auto-generating mod_jk.conf ???
Hi all. I use Apache2 - mod_jk - Tomcat4 Been a while since I had to auto-generate mod_jk.conf The auto-generated copy is in .../conf/auto whereas the working copy is in .../conf I have some new virtual hosts which I inserted into server.xml. I copied server.xml to the Apache server, started and stopped Tomcat and got a new .../conf/auto/mod_jk.conf It has all the new virtual hosts, but it doesn't have definitions for server, the LoadModule and AddModule and the entries for the workers.properties. In other words, incomplete. I can cut and past the virtual hosts from the new mod_jk.conf to the old one, but that's hardly the point. What have I done wrong ??? Maybe should just add them manually to the old copy ??? It works, but I would really like to know why I am not getting the complete mod_jk.conf ??? TIA :( - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
And another thing about auto-generating mod_jk.conf
[EMAIL PROTECTED] wrote: I modified workers.properties : from worker.list=ajp13 to worker.list=ajax, helen following is an excerpt from the new workers.properties : ... # listing workers by names e.g. worker.list=asterix, obelix, loadbalancer etc ps=/ worker.list=ajax, troy # - # First Tomcat server : ajax # - worker.ajax.port=8009 worker.ajax.host=tomcat.mydom.com worker.ajax.type=ajp13 # Specify the size of the open connection cache # worker.ajax.cachesize # Specify the loadbalancing factor when used with a load-balancing worker # ...lbfactor must be 0 # ...a low lbfactor means less work done by this worker worker.ajax.lbfactor=100 # -- # Second Tomcat server : troy # -- worker.troy.port=8009 worker.troy.host=tomcat2.mydom.com worker.troy.type=ajp13 ...etc... This didn't work, java console reports a Class File Not Found error. Yet if I change the name ajax back to ajp13, all okay again. I mean a name is nothing more than a plave-holder only, right ??? Hope I get some answers. TIA :{ Kind Regards, ACDC - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
RE: Redirect to home page on logon
Thanks Tim. Could you please elaborate more on how to use telnet to do this. -Original Message- From: Tim Funk [mailto:[EMAIL PROTECTED] Sent: Thursday, July 17, 2003 10:49 PM To: Tomcat Users List Subject: Re: Redirect to home page on logon I recommend posting to the struts list and hope they don't respond by saying please post to the tomcat list Also telnet is nice for debugging requests too so you can see the headers begin returned in case some wacky redirect logic is being invoked that you might not be detecting. -Tim Tarek M. Nabil wrote: Tim, the Filter thing is a great idea, and it worked just fine. Thanks a million. Now, I have another problem that I just can't figure out. After the session expires and the user makes a request, he's sent to the login page by Tomcat. After he logs in, he's still sent to the error page. Of course the filter intercepts this and redirects to the home page. I still can't figure out, though, why the request is sent to the error page. It really doesn't make sense. I have my error pages configured as follows: !-- error pages -- error-page error-code500/error-code location/error.do/location /error-page error-page error-code404/error-code location/error.do/location /error-page error-page exception-typejava.lang.Exception/exception-type location/error.do/location /error-page In error.do I do some logging, then forward to error.jsp. What's really driving me crazy, is that in the case I was just describing, the request is sent directly to error.jsp and it doesn't even go to error.do. I tried adding some debugging info in error.jsp to see what error is happening, but, although the isErrorPage is set to true, there's no exception object. I went into the Tomcat server.xml and raised the debug level to 4 for both the host and the engine, and still the Tomcat logs does not mention anything about the error that causes the forwarding to error.jsp. I even checked stdout and stderr, nothing. What I can't understand is how the container knows about error.jsp, it's not mentioned anywhere in my web.xml. The only place it's mentioned in is in the struts-config.xml file. I even changed it's name to something else, thinking that maybe error.jsp is some default value or something like index.jsp, but it didn't help. Please, someone help me out here. -Original Message- From: Tim Funk [mailto:[EMAIL PROTECTED] Sent: Wednesday, July 16, 2003 8:24 PM To: Tomcat Users List Subject: Re: Redirect to home page on logon Use a filter. Its container independent. The filter runs on the appropriate (or all) requests and would check if the beans are in the session. If not - redirect. OR If all the pages set an error condition - you might be able to use an error mapping directive in web.xml -Tim Tarek M. Nabil wrote: Hi everyone, I have an application that uses beans stored in the session context. If the user's session times out, he's asked to re-login on his next request. For this, I'm using J2EE security; I'm not doing it myself. After the user is finished with the re-login, he's supposed to complete his request, but the fact that the beans are not in the session anymore produces an error. Unfortunately, those beans are specific to the last request the user made, so I cannot re-initialize them in a listener for session creation. I was wondering if there's a way to configure security so that after the user logs in he's redirected to a certain page instead of being able to continue his last request. I know this can be done manually, but I would have to do it in every web component I have which is really tiresome. Any quick solutions? Any help is appreciated. I'm sorry that this question is not Tomcat specific, but I tried the servlet-interest list and got no responses. Thanks, Tarek M. Nabil - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Redirect to home page on logon
Hi, this is what I do smetimes (nly to look at my own things, of course...): $ telnet 192.168.1.200 80 ... It might respose by telling me : .. Trying 192.16.1.200.. Connected to 12.168.1.200 ... Then you type in something like this : GET /help.txt HTTP/1.0 ... It will probably give you a log winded response like this : HTTP/1.1 20 OK Date: balbla Server: Apache/1.3.26 (Unix) blbla Conetent -Type: text/plain .. You ca a lot of info from it. You look at your own things of course. And so forth. Hope that helps. Tarek M. Nabil wrote: Thanks Tim. Could you please elaborate more on how to use telnet to do this. -Original Message- From: Tim Funk [mailto:[EMAIL PROTECTED] Sent: Thursday, July 17, 2003 10:49 PM To: Tomcat Users List Subject: Re: Redirect to home page on logon I recommend posting to the struts list and hope they don't respond by saying please post to the tomcat list Also telnet is nice for debugging requests too so you can see the headers begin returned in case some wacky redirect logic is being invoked that you might not be detecting. -Tim Tarek M. Nabil wrote: Tim, the Filter thing is a great idea, and it worked just fine. Thanks a million. Now, I have another problem that I just can't figure out. After the session expires and the user makes a request, he's sent to the login page by Tomcat. After he logs in, he's still sent to the error page. Of course the filter intercepts this and redirects to the home page. I still can't figure out, though, why the request is sent to the error page. It really doesn't make sense. I have my error pages configured as follows: !-- error pages -- error-page error-code500/error-code location/error.do/location /error-page error-page error-code404/error-code location/error.do/location /error-page error-page exception-typejava.lang.Exception/exception-type location/error.do/location /error-page In error.do I do some logging, then forward to error.jsp. What's really driving me crazy, is that in the case I was just describing, the request is sent directly to error.jsp and it doesn't even go to error.do. I tried adding some debugging info in error.jsp to see what error is happening, but, although the isErrorPage is set to true, there's no exception object. I went into the Tomcat server.xml and raised the debug level to 4 for both the host and the engine, and still the Tomcat logs does not mention anything about the error that causes the forwarding to error.jsp. I even checked stdout and stderr, nothing. What I can't understand is how the container knows about error.jsp, it's not mentioned anywhere in my web.xml. The only place it's mentioned in is in the struts-config.xml file. I even changed it's name to something else, thinking that maybe error.jsp is some default value or something like index.jsp, but it didn't help. Please, someone help me out here. -Original Message- From: Tim Funk [mailto:[EMAIL PROTECTED] Sent: Wednesday, July 16, 2003 8:24 PM To: Tomcat Users List Subject: Re: Redirect to home page on logon Use a filter. Its container independent. The filter runs on the appropriate (or all) requests and would check if the beans are in the session. If not - redirect. OR If all the pages set an error condition - you might be able to use an error mapping directive in web.xml -Tim Tarek M. Nabil wrote: Hi everyone, I have an application that uses beans stored in the session context. If the user's session times out, he's asked to re-login on his next request. For this, I'm using J2EE security; I'm not doing it myself. After the user is finished with the re-login, he's supposed to complete his request, but the fact that the beans are not in the session anymore produces an error. Unfortunately, those beans are specific to the last request the user made, so I cannot re-initialize them in a listener for session creation. I was wondering if there's a way to configure security so that after the user logs in he's redirected to a certain page instead of being able to continue his last request. I know this can be done manually, but I would have to do it in every web component I have which is really tiresome. Any quick solutions? Any help is appreciated. I'm sorry that this question is not Tomcat specific, but I tried the servlet-interest list and got no responses. Thanks, Tarek M. Nabil - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
login page customization for CMA
Hi, I'm using container manager authentication, and I'm trying to display different messages inside the login page depending on the caller of that page, so if a request is made to the protected resource /account/*, I want to display suitable message to those who want to access account services in the login page, and same to the resource /order/*, but with a different message. The problem is that there is no way I could find to pass a parameter for example from a resource under /account/* to get this behaviour, because this parameter is actually not seen in the login page. I tried to look for where tomcat stores the request before it routes to the login page, but it looks to me that the process is not straight forward, and I need to play around with class loaders to get this info. Can anybody think of a way to implement this without getting into a container specific solution? _ Add photos to your e-mail with MSN 8. Get 2 months FREE*. http://join.msn.com/?page=features/featuredemail - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Can't get SSL client certificate but can get cipher suite and key size??
Hi all, I am using Apache 1.3.27, Tomcat 4.1.24 and mod_jk. Normal connection seems to work well over HTTP and HTTPS but I want to get the client X509 certificate from Apache. I have read the documentation that comes with the connector package and applied the suggestions. I also have a test servlet (distributed on this mailing list a while ago) that tries to read the X509, cipher suite and key size. The test servlet correctly obtains the cipher suite and key size but cannot obtain the client certificate. Catalina.out shows the following error: Starting service Tomcat-Standalone Apache Tomcat/4.1.24 [INFO] Http11Protocol - -Starting Coyote HTTP/1.1 on port 8080 [INFO] ChannelSocket - -JK2: ajp13 listening on 0.0.0.0/0.0.0.0:8009 [INFO] JkMain - -Jk running ID=0 time=1/131 config=/usr/local/apache.org/jakart a/tomcat/jakarta-tomcat-4.1.24/conf/jk2.properties java.security.cert.CertificateException: Unable to initialize, java.io.IOExcepti [INFO] Http11Protocol - -Starting Coyote HTTP/1.1 on port 8080 [INFO] ChannelSocket - -JK2: ajp13 listening on 0.0.0.0/0.0.0.0:8009 [INFO] JkMain - -Jk running ID=0 time=1/131 config=/usr/local/apache.org/jakart a/tomcat/jakarta-tomcat-4.1.24/conf/jk2.properties java.security.cert.CertificateException: Unable to initialize, java.io.IOExcepti on: insufficient data at sun.security.x509.X509CertImpl.init(X509CertImpl.java:147) at sun.security.provider.X509Factory.engineGenerateCertificate(X509Facto ry.java:84) at java.security.cert.CertificateFactory.generateCertificate(Certificate Factory.java:281) at org.apache.jk.server.JkCoyoteHandler.action(JkCoyoteHandler.java:395) at org.apache.coyote.Response.action(Response.java:222) at org.apache.coyote.tomcat4.CoyoteAdapter.postParseRequest(CoyoteAdapte r.java:310) at org.apache.coyote.tomcat4.CoyoteAdapter.service(CoyoteAdapter.java:22 1) at org.apache.jk.server.JkCoyoteHandler.invoke(JkCoyoteHandler.java:261) at org.apache.jk.common.HandlerRequest.invoke(HandlerRequest.java:360) at org.apache.jk.common.ChannelSocket.invoke(ChannelSocket.java:604) at org.apache.jk.common.ChannelSocket.processConnection(ChannelSocket.ja va:562) at org.apache.jk.common.SocketConnection.runIt(ChannelSocket.java:679) at org.apache.tomcat.util.threads.ThreadPool$ControlRunnable.run(ThreadP ool.java:619) at java.lang.Thread.run(Thread.java:479) [ERROR] JkCoyoteHandler - -Certificate convertion failed java.security.cert.Cer tificateException: Unable to initialize, java.io.IOException: insufficient data I haven't changed anything in the default server.xml file for tomcat 4.1.24 - should I? I am using virtual hosts in my httpd.conf Outside virtual hosts I have: ... JkWorkersFile /usr/local/apache/conf/workers.properties JkLogFile /usr/local/apache/logs/mod_jk.log JkLogLevel debug JkExtractSSL On JkOptions +ForwardKeySize +ForwardURICompat +ForwardDirectories ... Inside my virtual host declaration I have: ... SSLOptions +StdEnvVars +ExportCertData JkOptions +ForwardKeySize +ForwardURICompat +ForwardDirectories JkMount /examples/* ajp13 JkExtractSSL On ... I am unsure if I also need the declaration: JkEnvVar SSL_CLIENT_CERT UNSET Here is my workers.properties file in case that is useful: # Define 1 real worker using ajp13 worker.list=ajp13 # Set properties for worker1 (ajp13) worker.ajp13.type=ajp13 worker.ajp13.host=localhost worker.ajp13.port=8009 Thanks in advance. Darren. - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Recycling Tomcat
Sorry, I mis-stated my first problem slightly. Please see below for the correction. - Original Message - From: Rhino To: tomcat-user Sent: Saturday, July 19, 2003 11:51 PM Subject: Recycling Tomcat Hi! We are running Tomcat 4.1.24 on a Mandrake 9.1 Linux box. Occasionally we need to recycle Tomcat and the only way the administrator has found which works is to delete the lock file for Tomcat and then start Tomcat. I have to believe that there is a more elegant way to do it. What I should have said is that the administrator has to delete the lock file manually in order to recycle Tomcat ONLY WHEN TOMCAT HAS CRASHED. The administrator has also told me While there is a restart available it does not work correctly. Essentially it tries to start Tomcat before it is finished stopping it. I can recycle Tomcat by stopping then waiting about a minute then starting Tomcat. Again, as long as Tomcat was running this works fine. I would also love to be able to recycle Tomcat remotely. I am remote from the server but have access to it from SSH, which gives me a secure command line to the server. Can anyone help with suggestions for either problem? Rhino --- rhino1 AT sympatico DOT ca If you want the best seat in the house, you'll have to move the cat.
mod_jk.conf-auto or /auto/mod_jk.conf (J. Turner)?
Hi, never having trouble with Apache 1.3, TomCat 3.x and mod_jk 1.2 - now - after upgrading to TomCat 4.1.24 I do not succeed in configuring the system to be accessible via port 80. I found following web sites that are recommended for getting information about how to integrate mod_jk (jk) with Apache 1.3.x and TomCat 4.x: http://www.johnturner.com/howto/rh72-howto.html and http://jakarta.apache.org/tomcat/tomcat-4.1-doc/jk2/jk/aphowto.html#Installation While under jakarta.apache.org one can read that Include /var/tomcat3/conf/jk/mod_jk.conf-auto ... will tell Apache to use directives in the mod_jk.conf-auto file in the Apache configuration. This file is created by enabling the Apache auto-configuration as described in the Tomcat documentation. .. on John Turner´s web site you find following hint: ... add the following line at the very end: Include /usr/local/tomcat/conf/auto/mod_jk.conf Note: the mod_jk.conf file gets created by Tomcat when Tomcat starts. It gets created every time Tomcat starts. So, if you have your server.xml configured, you can ignore httpd.conf (in most cases) except to add the Include directive for mod_jk.conf. You don't need to create or edit mod_jk.conf. Well - following John´s instructions - I inserted following lines in my server.xml - which btw - is not mentioned with any word under the jakarta howto above: Host ... Listener className=org.apache.ajp.tomcat4.config.ApacheConfig modJk=/usr/local/apache2/modules/mod_jk.so / Server .. Listener className=org.apache.ajp.tomcat4.config.ApacheConfig append=true forwardAll=false modJk=/usr/local/apache2/modules/mod_jk.so / Moreover I commented out following line in the server.xml: Connector className=org.apache.ajp.tomcat4.Ajp13Connector port=8009 minProcessors=5 maxProcessors=75 acceptCount=10 debug=0/ and disabled those lines: Connector className=org.apache.coyote.tomcat4.CoyoteConnector port=8009 minProcessors=5 maxProcessors=75 enableLookups=true redirectPort=8443 acceptCount=10 debug=0 connectionTimeout=0 useURIValidationHack=false protocolHandlerClassName=org.apache.jk.server.JkCoyoteHandler/ because they refer to the same port 8009 like the org.apache.ajp.tomcat4.Ajp13Connector class. (IS that correct? I only want to use jk and NOT jk2 - but nevertheless I find following line in the catalina.log after starting TomCat 4.1.24 - [INFO] Http11Protocol - -Starting Coyote HTTP/1.1 on port 8180 - Isn´t Coyote the synonym for jk2 ?): Starting TomCat 4.1.24 results in being able to access the example servlets via www.MyHost.com:8180. Under /usr/local/jakarta-tomcat4.1/conf/auto/ a file mod_jk.conf is created (so neither conf/jk/mod_jk.conf-auto NOR conf/auto/mod_jk.conf ) but without any text - it is empty. Hence I cannot tell Apache via the httpd.conf to include an empty mod_jk.conf. Why are there those different descriptions going around? And does anybody know how I can make my system produce a mod_jk.conf file for including it in Apache? Thanks and best regards Volker - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: mod_jk.conf-auto or /auto/mod_jk.conf (J. Turner)?
Coyote is not synonym for jk2, its just the new Tomcat Connector name, which you can use for HTTP (as in your case on port 8180), and AJP13 connections for both mod_jk 1 and 2 (on 8009 with protocolHandlerClassName=org.apache.jk.server.JkCoyoteHandler). See http://jakarta.apache.org/tomcat/tomcat-4.1-doc/config/connectors.html for a list. So everything should be all right. At 15:25 20.07.2003 +0200, you wrote: Hi, never having trouble with Apache 1.3, TomCat 3.x and mod_jk 1.2 - now - after upgrading to TomCat 4.1.24 I do not succeed in configuring the system to be accessible via port 80. I found following web sites that are recommended for getting information about how to integrate mod_jk (jk) with Apache 1.3.x and TomCat 4.x: http://www.johnturner.com/howto/rh72-howto.html and http://jakarta.apache.org/tomcat/tomcat-4.1-doc/jk2/jk/aphowto.html#Installation While under jakarta.apache.org one can read that Include /var/tomcat3/conf/jk/mod_jk.conf-auto ... will tell Apache to use directives in the mod_jk.conf-auto file in the Apache configuration. This file is created by enabling the Apache auto-configuration as described in the Tomcat documentation. .. on John Turner´s web site you find following hint: ... add the following line at the very end: Include /usr/local/tomcat/conf/auto/mod_jk.conf Note: the mod_jk.conf file gets created by Tomcat when Tomcat starts. It gets created every time Tomcat starts. So, if you have your server.xml configured, you can ignore httpd.conf (in most cases) except to add the Include directive for mod_jk.conf. You don't need to create or edit mod_jk.conf. Well - following John´s instructions - I inserted following lines in my server.xml - which btw - is not mentioned with any word under the jakarta howto above: Host ... Listener className=org.apache.ajp.tomcat4.config.ApacheConfig modJk=/usr/local/apache2/modules/mod_jk.so / Server .. Listener className=org.apache.ajp.tomcat4.config.ApacheConfig append=true forwardAll=false modJk=/usr/local/apache2/modules/mod_jk.so / Moreover I commented out following line in the server.xml: Connector className=org.apache.ajp.tomcat4.Ajp13Connector port=8009 minProcessors=5 maxProcessors=75 acceptCount=10 debug=0/ and disabled those lines: Connector className=org.apache.coyote.tomcat4.CoyoteConnector port=8009 minProcessors=5 maxProcessors=75 enableLookups=true redirectPort=8443 acceptCount=10 debug=0 connectionTimeout=0 useURIValidationHack=false protocolHandlerClassName=org.apache.jk.server.JkCoyoteHandler/ because they refer to the same port 8009 like the org.apache.ajp.tomcat4.Ajp13Connector class. (IS that correct? I only want to use jk and NOT jk2 - but nevertheless I find following line in the catalina.log after starting TomCat 4.1.24 - [INFO] Http11Protocol - -Starting Coyote HTTP/1.1 on port 8180 - Isn´t Coyote the synonym for jk2 ?): Starting TomCat 4.1.24 results in being able to access the example servlets via www.MyHost.com:8180. Under /usr/local/jakarta-tomcat4.1/conf/auto/ a file mod_jk.conf is created (so neither conf/jk/mod_jk.conf-auto NOR conf/auto/mod_jk.conf ) but without any text - it is empty. Hence I cannot tell Apache via the httpd.conf to include an empty mod_jk.conf. Why are there those different descriptions going around? And does anybody know how I can make my system produce a mod_jk.conf file for including it in Apache? Thanks and best regards Volker - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: mod_jk.conf-auto or /auto/mod_jk.conf (J. Turner)?
Simon Pabst schrieb: Coyote is not synonym for jk2, its just the new Tomcat Connector name, which you can use for HTTP (as in your case on port 8180), and AJP13 connections for both mod_jk 1 and 2 (on 8009 with protocolHandlerClassName=org.apache.jk.server.JkCoyoteHandler). See http://jakarta.apache.org/tomcat/tomcat-4.1-doc/config/connectors.html for a list. So everything should be all right. Hi Simon, thanks for you answer - I did not see that I can use Coyote for mod_jk (jk1) too. So I will enable those lines: !-- Define a Coyote/JK2 AJP 1.3 Connector -- Connector className=org.apache.coyote.tomcat4.CoyoteConnector port=8009 minProcessors=5 maxProcessors=75 enableLookups=true redirectPort=8443 acceptCount=10 debug=0 connectionTimeout=0 useURIValidationHack=false protocolHandlerClassName=org.apache.jk.server.JkCoyoteHandler/ and d i s a b l e following ones: !-- Define an AJP 1.3 Connector on port 8009 -- Connector className=org.apache.ajp.tomcat4.Ajp13Connector port=8009 minProcessors=5 maxProcessors=75 acceptCount=10 debug=0/ Regards Volker - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: mod_jk.conf-auto or /auto/mod_jk.conf (J. Turner)?
Simon Pabst schrieb: Coyote is not synonym for jk2, its just the new Tomcat Connector name, which you can use for HTTP (as in your case on port 8180), and AJP13 connections for both mod_jk 1 and 2 (on 8009 with protocolHandlerClassName=org.apache.jk.server.JkCoyoteHandler). See http://jakarta.apache.org/tomcat/tomcat-4.1-doc/config/connectors.html for a list. So everything should be all right. Hi, 2 listener elements in the server.xml were reversed. After correcting this the auto-config (mod_jk.conf) is generated. NOW the mod_jk.conf is generated automatically under /usr/local/jakarta-tomcat4.1/conf/auto like you describe. catalina.out shows following: [INFO] Registry - -Loading registry information [INFO] Registry - -Creating new Registry instance [INFO] Registry - -Creating MBeanServer [INFO] Http11Protocol - -Initializing Coyote HTTP/1.1 on port 8180 Starting service Tomcat-Standalone Apache Tomcat/4.1.24 [INFO] Http11Protocol - -Starting Coyote HTTP/1.1 on port 8180 [INFO] ChannelSocket - -JK2: ajp13 listening on 0.0.0.0/0.0.0.0:8009 [INFO] JkMain - -Jk running ID=0 time=1/80 config=/usr/local/jakarta-tomcat4.1/conf/jk2.properties So obviously jk seems to be initialized - I hope (Jk running ...)! Unfortunately restarting the apache server to make him include the mod_jk.conf does not result in being able to access the servlets now via port 80. Port 8180 access (www.MyDomain.com:8180/examples/servlets) does still work. Apache´s error.log shows following when I try to access www.MyDomain.com:80/examples/servlets [Sun Jul 20 14:38:08 2003] [notice] caught SIGTERM, shutting down [Sun Jul 20 14:38:09 2003] [notice] Apache/1.3.27 OpenSSL/0.9.7 (Unix) mod_jk/1.2.3 configured -- resuming normal operations [Sun Jul 20 14:38:09 2003] [notice] suEXEC mechanism enabled (wrapper: /usr/local/apache/bin/suexec) [Sun Jul 20 14:38:09 2003] [notice] Accept mutex: flock (Default: flock) [Sun Jul 20 14:38:23 2003] [error] [client 200.234.162.51] File does not exist: /usr/local/apache/htdocs/examples/servlets/ mod_jk.log is created under /tomcat/logs - but it is empty. Does anyone have a further hint or idea why I still cannot access the servlets via port 80? Thanks and regards Volker - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
application initParameters disappearing (or overwritten)
Hi, I'm experience something completely mysterious and I'm sure I'm doing something wrong -- the question is what?. I've set some init parameters in server.xml as follows: Context ... Parameter name=creditcard.store_id value=xxx / Parameter name=creditcard.api_token value=yyy / /Context ... and in my JSP page, I have the following code: String store_id = (String)application.getInitParameter(creditcard.store_id); session.setAttribute(creditcard.store_id, store_id); String api_token = (String)application.getInitParameter(creditcard.api_token); session.setAttribute(creditcard.api_token, api_token); Occasionally when I load the JSP page the init parameters have the correct values but sometimes they contain null. What would cause the parameters to be overwritten? Thanks, Gil - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re[2]: (How to) Tomcat as a Linux service
Hello All! AW to the original subject: have not used it myself, but looks like jakarta-commons/sandbox has a daemon subproject that may also provide usefull support code. -Anton - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: mod_jk.conf-auto or /auto/mod_jk.conf (J. Turner)?
Seems like your JkMount isn't working, since the error comes from Apache, what does the auto generated mod_jk.conf look like? At 17:15 20.07.2003 +0200, you wrote: Simon Pabst schrieb: Coyote is not synonym for jk2, its just the new Tomcat Connector name, which you can use for HTTP (as in your case on port 8180), and AJP13 connections for both mod_jk 1 and 2 (on 8009 with protocolHandlerClassName=org.apache.jk.server.JkCoyoteHandler). See http://jakarta.apache.org/tomcat/tomcat-4.1-doc/config/connectors.html for a list. So everything should be all right. Hi, 2 listener elements in the server.xml were reversed. After correcting this the auto-config (mod_jk.conf) is generated. NOW the mod_jk.conf is generated automatically under /usr/local/jakarta-tomcat4.1/conf/auto like you describe. catalina.out shows following: [INFO] Registry - -Loading registry information [INFO] Registry - -Creating new Registry instance [INFO] Registry - -Creating MBeanServer [INFO] Http11Protocol - -Initializing Coyote HTTP/1.1 on port 8180 Starting service Tomcat-Standalone Apache Tomcat/4.1.24 [INFO] Http11Protocol - -Starting Coyote HTTP/1.1 on port 8180 [INFO] ChannelSocket - -JK2: ajp13 listening on 0.0.0.0/0.0.0.0:8009 [INFO] JkMain - -Jk running ID=0 time=1/80 config=/usr/local/jakarta-tomcat4.1/conf/jk2.properties So obviously jk seems to be initialized - I hope (Jk running ...)! Unfortunately restarting the apache server to make him include the mod_jk.conf does not result in being able to access the servlets now via port 80. Port 8180 access (www.MyDomain.com:8180/examples/servlets) does still work. Apache´s error.log shows following when I try to access www.MyDomain.com:80/examples/servlets [Sun Jul 20 14:38:08 2003] [notice] caught SIGTERM, shutting down [Sun Jul 20 14:38:09 2003] [notice] Apache/1.3.27 OpenSSL/0.9.7 (Unix) mod_jk/1.2.3 configured -- resuming normal operations [Sun Jul 20 14:38:09 2003] [notice] suEXEC mechanism enabled (wrapper: /usr/local/apache/bin/suexec) [Sun Jul 20 14:38:09 2003] [notice] Accept mutex: flock (Default: flock) [Sun Jul 20 14:38:23 2003] [error] [client 200.234.162.51] File does not exist: /usr/local/apache/htdocs/examples/servlets/ mod_jk.log is created under /tomcat/logs - but it is empty. Does anyone have a further hint or idea why I still cannot access the servlets via port 80? Thanks and regards Volker - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
per-context classpaths?
Hello, Is it possible to have different classpaths based on context definitions in server.xml? I'm asking because I have an 3rd-party JAR file which comes in two versions: testing and production. Unfortunately the vendor has named both JAR files the same -- it's just the classes inside that are different. I'd like to install them in different directories for each virtual host (test and production) and use the classpath to differentiate them. Are there any better suggestions as to how to approach this? Thanks, Gil - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: per-context classpaths?
You could setup a test instance of tomcat and a production instance. That's how we distinguish between test jar files and prod ones. Peter -- Peter Smith Software Engineer InfoNow Corporation From: Gil Hauer [EMAIL PROTECTED] Reply-To: Tomcat Users List [EMAIL PROTECTED] Date: 20 Jul 2003 14:33:23 -0400 To: [EMAIL PROTECTED] Subject: per-context classpaths? Hello, Is it possible to have different classpaths based on context definitions in server.xml? I'm asking because I have an 3rd-party JAR file which comes in two versions: testing and production. Unfortunately the vendor has named both JAR files the same -- it's just the classes inside that are different. I'd like to install them in different directories for each virtual host (test and production) and use the classpath to differentiate them. Are there any better suggestions as to how to approach this? Thanks, Gil - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: per-context classpaths?
Sure thing, just use two different directories for the test and production webapp and put the jar files in /path/to/webapp-test/WEB-INF/lib and /path/to/webapp-prod/WEB-INF/lib and use two different Contexts: Context path=/test docBase=/path/to/webapp-test ... Context path=/prod docBase=/path/to/webapp-prod ... At 14:33 20.07.2003 -0400, you wrote: Hello, Is it possible to have different classpaths based on context definitions in server.xml? I'm asking because I have an 3rd-party JAR file which comes in two versions: testing and production. Unfortunately the vendor has named both JAR files the same -- it's just the classes inside that are different. I'd like to install them in different directories for each virtual host (test and production) and use the classpath to differentiate them. Are there any better suggestions as to how to approach this? Thanks, Gil - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: mod_jk.conf-auto or /auto/mod_jk.conf (J. Turner)?
Simon Pabst schrieb: Seems like your JkMount isn't working, since the error comes from Apache, what does the auto generated mod_jk.conf look like? Hi Simon, thank you very much for your help! Meanwhile I am a little bit desperate. The generated mod_jk.conf is at the end of that posting! Under /conf/jk a workers.properties is located with that content: worker.list=ajp13 worker.ajp13.port=8009 worker.ajp13.host=localhost worker.ajp13.type=ajp13 After starting TomCat 4.1.24 I get following output in /tomcat/logs/catalina.out: [INFO] Registry - -Loading registry information [INFO] Registry - -Creating new Registry instance [INFO] Registry - -Creating MBeanServer [INFO] Http11Protocol - -Initializing Coyote HTTP/1.1 on port 8080 Starting service Tomcat-Standalone Apache Tomcat/4.1.24 [INFO] Http11Protocol - -Starting Coyote HTTP/1.1 on port 8080 [INFO] ChannelSocket - -JK2: ajp13 listening on 0.0.0.0/0.0.0.0:8009 [INFO] JkMain - -Jk running ID=0 time=1/84 config=/usr/local/jakarta-tomcat4.1/conf/jk2.properties I do not understand what is happening here with jk2.properties because I want to use mod_jk (jk1) and NOT jk2. BTW all lines in jk2.properties are disabled. Apache´s error_log (after restarting apache) shows: [Sun Jul 20 19:19:08 2003] [notice] caught SIGTERM, shutting down [Sun Jul 20 19:19:09 2003] [notice] Apache/1.3.27 OpenSSL/0.9.7 (Unix) mod_jk/1.2.3 configured -- resuming normal operations [Sun Jul 20 19:19:09 2003] [notice] suEXEC mechanism enabled (wrapper: /usr/local/apache/bin/suexec) [Sun Jul 20 19:19:09 2003] [notice] Accept mutex: flock (Default: flock) Trying to access http://www.MyDomain.net:8080/examples/jsp/num/numguess.jsp works correctly. But trying it via port 80 always fails! Apache´s error_log shows following line: [Sun Jul 20 19:20:18 2003] [error] [client 217.234.160.236] File does not exist: /usr/local/apache/htdocs/examples/jsp/num/numguess.jsp I do not have the slightes notion why port access via 80 does not work!? Thanks a lot and best regards Volker generated mod_jk.conf (is included via Include /usr/local/tomcat/conf/auto/mod_jk.conf at the end of httpd.conf -- ## Auto generated on Sun Jul 20 19:22:52 GMT+00:00 2003## IfModule !mod_jk.c LoadModule jk_module /usr/local/apache/modules/mod_jk.so /IfModule JkWorkersFile /usr/local/jakarta-tomcat4.1/conf/jk/workers.properties JkLogFile /usr/local/jakarta-tomcat4.1/logs/mod_jk.log JkLogLevel emerg VirtualHost localhost ServerName localhost localhost:/examples # Static files Alias /examples /usr/local/jakarta-tomcat4.1/webapps/examples Directory /usr/local/jakarta-tomcat4.1/webapps/examples Options Indexes FollowSymLinks DirectoryIndex index.html index.htm index.jsp /Directory # Deny direct access to WEB-INF and META-INF # Location /examples/WEB-INF/* AllowOverride None deny from all /Location Location /examples/META-INF/* AllowOverride None deny from all /Location JkMount /examples/jsp/security/protected/j_security_check ajp13 JkMount /examples/snoop ajp13 JkMount /examples/CompressionTest ajp13 JkMount /examples/servlet/* ajp13 JkMount /examples/*.jsp ajp13 JkMount /examples/servletToJsp ajp13 JkMount /examples/SendMailServlet ajp13 localhost:/webdav # Static files Alias /webdav /usr/local/jakarta-tomcat4.1/webapps/webdav Directory /usr/local/jakarta-tomcat4.1/webapps/webdav Options Indexes FollowSymLinks DirectoryIndex index.jsp index.html index.htm /Directory # Deny direct access to WEB-INF and META-INF # Location /webdav/WEB-INF/* AllowOverride None deny from all /Location Location /webdav/META-INF/* AllowOverride None deny from all /Location JkMount /webdav/*.jsp ajp13 localhost:/tomcat-docs # Static files Alias /tomcat-docs /usr/local/jakarta-tomcat4.1/webapps/tomcat-docs Directory /usr/local/jakarta-tomcat4.1/webapps/tomcat-docs Options Indexes FollowSymLinks DirectoryIndex index.html index.htm index.jsp /Directory # Deny direct access to WEB-INF and META-INF # Location /tomcat-docs/WEB-INF/* AllowOverride None deny from all /Location Location /tomcat-docs/META-INF/* AllowOverride None deny from all /Location JkMount /tomcat-docs/*.jsp ajp13 localhost:/manager # Static files Alias /manager /usr/local/jakarta-tomcat4.1/webapps/../server/webapps/manager Directory /usr/local/jakarta-tomcat4.1/webapps/../server/webapps/manager Options Indexes FollowSymLinks DirectoryIndex index.html index.htm index.jsp
Re: Solved!
Volker schrieb: Simon Pabst schrieb: Seems like your JkMount isn't working, since the error comes from Apache, what does the auto generated mod_jk.conf look like? Hi, Ir e m o v e d following entry in the generated mod_jk.conf - and now - I can access the servlets via both port 8080 and 80: VirtualHost xxx.yyy.com ServerName xxx.yyy.com I replaced xxx.yyy.com with my server´s name before (and localhost) - both without success. Obviously it does not work if you already have a corresponding virtual host entry in the httpd.conf. Thanks again and best regards Volker - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: (How to) Tomcat as a Linux service
Check my HOWTO site: http://daydream.stanford.edu/tomcat/install_web_services.html You'll see in my table of contents about setting up a linux service (daemon). I provide everything there, such as the script and how to set up everything. I even provide a status command in the script that tells you many tomcat processes are running and their PIDs. I use RH 7.3, but it will work well on any RH version, and other Linux distributions. If you have any problems let me know. Oscar On Fri, 18 Jul 2003, Jose Euclides da Silva Junior - DATAPREVRJ wrote: Hi everybody, where can i find tips about how to make TomCat be a Linux's service? Regards, Euclides. - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Solved!
If you put the proper ServerName in server.xml instead of localhost it should work too (unless of course you ain't got the same VirtualHost/ServerName a second time in httpd.conf), besides you should save the changed mod_jk.conf elsewhere, because Tomcat could overwrite it. IMO the auto-generated mod_jk.conf is only good for learning the proper setup anyway ;-) At 22:45 20.07.2003 +0200, you wrote: Volker schrieb: Simon Pabst schrieb: Seems like your JkMount isn't working, since the error comes from Apache, what does the auto generated mod_jk.conf look like? Hi, Ir e m o v e d following entry in the generated mod_jk.conf - and now - I can access the servlets via both port 8080 and 80: VirtualHost xxx.yyy.com ServerName xxx.yyy.com I replaced xxx.yyy.com with my server´s name before (and localhost) - both without success. Obviously it does not work if you already have a corresponding virtual host entry in the httpd.conf. Thanks again and best regards Volker - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: tomcat+apache
Dear John, you mean i need try to edit the mod_jk.conf? but i remember that it so need to define another virtual host in Apache's httpd.conf?? so what i need to do now?i am very new in Linux...HELP ME!! Frankie You mean aside from the extensive documentation available at the Apache site (http://httpd.apache.org/docs-2.0/vhosts/)? You could try here: http://www.johnturner.com/howto/mod_jk_conf.html John On Fri, 18 Jul 2003 20:52:37 +0800, frankie [EMAIL PROTECTED] wrote: then how to define the virtual host in apache?any example? That's only half the solution, you'll also need to define another virtual host in Apache's httpd.conf. John On Fri, 18 Jul 2003 10:41:16 +0200, Samuel Le Berrigaud [EMAIL PROTECTED] wrote: I think you have only one virtual host in your Tomcat server.xml file Host name=localhost debug=0 appBase=webapps unpackWARs=true autoDeploy=true /Host you should add one with the name coresponding with your IP address like : Host name=10.0.0.1 debug=0 appBase=webapps unpackWARs=true autoDeploy=true /Host I think then it will work... regards, SaM frankie wrote: Dear all, i can build the mod_jk and setup the apache + tomcat + j2sdk+mysql+jdbc sucessfully,now i still have some problems want to ask you!! when i testing the server in local,i can access the jsp file without specific the port number, for example:http://localhost/examples/jsp/index.htm when i use other computer to test it , it cannot access the jsp file for example:http://10.0.0.1/examples/jsp/index,htm(can not access!!) but if specific the port 8080,it can works!! for example:http://10.0.0.1:8080/examples/jsp/index.htm(can access) Also the apache is work,i can see the apache welcome page if i type http://10.0.0.1 regards,Frankie -- Webmail - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] -- Using M2, Opera's revolutionary e-mail client: http://www.opera.com/m2/ - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] -- Webmail - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] -- Using M2, Opera's revolutionary e-mail client: http://www.opera.com/m2/ - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] -- Webmail - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
How to assign a context to a web application manually?
Hi, Where can I find information about Context? Currently I am using Sun ONE studio to assign context to a web application. But, how to assign a context to a web application manually? From the list, I found that by using Context element we can achieve that, but I am using Tomcat4.1.24 bundled with Jboss3.2.1. Please help me!! Thanks in advance. Naveen SMS using the Yahoo! Messenger;Download latest version.
Not finding my servlet ....
Hi All, I have Tomcat installed and running. I'm trying to get it to see a test sevlet but it can't seem to find it. I started looking at the example code that comes with the 4.1.24 release. I can call the HelloWorldExample servlet from my html code and it executes fine. I went through all of the configuration (.xml) files to see how this works and couldn't find HelloWorldExample anywhere. I assumed I entered my servlet in my web.xml incorrectly but now I'm confused since I can't find the example servlet in a .xml file. Can anyone shed some light? Thanks much ... Jeff seera naveen wrote: Hi, Where can I find information about Context? Currently I am using Sun ONE studio to assign context to a web application. But, how to assign a context to a web application manually? From the list, I found that by using Context element we can achieve that, but I am using Tomcat4.1.24 bundled with Jboss3.2.1. Please help me!! Thanks in advance. Naveen SMS using the Yahoo! Messenger;Download latest version. - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Virtual Host: Host Name seems to have to be www or nothing at all. Please help.
Hello, I'm using tomcat 5.0. I seem to be having a problem with virtual hosts. I am running one virtual host called www.cltractor.com and that seems to be running fine. I also setup a virtual host called axonware.redirectme.net. I was going to use this free domain name with forwarding and maskingwell you get the point. But, axonware.redirectme.net only hits my main localhost. It's almost as if Tomcat can't figure out that it is a host name or a host (virtual host). If I setup a virtual host called www.redirectme.net and to test it go to my hosts file and add the line 192.168.1.10 www.redirectme.net then this will work fine and dandy, but again if I'm using axonware.redirectme.net it will not. Host file reads 192.168.1.10 axonware.redirectme.net and I have a Virtual Host setup in Tomcat 5.0 named the same. I am using only Tomcat 5.0. I am not using Apache Httpd. Thank you for your time, Wade Chandler [EMAIL PROTECTED]
How to map different webapps to two IIS web sites
Hello, How can I allow one web site managed by IIS to access one webapp on Tomcat and have another web site managed by IIS on the same server (i.e. same instance of IIS) access a different webapp on the same Tomcat instance? I have two webapps running on the same Tomcat server at a client's site. The customer wants both on the Internet accessed via two different web sites defined in IIS. One of the web sites needs to be secure using SSL with a CA certificate and users have to login to it. The other is for public access without a login or secure connections. The customer would like to configure the IIS web site with the certificate and SSL rather than configuring Tomcat as such. They want only the server that is running IIS to be directly on the Internet and they want Tomcat to run on a separate server so that Tomcat doesn't slow down the machine running IIS. As far as I can tell, the IIS plugin for Tomcat (isapi_redirector.dll) is configured via Windows registry settings that allow only one workers.properties file and one uriworkermap.properties per physical server. So, I wonder if this is actually possible. On the other hand, surely I'm not the first to need to configure it like this. I can easily add both uri's to the uriworkermap.properties file, but I believe this makes both uri's accessible to both IIS web sites. Nathan
trouble precompiling JSPs
Hello, I'm having some difficulty pre-compiling my JSPs. Could anyone give some insight into this? I type: jspc -d d:/psx_apps/WEB_INF d:\Projects\PSX_Gotter_2\CheckStatus.jsp and I get: Exception in thread main java.lang.ArrayIndexOutOfBoundsException: 3 at org.apache.jasper.JspC.locateUriRoot(JspC.java:628) at org.apache.jasper.JspC.execute(JspC.java:759) at org.apache.jasper.JspC.main(JspC.java:823) Any ideas anyone? -- Developer Greenfield Research Inc. atreya(AT)greenfieldresearch(DOT)ca (902)422-9426 - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Can't get SSL client certificate but can get cipher suite and key size??
It's a well-known bug in TC 4.1.18-4.1.24. See http://nagoya.apache.org/bugzilla/show_bug.cgi?id=15790 for more details. The 4.1.26 release should be coming out later this month with a fix for this. Darren Marvin [EMAIL PROTECTED] wrote in message news:[EMAIL PROTECTED] .ac.uk... Hi all, I am using Apache 1.3.27, Tomcat 4.1.24 and mod_jk. Normal connection seems to work well over HTTP and HTTPS but I want to get the client X509 certificate from Apache. I have read the documentation that comes with the connector package and applied the suggestions. I also have a test servlet (distributed on this mailing list a while ago) that tries to read the X509, cipher suite and key size. The test servlet correctly obtains the cipher suite and key size but cannot obtain the client certificate. Catalina.out shows the following error: Starting service Tomcat-Standalone Apache Tomcat/4.1.24 [INFO] Http11Protocol - -Starting Coyote HTTP/1.1 on port 8080 [INFO] ChannelSocket - -JK2: ajp13 listening on 0.0.0.0/0.0.0.0:8009 [INFO] JkMain - -Jk running ID=0 time=1/131 config=/usr/local/apache.org/jakart a/tomcat/jakarta-tomcat-4.1.24/conf/jk2.properties java.security.cert.CertificateException: Unable to initialize, java.io.IOExcepti [INFO] Http11Protocol - -Starting Coyote HTTP/1.1 on port 8080 [INFO] ChannelSocket - -JK2: ajp13 listening on 0.0.0.0/0.0.0.0:8009 [INFO] JkMain - -Jk running ID=0 time=1/131 config=/usr/local/apache.org/jakart a/tomcat/jakarta-tomcat-4.1.24/conf/jk2.properties java.security.cert.CertificateException: Unable to initialize, java.io.IOExcepti on: insufficient data at sun.security.x509.X509CertImpl.init(X509CertImpl.java:147) at sun.security.provider.X509Factory.engineGenerateCertificate(X509Facto ry.java:84) at java.security.cert.CertificateFactory.generateCertificate(Certificate Factory.java:281) at org.apache.jk.server.JkCoyoteHandler.action(JkCoyoteHandler.java:395) at org.apache.coyote.Response.action(Response.java:222) at org.apache.coyote.tomcat4.CoyoteAdapter.postParseRequest(CoyoteAdapte r.java:310) at org.apache.coyote.tomcat4.CoyoteAdapter.service(CoyoteAdapter.java:22 1) at org.apache.jk.server.JkCoyoteHandler.invoke(JkCoyoteHandler.java:261) at org.apache.jk.common.HandlerRequest.invoke(HandlerRequest.java:360) at org.apache.jk.common.ChannelSocket.invoke(ChannelSocket.java:604) at org.apache.jk.common.ChannelSocket.processConnection(ChannelSocket.ja va:562) at org.apache.jk.common.SocketConnection.runIt(ChannelSocket.java:679) at org.apache.tomcat.util.threads.ThreadPool$ControlRunnable.run(ThreadP ool.java:619) at java.lang.Thread.run(Thread.java:479) [ERROR] JkCoyoteHandler - -Certificate convertion failed java.security.cert.Cer tificateException: Unable to initialize, java.io.IOException: insufficient data I haven't changed anything in the default server.xml file for tomcat 4.1.24 - should I? I am using virtual hosts in my httpd.conf Outside virtual hosts I have: ... JkWorkersFile /usr/local/apache/conf/workers.properties JkLogFile /usr/local/apache/logs/mod_jk.log JkLogLevel debug JkExtractSSL On JkOptions +ForwardKeySize +ForwardURICompat +ForwardDirectories ... Inside my virtual host declaration I have: ... SSLOptions +StdEnvVars +ExportCertData JkOptions +ForwardKeySize +ForwardURICompat +ForwardDirectories JkMount /examples/* ajp13 JkExtractSSL On ... I am unsure if I also need the declaration: JkEnvVar SSL_CLIENT_CERT UNSET Here is my workers.properties file in case that is useful: # Define 1 real worker using ajp13 worker.list=ajp13 # Set properties for worker1 (ajp13) worker.ajp13.type=ajp13 worker.ajp13.host=localhost worker.ajp13.port=8009 Thanks in advance. Darren. - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]