey.key' file that I don't
have a clue how to obtain it or from where it comes since when I
download the certificates provided by GoDaddy, there's no such .key
file: I can download several different types of certificates in .crt
format but there isn't any .key file to download.


This has to do with the way that you generated the CSR.  The GoDaddy
instructions have you using keytool and a keystore.  In this case, your
private key will exist in the keystore, so you won't have a .key file and
that's OK.



I tried contacting their support and well, they weren't any helpful at
all, they pointed me to the repository where all the certificates are
stored and told me to 'find someone that knows how to handle them' --
thanks for nothing :(

Finally I want to say that I have Tomcat running smooth at port 8080,
I even configured an administrator user to access the status page
which works perfectly, my problem is that I just can't find how to
properly install and configure the SSL.


Follow the GoDaddy instructions.  They should work.  If you get stuck on a
specific step, let us know.

Dan



What I'm not sure though is what part or steps I'm missing, I believe
this has to be much more simpler that it's been so far for me but
seriously I can't wrap my mind around it.

Thank you very much for taking the time to read this n00b's help scream.

Best regards,
-Conor






-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org

Re: Need help to install GoDaddy's SSL certificates on Tomcat 8.0.32 (Amazon Linux)

2016-06-03 Thread Hardibo Pierre-Jean


godaddy didn't give you instructions ?

Le 03/06/2016 22:37, Conor Skyler a écrit :

Hi again,

At this point I don't know what else to try: I carefully gone through the
process stated at GoDaddy's website once again trying different
combinations with the certificates (as the instructions provided by GoDaddy
doesn't match the certificates you download)  but the result was the same
as before, it didn't work.

Early today I found this post in StackOverflow:
http://stackoverflow.com/questions/24269293/how-to-import-godaddy-certificates-in-tomcat-given-gd-bundle-g2-g1-crt-gdig2-cr
which somehow brought some hope to me as the title states literally the
issue I'm having: '
http://stackoverflow.com/questions/24269293/how-to-import-godaddy-certificates-in-tomcat-given-gd-bundle-g2-g1-crt-gdig2-crt
'

Sadly after trying everything what's shown there and reading tons of stuff
I still can't make the KeyStore work with my Tomcat server.

Any help will be greatly appreciated.
-Conor



On Wed, Jun 1, 2016 at 6:12 PM, Conor Skyler  wrote:


Hi Daniel,

Thank you very much for stepping in, I’m processing a new set of
certificates that I hope to try tomorrow.

Warm regards,
-Conor


On Tue, May 31, 2016 at 8:41 AM, Daniel Mikusa  wrote:


On Mon, May 30, 2016 at 11:26 PM, Conor Skyler 
wrote:


Hello list,

I'm trying to install the certificates I bought from GoDaddy into my

Tomcat

server, however so far I've been unsuccessful to achieve this.

My system specs are:
OS: Amazon Linux (fully updated)
Tomcat version: 8.0.32, installed from the repos
Java version: $ java -version
openjdk version "1.8.0_91"
OpenJDK Runtime Environment (build 1.8.0_91-b14)
OpenJDK 64-Bit Server VM (build 25.91-b14, mixed mode)

To install the certificates I followed this tutorial from GoDaddy

website:



https://ar.godaddy.com/help/tomcat-generate-csrs-and-install-certificates-5239

which explains how to create a KeyStore and configure the  in
the server.xml file.


Follow these instructions.



Now, judging from the official Tomcat documentation in
https://tomcat.apache.org/tomcat-8.0-doc/ssl-howto.html it's stated

that I

first need to conver the .crt files provided by GoDaddy to PKCS12

format --

I wonder then why the instructions in GoDaddy's website state other

thing!
There's more than one way to do this.  If you started out by following the
GoDaddy instructions to generate your CSR, then continue to follow them to
import your signed certificate.



But then I read this piece of documentation that left me completely
bewildered:
To import an existing certificate signed by your own CA into a PKCS12
keystore using OpenSSL you would execute a command like:

openssl pkcs12 -export -in mycert.crt -inkey mykey.key
-out mycert.p12 -name tomcat -CAfile myCA.crt
-caname root -chain

In this example there's a reference to a 'mykey.key' file that I don't
have a clue how to obtain it or from where it comes since when I
download the certificates provided by GoDaddy, there's no such .key
file: I can download several different types of certificates in .crt
format but there isn't any .key file to download.


This has to do with the way that you generated the CSR.  The GoDaddy
instructions have you using keytool and a keystore.  In this case, your
private key will exist in the keystore, so you won't have a .key file and
that's OK.



I tried contacting their support and well, they weren't any helpful at
all, they pointed me to the repository where all the certificates are
stored and told me to 'find someone that knows how to handle them' --
thanks for nothing :(

Finally I want to say that I have Tomcat running smooth at port 8080,
I even configured an administrator user to access the status page
which works perfectly, my problem is that I just can't find how to
properly install and configure the SSL.


Follow the GoDaddy instructions.  They should work.  If you get stuck on a
specific step, let us know.

Dan



What I'm not sure though is what part or steps I'm missing, I believe
this has to be much more simpler that it's been so far for me but
seriously I can't wrap my mind around it.

Thank you very much for taking the time to read this n00b's help scream.

Best regards,
-Conor






-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org

Re: using SSLHostConfig on tomcat 9 in order to get 2 SSL certificates

2016-06-01 Thread Hardibo Pierre-Jean

Hello, when i add the second, or i put only the second (tomcat2) browser 
doesn't reach the website but doesnt stop with error message.



Le 31/05/2016 18:52, Christopher Schultz a écrit :

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256

Hardibo,

On 5/31/16 10:33 AM, Hardibo Pierre-Jean wrote:

Hello, i made two startSSL's certificates because i could only add
5 domains once.

??!


When i use SSLHostConfig for the domains of the first certificate
all is working, but when i try to add other domains (2°
certificate) websites are no more accessible, there's few
documentation about that and no tutorial so i am blocked. Here is
my connector (server.xml): 

You'll also want to set secure="true" and scheme="https" on your
. This might be the only thing you are missing.

http://tomcat.apache.org/tomcat-9.0-doc/config/http.html#SSL_Support_-_S
SLHostConfig


  
  
  
  

 
  
  
  

 


Those all look okay to me. What are you using to test? With a single
 can you establish a connection? When you add the
second , how do things change?

- -chris
-BEGIN PGP SIGNATURE-
Comment: GPGTools - http://gpgtools.org
Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/

iQIcBAEBCAAGBQJXTcFCAAoJEBzwKT+lPKRY0JkQAKoHkVmJJ5Gn52BwVolkvZIW
gnnxEmjIIB1+XmemEfpsIYvRNMdPQL4pd0tZcRUzN59yhxPm20XoZguYUlBTOjcg
ocuZN5/Q6otJ27eMOlcN5ZTWqqpuRbItjY103WX+q2fmC3ulGGrV/ZNyJcgbE2+y
2SWO/WAGB/KT1QzL+DNfDyk0zLyl8Poc9ax1NUrPmW/1eM/ubdrAOe+GOyAoY3Et
vZQkXNDfTp+l+yekvUY4YKSNAj3l/Rjd6XQSyLG97bmMRe+3q37pZmIjYyX/BI/7
vnx5WX+UWz8pCrXktgZCpG/CIJC5FLeSmbObmvYKyehUDBFo93AQBgU5SwgkDha2
Uy6apmjjJYqKtJlijz3fA7AFo9SoQntQH/gIu+zdReLidMa5R9Cuu4cTYUrAcCrl
vPE4elwVsfKAaWDg8UZk8CDevLNBG/9LYXFw6e2UVvo19hn9+7gf4YBsj0qHgU9m
lKFThhD3w/IawLpqS2ZS5sXJR+KMO1Yy2mektmWBsN+BaR1gcnUacrc678wtsHGw
3cJFn8mKQdomIhRy85TzNqt6vVjeLtZC8Md1vqOasPM73GiV7c4ijoSkioLZNwM1
uovy0J8v3sE9JpJOoDsRxVc3gsBbHhj84EWlVgYYVnomt7p/z0RS30oCU7l/u0j/
5umswB87kivFp2laHPu3
=jJvc
-END PGP SIGNATURE-

-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org




-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org

using SSLHostConfig on tomcat 9 in order to get 2 SSL certificates

2016-05-31 Thread Hardibo Pierre-Jean

Hello, i made two startSSL's certificates because i could only add 5 
domains once.
When i use SSLHostConfig for the domains of the first certificate all is 
working, but when i try to add other domains (2° certificate) websites 
are no more accessible, there's few documentation about that and no 
tutorial so i am blocked.

Here is my connector (server.xml):
protocol="org.apache.coyote.http11.Http11NioProtocol"

   maxThreads="150" SSLEnabled="true" >
 


























   

Thanks for your help !


-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org

Re: Tomcat 8 doesn't listen in https

Tomcat 8 doesn't listen in https

Re: Tomcat 9 realm datasource digest attribute

Re: Problem with Apache in front of Tomcat

Re: Problem with Apache in front of Tomcat

Tomcat 9 realm datasource digest attribute

Re: 403 Access Denied on manager app

Re: 403 Access Denied on manager app

Re: 403 Access Denied on manager app

Re: Need help to install GoDaddy's SSL certificates on Tomcat 8.0.32 (Amazon Linux)

Re: Need help to install GoDaddy's SSL certificates on Tomcat 8.0.32 (Amazon Linux)

Re: Need help to install GoDaddy's SSL certificates on Tomcat 8.0.32 (Amazon Linux)

Re: Need help to install GoDaddy's SSL certificates on Tomcat 8.0.32 (Amazon Linux)

Re: using SSLHostConfig on tomcat 9 in order to get 2 SSL certificates

using SSLHostConfig on tomcat 9 in order to get 2 SSL certificates

15 matches

Site Navigation

Mail list logo

Footer information