Re: Tomcat 6 HTTP / HTTP SSL Connector Port - Configuration Verification
On 18 Sep 2008 at 14:29, Gauss wrote: Greetings, I am using Apache Tomcat 6.0 on Windows Server 2003. I'm not serving any pure HTML pages - all pages are JSPs, so I plan to use Tomcat in a standalone mode. I want to use port 80 for HTTP and port 443 for HTTPS/SSL versus the out-of-the-box Tomcat ports of 8080 / 8443. I have updated the appropriate connectors in server.xml to use 80/443, however, I am having trouble accessing my java application using ports 80/443 from any machine on my LAN other than localhost where Tomcat resides. I am trying to determine if the problem is being caused by incorrect connector configuration or another conflict (eg firewall, port blocking, etc.). Most likely firewall. Do a test by turning off windows firewall then trying to access the page(s) from another machine. If it works turn the firewall back on and add the appropriate ports. -Steve O. My Question: Are other steps required - beyond updating the port numbers in server.xml for the appropriate connectors - to configure Tomcat to use ports 80 / 443? Thanks for your consideration and assistance. - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
RE: Tomcat 6 HTTP / HTTP SSL Connector Port - Configuration Verification
Yes there is. I recommend this article as far as properly configuring SSL (this one is with a self signed certificate though) http://techtracer.com/2007/09/12/setting-up-ssl-on-tomcat-in-3-easy-steps/ Here's an example config for both, which also will allow connections on 80 to redirect to 443 automatically. Connector port=80 protocol=HTTP/1.1 connectionTimeout=2 redirectPort=443 URIEncoding=UTF-8 / Connector port=443 maxHttpHeaderSize=8192 maxThreads=150 minSpareThreads=25 maxSpareThreads=75 enableLookups=false disableUploadTimeout=true acceptCount=100 scheme=https secure=true SSLEngine=on SSLEnabled=True keystoreFile=/webapps/keystore.key connectionTimeout=2 keystorePass=secret URIEncoding=UTF-8 / Paul McGurn | Manager, Customer Support Escalations Operations · ·· LogMeIn, Inc. www.LogMeIn.com | [EMAIL PROTECTED] p. +1 781.897.1320 | f. +1 781.897.0632 -Original Message- From: Gauss [mailto:[EMAIL PROTECTED] Sent: Thursday, September 18, 2008 4:30 PM To: users@tomcat.apache.org Subject: Tomcat 6 HTTP / HTTP SSL Connector Port - Configuration Verification Greetings, I am using Apache Tomcat 6.0 on Windows Server 2003. I'm not serving any pure HTML pages - all pages are JSPs, so I plan to use Tomcat in a standalone mode. I want to use port 80 for HTTP and port 443 for HTTPS/SSL versus the out-of-the-box Tomcat ports of 8080 / 8443. I have updated the appropriate connectors in server.xml to use 80/443, however, I am having trouble accessing my java application using ports 80/443 from any machine on my LAN other than localhost where Tomcat resides. I am trying to determine if the problem is being caused by incorrect connector configuration or another conflict (eg firewall, port blocking, etc.). My Question: Are other steps required - beyond updating the port numbers in server.xml for the appropriate connectors - to configure Tomcat to use ports 80 / 443? Thanks for your consideration and assistance. - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
RE: Tomcat 6 HTTP / HTTP SSL Connector Port - Configuration Verification
Paul, Thanks very much for the help. I have already configured SSL to work using port 443 as follows: Connector port=80 protocol=HTTP/1.1 connectionTimeout=2 redirectPort=443 / Connector port=443 protocol=HTTP/1.1 SSLEnabled=true maxThreads=150 scheme=https secure=true keystoreFile=c:\webapps\ssl\.keystore clientAuth=false sslProtocol=TLS / I can connect to my webapp using http/80 and https/443 from localhost. I cannot connect to the webapp from any other computer on the LAN unless I am using http/8080. I am assuming my problem is not Apache Tomcat connector configuration at this point. Please tell me if you know of any Apache Tomcat issues that I might be overlooking. Thanks again, Greg -Original Message- From: Paul McGurn [mailto:[EMAIL PROTECTED] Sent: Thursday, September 18, 2008 2:37 PM To: Tomcat Users List Subject: RE: Tomcat 6 HTTP / HTTP SSL Connector Port - Configuration Verification Yes there is. I recommend this article as far as properly configuring SSL (this one is with a self signed certificate though) http://techtracer.com/2007/09/12/setting-up-ssl-on-tomcat-in-3-easy-steps/ Here's an example config for both, which also will allow connections on 80 to redirect to 443 automatically. Connector port=80 protocol=HTTP/1.1 connectionTimeout=2 redirectPort=443 URIEncoding=UTF-8 / Connector port=443 maxHttpHeaderSize=8192 maxThreads=150 minSpareThreads=25 maxSpareThreads=75 enableLookups=false disableUploadTimeout=true acceptCount=100 scheme=https secure=true SSLEngine=on SSLEnabled=True keystoreFile=/webapps/keystore.key connectionTimeout=2 keystorePass=secret URIEncoding=UTF-8 / Paul McGurn | Manager, Customer Support Escalations Operations · ·· LogMeIn, Inc. www.LogMeIn.com | [EMAIL PROTECTED] p. +1 781.897.1320 | f. +1 781.897.0632 -Original Message- From: Gauss [mailto:[EMAIL PROTECTED] Sent: Thursday, September 18, 2008 4:30 PM To: users@tomcat.apache.org Subject: Tomcat 6 HTTP / HTTP SSL Connector Port - Configuration Verification Greetings, I am using Apache Tomcat 6.0 on Windows Server 2003. I'm not serving any pure HTML pages - all pages are JSPs, so I plan to use Tomcat in a standalone mode. I want to use port 80 for HTTP and port 443 for HTTPS/SSL versus the out-of-the-box Tomcat ports of 8080 / 8443. I have updated the appropriate connectors in server.xml to use 80/443, however, I am having trouble accessing my java application using ports 80/443 from any machine on my LAN other than localhost where Tomcat resides. I am trying to determine if the problem is being caused by incorrect connector configuration or another conflict (eg firewall, port blocking, etc.). My Question: Are other steps required - beyond updating the port numbers in server.xml for the appropriate connectors - to configure Tomcat to use ports 80 / 443? Thanks for your consideration and assistance. - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
RE: Tomcat 6 HTTP / HTTP SSL Connector Port - Configuration Verification
I had a similar issue, and it turned out to be an address binding issue. Can you access the site on localhost by using your actual hostname, or the LAN IP address vs. 127.0.0.1? I'm also pretty sure you need the SSLEngine=on to make it all work properly. Tomcat will respond on 443 with non-SSL traffic if this isn't configured (or at least, that was my experience). What I can say is that the connectors I listed below are how I've currently got it configured, and it's been in production for about 3 months as such. What does your log file say is happening? Paul McGurn | Manager, Customer Support Escalations Operations · ·· LogMeIn, Inc. www.LogMeIn.com | [EMAIL PROTECTED] p. +1 781.897.1320 | f. +1 781.897.0632 -Original Message- From: Gauss [mailto:[EMAIL PROTECTED] Sent: Thursday, September 18, 2008 4:51 PM To: 'Tomcat Users List' Subject: RE: Tomcat 6 HTTP / HTTP SSL Connector Port - Configuration Verification Paul, Thanks very much for the help. I have already configured SSL to work using port 443 as follows: Connector port=80 protocol=HTTP/1.1 connectionTimeout=2 redirectPort=443 / Connector port=443 protocol=HTTP/1.1 SSLEnabled=true maxThreads=150 scheme=https secure=true keystoreFile=c:\webapps\ssl\.keystore clientAuth=false sslProtocol=TLS / I can connect to my webapp using http/80 and https/443 from localhost. I cannot connect to the webapp from any other computer on the LAN unless I am using http/8080. I am assuming my problem is not Apache Tomcat connector configuration at this point. Please tell me if you know of any Apache Tomcat issues that I might be overlooking. Thanks again, Greg -Original Message- From: Paul McGurn [mailto:[EMAIL PROTECTED] Sent: Thursday, September 18, 2008 2:37 PM To: Tomcat Users List Subject: RE: Tomcat 6 HTTP / HTTP SSL Connector Port - Configuration Verification Yes there is. I recommend this article as far as properly configuring SSL (this one is with a self signed certificate though) http://techtracer.com/2007/09/12/setting-up-ssl-on-tomcat-in-3-easy-steps/ Here's an example config for both, which also will allow connections on 80 to redirect to 443 automatically. Connector port=80 protocol=HTTP/1.1 connectionTimeout=2 redirectPort=443 URIEncoding=UTF-8 / Connector port=443 maxHttpHeaderSize=8192 maxThreads=150 minSpareThreads=25 maxSpareThreads=75 enableLookups=false disableUploadTimeout=true acceptCount=100 scheme=https secure=true SSLEngine=on SSLEnabled=True keystoreFile=/webapps/keystore.key connectionTimeout=2 keystorePass=secret URIEncoding=UTF-8 / Paul McGurn | Manager, Customer Support Escalations Operations · ·· LogMeIn, Inc. www.LogMeIn.com | [EMAIL PROTECTED] p. +1 781.897.1320 | f. +1 781.897.0632 -Original Message- From: Gauss [mailto:[EMAIL PROTECTED] Sent: Thursday, September 18, 2008 4:30 PM To: users@tomcat.apache.org Subject: Tomcat 6 HTTP / HTTP SSL Connector Port - Configuration Verification Greetings, I am using Apache Tomcat 6.0 on Windows Server 2003. I'm not serving any pure HTML pages - all pages are JSPs, so I plan to use Tomcat in a standalone mode. I want to use port 80 for HTTP and port 443 for HTTPS/SSL versus the out-of-the-box Tomcat ports of 8080 / 8443. I have updated the appropriate connectors in server.xml to use 80/443, however, I am having trouble accessing my java application using ports 80/443 from any machine on my LAN other than localhost where Tomcat resides. I am trying to determine if the problem is being caused by incorrect connector configuration or another conflict (eg firewall, port blocking, etc.). My Question: Are other steps required - beyond updating the port numbers in server.xml for the appropriate connectors - to configure Tomcat to use ports 80 / 443? Thanks for your consideration and assistance. - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
RE: Tomcat 6 HTTP / HTTP SSL Connector Port - Configuration Verification
From the Apache Tomcat server I can access my webapp via SSL/443 using localhost and/or the server's LAN IP address. No errors in the logfile. More and more, this problem looks like a firewall/port blocking issue. Thanks again. -Original Message- From: Paul McGurn [mailto:[EMAIL PROTECTED] Sent: Thursday, September 18, 2008 3:08 PM To: Tomcat Users List Subject: RE: Tomcat 6 HTTP / HTTP SSL Connector Port - Configuration Verification I had a similar issue, and it turned out to be an address binding issue. Can you access the site on localhost by using your actual hostname, or the LAN IP address vs. 127.0.0.1? I'm also pretty sure you need the SSLEngine=on to make it all work properly. Tomcat will respond on 443 with non-SSL traffic if this isn't configured (or at least, that was my experience). What I can say is that the connectors I listed below are how I've currently got it configured, and it's been in production for about 3 months as such. What does your log file say is happening? Paul McGurn | Manager, Customer Support Escalations Operations · ·· LogMeIn, Inc. www.LogMeIn.com | [EMAIL PROTECTED] p. +1 781.897.1320 | f. +1 781.897.0632 -Original Message- From: Gauss [mailto:[EMAIL PROTECTED] Sent: Thursday, September 18, 2008 4:51 PM To: 'Tomcat Users List' Subject: RE: Tomcat 6 HTTP / HTTP SSL Connector Port - Configuration Verification Paul, Thanks very much for the help. I have already configured SSL to work using port 443 as follows: Connector port=80 protocol=HTTP/1.1 connectionTimeout=2 redirectPort=443 / Connector port=443 protocol=HTTP/1.1 SSLEnabled=true maxThreads=150 scheme=https secure=true keystoreFile=c:\webapps\ssl\.keystore clientAuth=false sslProtocol=TLS / I can connect to my webapp using http/80 and https/443 from localhost. I cannot connect to the webapp from any other computer on the LAN unless I am using http/8080. I am assuming my problem is not Apache Tomcat connector configuration at this point. Please tell me if you know of any Apache Tomcat issues that I might be overlooking. Thanks again, Greg -Original Message- From: Paul McGurn [mailto:[EMAIL PROTECTED] Sent: Thursday, September 18, 2008 2:37 PM To: Tomcat Users List Subject: RE: Tomcat 6 HTTP / HTTP SSL Connector Port - Configuration Verification Yes there is. I recommend this article as far as properly configuring SSL (this one is with a self signed certificate though) http://techtracer.com/2007/09/12/setting-up-ssl-on-tomcat-in-3-easy-steps/ Here's an example config for both, which also will allow connections on 80 to redirect to 443 automatically. Connector port=80 protocol=HTTP/1.1 connectionTimeout=2 redirectPort=443 URIEncoding=UTF-8 / Connector port=443 maxHttpHeaderSize=8192 maxThreads=150 minSpareThreads=25 maxSpareThreads=75 enableLookups=false disableUploadTimeout=true acceptCount=100 scheme=https secure=true SSLEngine=on SSLEnabled=True keystoreFile=/webapps/keystore.key connectionTimeout=2 keystorePass=secret URIEncoding=UTF-8 / Paul McGurn | Manager, Customer Support Escalations Operations · ·· LogMeIn, Inc. www.LogMeIn.com | [EMAIL PROTECTED] p. +1 781.897.1320 | f. +1 781.897.0632 -Original Message- From: Gauss [mailto:[EMAIL PROTECTED] Sent: Thursday, September 18, 2008 4:30 PM To: users@tomcat.apache.org Subject: Tomcat 6 HTTP / HTTP SSL Connector Port - Configuration Verification Greetings, I am using Apache Tomcat 6.0 on Windows Server 2003. I'm not serving any pure HTML pages - all pages are JSPs, so I plan to use Tomcat in a standalone mode. I want to use port 80 for HTTP and port 443 for HTTPS/SSL versus the out-of-the-box Tomcat ports of 8080 / 8443. I have updated the appropriate connectors in server.xml to use 80/443, however, I am having trouble accessing my java application using ports 80/443 from any machine on my LAN other than localhost where Tomcat resides. I am trying to determine if the problem is being caused by incorrect connector configuration or another conflict (eg firewall, port blocking, etc.). My Question: Are other steps required - beyond updating the port numbers in server.xml for the appropriate connectors - to configure Tomcat to use ports 80 / 443? Thanks for your consideration and assistance. - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED
Re: Tomcat 6 HTTP / HTTP SSL Connector Port - Configuration Verification
Gauss wrote: From the Apache Tomcat server I can access my webapp via SSL/443 using localhost and/or the server's LAN IP address. No errors in the logfile. More and more, this problem looks like a firewall/port blocking issue. Yes, it probably is. Also check the Windows Firewall, if it might be enabled on this machine. And check the extended properties of your network interfaces, to see if there are not any ports blocked there. (right-click on a network connection, properties, scroll down for TCP/IP, click extended) A tip to save you further grief maybe down the line : The standard installation of Tomcat under Windows installs it to run under the user-id LocalSystem. That is a special user-id which has extended rights on the local machine, but no rights at all to access Windows network resources. My suggestion is to obtain from your sysadmins a Domain user-id (and one for which the password does not automatically age and become invalid), possibly adding this user-id to the Local Administrators group (so that you do not run into issues using ports below 1024), and change the user-id under which the Tomcat Service runs, to run under that one. This will allow you, should the need arise in the future, to give your Tomcat access to Windows Domain network resources. - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
RE: Tomcat 6 HTTP / HTTP SSL Connector Port - Configuration Verification
Check you port bindings using netstat -an and see if it is bound to a specific IP address. -Original Message- From: Gauss [mailto:[EMAIL PROTECTED] Sent: Thursday, September 18, 2008 4:23 PM To: 'Tomcat Users List' Subject: RE: Tomcat 6 HTTP / HTTP SSL Connector Port - Configuration Verification From the Apache Tomcat server I can access my webapp via SSL/443 using localhost and/or the server's LAN IP address. No errors in the logfile. More and more, this problem looks like a firewall/port blocking issue. Thanks again. -Original Message- From: Paul McGurn [mailto:[EMAIL PROTECTED] Sent: Thursday, September 18, 2008 3:08 PM To: Tomcat Users List Subject: RE: Tomcat 6 HTTP / HTTP SSL Connector Port - Configuration Verification I had a similar issue, and it turned out to be an address binding issue. Can you access the site on localhost by using your actual hostname, or the LAN IP address vs. 127.0.0.1? I'm also pretty sure you need the SSLEngine=on to make it all work properly. Tomcat will respond on 443 with non-SSL traffic if this isn't configured (or at least, that was my experience). What I can say is that the connectors I listed below are how I've currently got it configured, and it's been in production for about 3 months as such. What does your log file say is happening? Paul McGurn | Manager, Customer Support Escalations Operations · ·· LogMeIn, Inc. www.LogMeIn.com | [EMAIL PROTECTED] p. +1 781.897.1320 | f. +1 781.897.0632 -Original Message- From: Gauss [mailto:[EMAIL PROTECTED] Sent: Thursday, September 18, 2008 4:51 PM To: 'Tomcat Users List' Subject: RE: Tomcat 6 HTTP / HTTP SSL Connector Port - Configuration Verification Paul, Thanks very much for the help. I have already configured SSL to work using port 443 as follows: Connector port=80 protocol=HTTP/1.1 connectionTimeout=2 redirectPort=443 / Connector port=443 protocol=HTTP/1.1 SSLEnabled=true maxThreads=150 scheme=https secure=true keystoreFile=c:\webapps\ssl\.keystore clientAuth=false sslProtocol=TLS / I can connect to my webapp using http/80 and https/443 from localhost. I cannot connect to the webapp from any other computer on the LAN unless I am using http/8080. I am assuming my problem is not Apache Tomcat connector configuration at this point. Please tell me if you know of any Apache Tomcat issues that I might be overlooking. Thanks again, Greg -Original Message- From: Paul McGurn [mailto:[EMAIL PROTECTED] Sent: Thursday, September 18, 2008 2:37 PM To: Tomcat Users List Subject: RE: Tomcat 6 HTTP / HTTP SSL Connector Port - Configuration Verification Yes there is. I recommend this article as far as properly configuring SSL (this one is with a self signed certificate though) http://techtracer.com/2007/09/12/setting-up-ssl-on-tomcat-in-3-easy-steps/ Here's an example config for both, which also will allow connections on 80 to redirect to 443 automatically. Connector port=80 protocol=HTTP/1.1 connectionTimeout=2 redirectPort=443 URIEncoding=UTF-8 / Connector port=443 maxHttpHeaderSize=8192 maxThreads=150 minSpareThreads=25 maxSpareThreads=75 enableLookups=false disableUploadTimeout=true acceptCount=100 scheme=https secure=true SSLEngine=on SSLEnabled=True keystoreFile=/webapps/keystore.key connectionTimeout=2 keystorePass=secret URIEncoding=UTF-8 / Paul McGurn | Manager, Customer Support Escalations Operations · ·· LogMeIn, Inc. www.LogMeIn.com | [EMAIL PROTECTED] p. +1 781.897.1320 | f. +1 781.897.0632 -Original Message- From: Gauss [mailto:[EMAIL PROTECTED] Sent: Thursday, September 18, 2008 4:30 PM To: users@tomcat.apache.org Subject: Tomcat 6 HTTP / HTTP SSL Connector Port - Configuration Verification Greetings, I am using Apache Tomcat 6.0 on Windows Server 2003. I'm not serving any pure HTML pages - all pages are JSPs, so I plan to use Tomcat in a standalone mode. I want to use port 80 for HTTP and port 443 for HTTPS/SSL versus the out-of-the-box Tomcat ports of 8080 / 8443. I have updated the appropriate connectors in server.xml to use 80/443, however, I am having trouble accessing my java application using ports 80/443 from any machine on my LAN other than localhost where Tomcat resides. I am trying to determine if the problem is being caused by incorrect connector configuration or another conflict (eg firewall, port blocking, etc.). My Question: Are other steps required - beyond updating the port numbers in server.xml for the appropriate connectors - to configure Tomcat to use ports 80 / 443? Thanks for your
