SSL configuration trouble with IIS, Tomcat and jkredirect

2015-03-31 Thread Arthur Cosma 
Hello and thank you for the opportunity, this is my first post.
Please note that all I did below is either expertise from the vendor (which is 
very uncooperative in regards to https) or by reading numerous bits of 
information on the web.

Here is the environment:
IIS 7(.5) web server running on 2008 R2 64 bit
Tomcat 7.0.35 64 bit
JK 1.2.40 connector 64 bit configured with a configuration file and not via the 
registry

I have a vendor application that runs fine in http with the setup above, but I 
am trying to configure it for https.
JK redirects properly the http traffic from port 8080 to 80 and the URL is not 
requiring the port.

In order to set up SSL I enabled in in IIS, I created a certificate with 
keytool and imported it on the server.
I can browse to https://myhost and after I accept the certificate, I get the 
familiar IIS 7 logo.
I can also connect to https://myhost/manager/html and I am able to authenticate 
to Tomcat and get to the manager page.
None of these URLs, however, throw an entry in the isapi_redirect.log file. All 
I get in there is the initialization message.

I have my applet defined in uriworkermap.properties and it points to an ajp13 
worker defined on port 8009.

These are my connector definitions in server.xml (the rest of the configuration 
is default):

Connector port=8080 protocol=HTTP/1.1
   connectionTimeout=2
   redirectPort=8443 /
Connector port=8443 
protocol=org.apache.coyote.http11.Http11NioProtocol SSLEnabled=true
   maxThreads=200 scheme=https secure=true
   clientAuth=false sslProtocol=TLS
   keystoreFile=D:\keystore\.keystore keystorePass=tomcatPWD /

Connector port=8009 protocol=AJP/1.3 redirectPort=8443 /

In order to revert to http, all I have to do is comment out the second 
connector definition for port 8443 and revert the applet's parameter to http.
When everything is set to https, any call to the applet goes into a loop and it 
just sits there with a spinning icon on the browser's tab: Waiting for 
myhost...
There is no entry in isapi_redirect.log and  localhost_access_log.txt only 
receives a GET /myapplet HTTP/1.1 302 -

I tried to understand the way ports work with Tomcat, JK and SSL but I am at a 
loss, so I finally decided to post on this mailing list.
From what I know, JK redirects port 8080 to 80, but I couldn't find any 
information on redirecting, say 8443, to 443.

Any guidance will be greatly appreciated. I feel like I'm close, but missing 
the next step.
I am not a total newb, with some exposure to Tomcat, but this is above my pay 
grade.

Best regards,
Arthur




 -- This message (including any attachments) is intended only for the use of 
the individual or entity to which it is addressed and may contain information 
that is non-public, proprietary, privileged, confidential, and exempt from 
disclosure under applicable law. If you are not the intended recipient, you are 
hereby notified that any use, dissemination, distribution, or copying of this 
communication is strictly prohibited. If you have received this communication 
in error, please notify us and destroy this message immediately. ---

RE: VERY URGENT

2015-04-02 Thread Arthur Cosma 
-Original Message-
From: Gary Dominic [mailto:domig...@gmail.com] 
Sent: Thursday, April 02, 2015 10:43 AM
To: Tomcat Users List
Subject: Re: VERY URGENT

Thank you for your kind reply. Its Windows Server 2003 R2. So there will be no 
performance issues right?.
Also could  you please tell me, which all are the optimal Windows servers for 
Apache Tomcat 7.x?.
Please reply.

Thanks a lot!

Gary

On 2 April 2015 at 20:07, David kerber dcker...@verizon.net wrote:

 On 4/2/2015 10:27 AM, Gary Dominic wrote:

 Hi,
 Could any one please advise whether Apache Tomcat 7.x is compatible 
 with Windows Server R2?. Also what are the most compatible servers 
 that support Apache Tomcat 7.x?.


 Which Windows server R2?  2003 or 2008?  Though it actually doesn't 
 matter.  TC 7 runs fine on every Windows server OS from 2000 on, as 
 long as you have the correct version of Java installed.


  Please help!.

 Thanks.

 Regards,
 Gary



 -
 To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
 For additional commands, e-mail: users-h...@tomcat.apache.org



Gary,

Tomcat 7 runs great on 2008 R2, just download the 64 bit version.
Before you install the service, edit service.bat in the bin directory and 
change the default memory allocation to suit your needs.
The default is very conservative, on my server I set it to 4096.

Arthur

[snip]
--StartParams start ^
--StopParams stop ^
--JvmOptions 
-Dcatalina.home=%CATALINA_HOME%;-Dcatalina.base=%CATALINA_BASE%;-Djava.endorsed.dirs=%CATALINA_HOME%\endorsed;-Djava.io.tmpdir=%CATALINA_BASE%\temp;-Djava.util.logging.manager=org.apache.juli.ClassLoaderLogManager;-Djava.util.logging.config.file=%CATALINA_BASE%\conf\logging.properties
 ^
--JvmMs 4096 ^
--JvmMx 4096
if not errorlevel 1 goto installed
echo Failed installing '%SERVICE_NAME%' service
goto end
[/snip]



 -- This message (including any attachments) is intended only for the use of 
the individual or entity to which it is addressed and may contain information 
that is non-public, proprietary, privileged, confidential, and exempt from 
disclosure under applicable law. If you are not the intended recipient, you are 
hereby notified that any use, dissemination, distribution, or copying of this 
communication is strictly prohibited. If you have received this communication 
in error, please notify us and destroy this message immediately. ---