Re: SSL Not working on tomcat 5.5.29
Hi All, If I rename tcnative-1.dll in the bin folder then the site on SSL works. I am not that knowledgeable on thie dll. Any comments or ideas please? I got this suggestion from google but no specific reason. Regards, Kareem Pid * wrote: On 02/07/2010 06:30, kareem_s_m wrote: Hi All, I am working on upgrading tomcat from 5.5.28 to 5.5.29 for one of the applications. I see that the website renders and works fine in 5.5.29 on port 8080 (non SSL) but with SSL (port 8443) the website doesnot run at all. When I try to see what's going on in Fiddle, I see 502 error. Also nothing is written to the log flies. It is as if tomcat is not even running in port 8443. Under tomcat 5.5.28, the site renders fine with SSL and non SSL. Is there something I could be missing? Are the Connector definitions in server.xml files identical? You can post it inline here, if you remove the comments and any passwords. p -- View this message in context: http://old.nabble.com/SSL-Not-working-on-tomcat-5.5.29-tp29052531p29137241.html Sent from the Tomcat - User mailing list archive at Nabble.com. - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
RE: SSL Not working on tomcat 5.5.29
From: kareem_s_m [mailto:kareemud...@gmail.com] Subject: Re: SSL Not working on tomcat 5.5.29 If I rename tcnative-1.dll in the bin folder then the site on SSL works. SSL handling with the APR connector is completely different from that with a pure Java connector. The docs are here: http://tomcat.apache.org/tomcat-5.5-doc/ssl-howto.html http://tomcat.apache.org/tomcat-5.5-doc/apr.html - Chuck THIS COMMUNICATION MAY CONTAIN CONFIDENTIAL AND/OR OTHERWISE PROPRIETARY MATERIAL and is thus for use only by the intended recipient. If you received this in error, please contact the sender and delete the e-mail and its attachments from all computers. - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: SSL Not working on tomcat 5.5.29
2010/7/12 kareem_s_m kareemud...@gmail.com: Hi All, If I rename tcnative-1.dll in the bin folder then the site on SSL works. I am not that knowledgeable on thie dll. Any comments or ideas please? I got this suggestion from google but no specific reason. It was already mentioned in this very thread. http://old.nabble.com/SSL-Not-working-on-tomcat-5.5.29-ts29052531.html#a29083748 Regards, Kareem - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: SSL Not working on tomcat 5.5.29
Yup... I guess I missed it. Thank You Konstantin. Konstantin Kolinko wrote: 2010/7/12 kareem_s_m kareemud...@gmail.com: Hi All, If I rename tcnative-1.dll in the bin folder then the site on SSL works. I am not that knowledgeable on thie dll. Any comments or ideas please? I got this suggestion from google but no specific reason. It was already mentioned in this very thread. http://old.nabble.com/SSL-Not-working-on-tomcat-5.5.29-ts29052531.html#a29083748 Regards, Kareem - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org -- View this message in context: http://old.nabble.com/SSL-Not-working-on-tomcat-5.5.29-tp29052531p29143073.html Sent from the Tomcat - User mailing list archive at Nabble.com. - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
RE: SSL Not working on tomcat 5.5.29
Thank You Chuck!!! n828cl wrote: From: kareem_s_m [mailto:kareemud...@gmail.com] Subject: Re: SSL Not working on tomcat 5.5.29 If I rename tcnative-1.dll in the bin folder then the site on SSL works. SSL handling with the APR connector is completely different from that with a pure Java connector. The docs are here: http://tomcat.apache.org/tomcat-5.5-doc/ssl-howto.html http://tomcat.apache.org/tomcat-5.5-doc/apr.html - Chuck THIS COMMUNICATION MAY CONTAIN CONFIDENTIAL AND/OR OTHERWISE PROPRIETARY MATERIAL and is thus for use only by the intended recipient. If you received this in error, please contact the sender and delete the e-mail and its attachments from all computers. - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org -- View this message in context: http://old.nabble.com/SSL-Not-working-on-tomcat-5.5.29-tp29052531p29143076.html Sent from the Tomcat - User mailing list archive at Nabble.com. - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: SSL Not working on tomcat 5.5.29
When I run in NON SSL (port 8080, stuff is written to the log files). When I run under SSL (8443) nothing is written to the same log files. Konstantin Kolinko wrote: 2010/7/2 kareem_s_m kareemud...@gmail.com: Also nothing is written to the log flies. Nothing at all? The logs are completely empty? Maybe you are still running 5.5.28, or writing to 5.5.28 logs, if the service was installed incorrectly? Under tomcat 5.5.28, the site renders fine with SSL and non SSL. How did you install Tomcat, and how are you running it? Best regards, Konstantin Kolinko - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org -- View this message in context: http://old.nabble.com/SSL-Not-working-on-tomcat-5.5.29-tp29052531p29082265.html Sent from the Tomcat - User mailing list archive at Nabble.com. - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: SSL Not working on tomcat 5.5.29
2010/7/6 kareem_s_m kareemud...@gmail.com: When I run in NON SSL (port 8080, stuff is written to the log files). When I run under SSL (8443) nothing is written to the same log files. In the configuration fragment that you provided you are running with all 8080, 8443, 8009 at the same time. If you are adding an XML comment around unneeded connectors, maybe you are doing it wrong, and thus your server.xml is not a well-formed XML file? (You know, XML comments cannot contain -- and thus comments cannot be nested). A trivial question: your keystore is now in a new path. Have you copied it to the new location? keystoreFile=E:\apps\thirdparty\apache-tomcat-5.5.29 orig\selfcert.jks How did you install Tomcat, and how are you running it? Not answered. Do you install it as a service, or you are using *.bat files? Best regards, Konstantin Kolinko - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: SSL Not working on tomcat 5.5.29
2010/7/6 Konstantin Kolinko knst.koli...@gmail.com: 2010/7/6 kareem_s_m kareemud...@gmail.com: When I run in NON SSL (port 8080, stuff is written to the log files). When I run under SSL (8443) nothing is written to the same log files. In the configuration fragment that you provided you are running with all 8080, 8443, 8009 at the same time. If you are adding an XML comment around unneeded connectors, maybe you are doing it wrong, and thus your server.xml is not a well-formed XML file? (You know, XML comments cannot contain -- and thus comments cannot be nested). A trivial question: your keystore is now in a new path. Have you copied it to the new location? keystoreFile=E:\apps\thirdparty\apache-tomcat-5.5.29 orig\selfcert.jks How did you install Tomcat, and how are you running it? Not answered. Do you install it as a service, or you are using *.bat files? One more: please check whether you have bin/tcnative-1.dll in your tomcat-5.5.29. If you do, than APR version of the connector will be used. Configuration for the APR SSL connector is different (it uses OpenSSL library to perform encryption and not Java). Just remove or rename the tcnative-1.dll file. Best regards, Konstantin Kolinko - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: SSL Not working on tomcat 5.5.29
Server.xml is well formed as I can render it in IE. Also, the cert path is right. Konstantin Kolinko wrote: 2010/7/6 kareem_s_m kareemud...@gmail.com: When I run in NON SSL (port 8080, stuff is written to the log files). When I run under SSL (8443) nothing is written to the same log files. In the configuration fragment that you provided you are running with all 8080, 8443, 8009 at the same time. If you are adding an XML comment around unneeded connectors, maybe you are doing it wrong, and thus your server.xml is not a well-formed XML file? (You know, XML comments cannot contain -- and thus comments cannot be nested). A trivial question: your keystore is now in a new path. Have you copied it to the new location? keystoreFile=E:\apps\thirdparty\apache-tomcat-5.5.29 orig\selfcert.jks How did you install Tomcat, and how are you running it? Not answered. Do you install it as a service, or you are using *.bat files? Best regards, Konstantin Kolinko - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org -- View this message in context: http://old.nabble.com/SSL-Not-working-on-tomcat-5.5.29-tp29052531p29090432.html Sent from the Tomcat - User mailing list archive at Nabble.com. - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: SSL Not working on tomcat 5.5.29
2010/7/2 kareem_s_m kareemud...@gmail.com: Also nothing is written to the log flies. Nothing at all? The logs are completely empty? Maybe you are still running 5.5.28, or writing to 5.5.28 logs, if the service was installed incorrectly? Under tomcat 5.5.28, the site renders fine with SSL and non SSL. How did you install Tomcat, and how are you running it? Best regards, Konstantin Kolinko - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: SSL Not working on tomcat 5.5.29
The connectors from server.xml in 5.5.29 is as follows: Service name=Catalina !-- Define a SSL HTTP/1.1 Connector on port 8443 -- Connector port=8080 minSpareThreads=25 connectionTimeout=2 maxSpareThreads=75 maxThreads=150 enableLookups=false disableUploadTimeout=true acceptCount=100 scheme=http /Connector Connector port=8443 minSpareThreads=25 connectionTimeout=2 maxSpareThreads=75 maxThreads=150 enableLookups=false disableUploadTimeout=true acceptCount=100 scheme=https secure=true keystoreFile=E:\apps\thirdparty\apache-tomcat-5.5.29 orig\selfcert.jks keystorePass=X /Connector !-- Define an AJP 1.3 Connector on port 8009 -- Connector port=8009 redirectPort=8443 protocol=AJP/1.3 /Connector Engine defaultHost=localhost name=Catalina Realm className=org.apache.catalina.realm.UserDatabaseRealm/ Host appBase=webapps name=localhost /Host /Engine /Service The connectors from server.xml in 5.5.28 is as follows: Service name=Catalina !-- Define a SSL HTTP/1.1 Connector on port 8443 -- Connector port=8080 minSpareThreads=25 connectionTimeout=2 maxSpareThreads=75 maxThreads=150 enableLookups=false disableUploadTimeout=true acceptCount=100 scheme=http /Connector Connector port=8443 minSpareThreads=25 connectionTimeout=2 maxSpareThreads=75 maxThreads=150 enableLookups=false disableUploadTimeout=true acceptCount=100 scheme=https secure=true keystoreFile=E:\apps\thirdparty\apache-tomcat-5.5.28\selfcert.jks keystorePass=X /Connector !-- Define an AJP 1.3 Connector on port 8009 -- Connector port=8009 redirectPort=8443 protocol=AJP/1.3 /Connector Engine defaultHost=localhost name=Catalina Realm className=org.apache.catalina.realm.UserDatabaseRealm/ Host appBase=webapps name=localhost /Host /Engine /Service /Server Output of version.bat Using CATALINA_BASE: E:\apps\thirdparty\apache-tomcat-5.5.29 orig Using CATALINA_HOME: E:\apps\thirdparty\apache-tomcat-5.5.29 orig Using CATALINA_TMPDIR: E:\apps\thirdparty\apache-tomcat-5.5.29 orig\temp Using JRE_HOME:D:\Java\jdk.1.5.07 Using CLASSPATH: E:\apps\thirdparty\apache-tomcat-5.5.29 orig\bin\bootstrap.jar Server version: Apache Tomcat/5.5.29 Server built: Mar 29 2010 07:46:34 Server number: 5.5.29.0 OS Name:Windows 2003 OS Version: 5.2 Architecture: x86 JVM Version:1.5.0_07-b03 JVM Vendor: Sun Microsystems Inc. awarnier wrote: kareem_s_m wrote: Hi All, I am working on upgrading tomcat from 5.5.28 to 5.5.29 for one of the applications. I see that the website renders and works fine in 5.5.29 on port 8080 (non SSL) but with SSL (port 8443) the website doesnot run at all. When I try to see what's going on in Fiddle, I see 502 error. Also nothing is written to the log flies. It is as if tomcat is not even running in port 8443. Under tomcat 5.5.28, the site renders fine with SSL and non SSL. Is there something I could be missing? On the face of it, I would estimate the probability of that at so close to 1 as cannot be distinguished from it. But if you want someone here to help, you will have to provide some more details, such as for example a copy-and-paste of your Connector tags, and maybe tell us which platform this is, and where these Tomcat's are coming from. Useful : go to the Tomcat bin subdirectory with a console window, run version.sh or version.bat, and paste the result in your next message. - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org -- View this message in context: http://old.nabble.com/SSL-Not-working-on-tomcat-5.5.29-tp29052531p29067491.html Sent from the Tomcat - User mailing list archive at Nabble.com. - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: SSL Not working on tomcat 5.5.29
Hi. 502 Bad Gateway That is a strange error, in this context. Are you accessing this Tomcat directly, or through Apache or IIS or some load-balancer ? Try this anyway : Start Tomcat 5.5.28, open a command window, and enter netstat -ano. With your setup, in the lines marked LISTEN, you should see 4 lines related to Tomcat : in the 2d column (local address), these lines should contain respectively :8005 :8009 :8080 :8443 (The last column contains the PID of the corresponding process (Tomcat). You can check this with the Task Manager, if you enable the PID column.) Anyway, copy and paste these lines here. Now stop Tomcat 5.5.28, start Tomcat 5.5.29, and run the above command again. Copy and paste these lines here. Any difference ? kareem_s_m wrote: The connectors from server.xml in 5.5.29 is as follows: Service name=Catalina !-- Define a SSL HTTP/1.1 Connector on port 8443 -- Connector port=8080 minSpareThreads=25 connectionTimeout=2 maxSpareThreads=75 maxThreads=150 enableLookups=false disableUploadTimeout=true acceptCount=100 scheme=http /Connector Connector port=8443 minSpareThreads=25 connectionTimeout=2 maxSpareThreads=75 maxThreads=150 enableLookups=false disableUploadTimeout=true acceptCount=100 scheme=https secure=true keystoreFile=E:\apps\thirdparty\apache-tomcat-5.5.29 orig\selfcert.jks keystorePass=X /Connector !-- Define an AJP 1.3 Connector on port 8009 -- Connector port=8009 redirectPort=8443 protocol=AJP/1.3 /Connector Engine defaultHost=localhost name=Catalina Realm className=org.apache.catalina.realm.UserDatabaseRealm/ Host appBase=webapps name=localhost /Host /Engine /Service The connectors from server.xml in 5.5.28 is as follows: Service name=Catalina !-- Define a SSL HTTP/1.1 Connector on port 8443 -- Connector port=8080 minSpareThreads=25 connectionTimeout=2 maxSpareThreads=75 maxThreads=150 enableLookups=false disableUploadTimeout=true acceptCount=100 scheme=http /Connector Connector port=8443 minSpareThreads=25 connectionTimeout=2 maxSpareThreads=75 maxThreads=150 enableLookups=false disableUploadTimeout=true acceptCount=100 scheme=https secure=true keystoreFile=E:\apps\thirdparty\apache-tomcat-5.5.28\selfcert.jks keystorePass=X /Connector !-- Define an AJP 1.3 Connector on port 8009 -- Connector port=8009 redirectPort=8443 protocol=AJP/1.3 /Connector Engine defaultHost=localhost name=Catalina Realm className=org.apache.catalina.realm.UserDatabaseRealm/ Host appBase=webapps name=localhost /Host /Engine /Service /Server Output of version.bat Using CATALINA_BASE: E:\apps\thirdparty\apache-tomcat-5.5.29 orig Using CATALINA_HOME: E:\apps\thirdparty\apache-tomcat-5.5.29 orig Using CATALINA_TMPDIR: E:\apps\thirdparty\apache-tomcat-5.5.29 orig\temp Using JRE_HOME:D:\Java\jdk.1.5.07 Using CLASSPATH: E:\apps\thirdparty\apache-tomcat-5.5.29 orig\bin\bootstrap.jar Server version: Apache Tomcat/5.5.29 Server built: Mar 29 2010 07:46:34 Server number: 5.5.29.0 OS Name:Windows 2003 OS Version: 5.2 Architecture: x86 JVM Version:1.5.0_07-b03 JVM Vendor: Sun Microsystems Inc. awarnier wrote: kareem_s_m wrote: Hi All, I am working on upgrading tomcat from 5.5.28 to 5.5.29 for one of the applications. I see that the website renders and works fine in 5.5.29 on port 8080 (non SSL) but with SSL (port 8443) the website doesnot run at all. When I try to see what's going on in Fiddle, I see 502 error. Also nothing is written to the log flies. It is as if tomcat is not even running in port 8443. Under tomcat 5.5.28, the site renders fine with SSL and non SSL. Is there something I could be missing? On the face of it, I would estimate the probability of that at so close to 1 as cannot be distinguished from it. But if you want someone here to help, you will have to provide some more details, such as for example a copy-and-paste of your Connector tags, and maybe tell us which platform this is, and where these Tomcat's are coming from. Useful : go to the Tomcat bin subdirectory with a console window, run version.sh or version.bat, and paste the result in your next message. - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: SSL Not working on tomcat 5.5.29
On 02/07/2010 06:30, kareem_s_m wrote: Hi All, I am working on upgrading tomcat from 5.5.28 to 5.5.29 for one of the applications. I see that the website renders and works fine in 5.5.29 on port 8080 (non SSL) but with SSL (port 8443) the website doesnot run at all. When I try to see what's going on in Fiddle, I see 502 error. Also nothing is written to the log flies. It is as if tomcat is not even running in port 8443. Under tomcat 5.5.28, the site renders fine with SSL and non SSL. Is there something I could be missing? Are the Connector definitions in server.xml files identical? You can post it inline here, if you remove the comments and any passwords. p signature.asc Description: OpenPGP digital signature
Re: SSL Not working on tomcat 5.5.29
kareem_s_m wrote: Hi All, I am working on upgrading tomcat from 5.5.28 to 5.5.29 for one of the applications. I see that the website renders and works fine in 5.5.29 on port 8080 (non SSL) but with SSL (port 8443) the website doesnot run at all. When I try to see what's going on in Fiddle, I see 502 error. Also nothing is written to the log flies. It is as if tomcat is not even running in port 8443. Under tomcat 5.5.28, the site renders fine with SSL and non SSL. Is there something I could be missing? On the face of it, I would estimate the probability of that at so close to 1 as cannot be distinguished from it. But if you want someone here to help, you will have to provide some more details, such as for example a copy-and-paste of your Connector tags, and maybe tell us which platform this is, and where these Tomcat's are coming from. Useful : go to the Tomcat bin subdirectory with a console window, run version.sh or version.bat, and paste the result in your next message. - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
