Jojo Paderes wrote:
I'm looking for some decent documentation and technical reference on
how to configure Tomcat's SSL cipher. Say for example I want Tomcat to
support a specific SSL cipher suite like Triple DES. Hope someone has done
something like this already.
I'm using Tomcat 5.5 btw.
See
this:
...
user username=CN=Mark Thomas, OU=Jakarta, O=Apache, L=London,
ST=London, C=GB password=null roles=tomcat,certs/
...
HTH
Mark
Pascal Chanteux wrote:
Hi ,
I want to configure Tomcat/4.1.27 in order to use the client
certificate authentication. I first set up the SSL connector
Tomcat version?
Mark
Chris Abajian wrote:
More clues:
We got it to work if you put
Context path= docBase=webapps/our unpacked war file dir
in the top-level server.xml file. It does NOT work if you put this
context fragment in $CATALINA_HOME/conf/Catalina/localhost
the documentation on
The problem you describe is true of any session tracking system running
over http. The solution is to use https.
However, here's a question to fire back at your security team:
If you are worried about an attacker physically looking at a session ID
on a user's screen, what about if they decide
CATALINA_BASE\server\webapps\admin\login.jsp
ohaya wrote:
Hi,
When connecting to the Tomcat Admin webapp, a forms-based login page
appears. The web.xml for admin has a login-config section that
indicates that the login page is /login.jsp.
However, I've looked all over my hard drive, and
I'd be happy to look at this but for me to stand any chance of fixing it
you would need to provide a minimal webapp that reproduced the problem.
Ideally the problem should occur for every request but every few
requests is OK as well.
Given that it happens every few minutes at the moment it
The short answers are:
1. No
2. No
The longer answer is:
This is categorically *not* a security issue with Tomcat. I have tested
this and Tomcat continues to operate correctly after a request with a
very long host header. This looks to me like an issue with your daemon.
And a few tips for
This looks like bug 25899
(http://issues.apache.org/bugzilla/show_bug.cgi?id=25899) which has been
fixed in CVS and will be included in the next 4.1.x release.
Note that whilst I envisage that there will be a 4.1.32 release at some
point, I have date in mind at present.
Mark
李彦东 wrote:
Mandar Vaidya wrote:
Is there any way to define SSLCipherSuite under Tomcat 5.5.9 ( without
Apache ) ?
See http://jakarta.apache.org/tomcat/tomcat-5.5-doc/config/http.html
You want the ciphers attribute.
Mark
-
To
Mandar Vaidya wrote:
Thank you Mark...under connector section, I've included
ciphers=ALL:!ADH:!aNULL:!eNULL:!LOW:!EXP:RC4+RSA:+HIGH:+MEDIUM
Will this work ?
I don't think so. The ciphers need to be named as per the cipher suites
in JSSE. See
Create an as simple as possible JSP that demonstrates this problem. It
should be simple enough to post the JSP to the list.
Mark
Kannan Shastri wrote:
Hi,
I am running a JSF application on Tomcat 5.0.25...the problem is, i
need to redirect using response.sendRedirect(url) , and i am
Cope, Jared wrote:
I was wondering if it is possible to apply some webapp security that will
kick in for connections made from a certain IP range, and will not kick in
for another set of IP ranges.
How about:
- deploy the app twice under different contexts
- use a remote address filter valve
This is an axis configuration/installation issue.
Mark
[EMAIL PROTECTED] wrote:
I'm using Axis in Tomcat, and when I deploy and call the simple EchoAttachments service I
get an exception with text No support for attachments
Looking at the axis code, this excpetion ocurs because when the
Have a look at
http://jakarta.apache.org/tomcat/tomcat-4.1-doc/config/connectors.html
for an overview of the different type of connectors. You need the web
server type rather than the HTTP type.
You should use the mod_jk with Apache.
The errors are almost certainly 404s in response to the browser's
request for favicon.ico every time you request a page. The Tomcat distro
does not include a favicon.ico hence the 404 response.
Mark
Annie Wang wrote:
whenever i access any web application deployed on tomcat, i notice that
BATCHELOR, SCOTT (CONTRACTOR) wrote:
Has anyone been successful in this?
Yes. Regularly. 4.1.x, 5.0.x and 5.5.x
Mark
-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
Message-
From: Mark Thomas [mailto:[EMAIL PROTECTED]
Sent: Monday, June 27, 2005 2:08 PM
To: Tomcat Users List
Subject: Re: Building tomcat-connectors with ANT
BATCHELOR, SCOTT (CONTRACTOR) wrote:
Has anyone been successful in this?
Yes. Regularly. 4.1.x, 5.0.x and 5.5.x
Mark
something? It was my understanding that using
mod_jk-1-2-10.so was the same thing as using the ajp connector?
Am I completely misinformed in this?
-SB
-Original Message-
From: Mark Thomas [mailto:[EMAIL PROTECTED]
Sent: Monday, June 27, 2005 3:08 PM
To: Tomcat Users List
Subject: Re
The JVM parameter file.encoding is only intended to be read only. Some
platforms/JVM versions let you change it but not all.
Mark
Mario Ivankovits wrote:
Hi!
I must have missed something.
Given scenario:
A linux system running with ISO encoding.
Java and Tomcat configured to use UTF-8
/servlet-name
url-pattern/*/url-pattern
/servlet-mapping
But that didn't help. I am not that familiar with tomcat configuration
settings. If I am doing something wrong, please correct me. Any help would
be greatly appreciated.
Thanks
Sheeba
-Original Message-
From: Mark Thomas
We are having some problems with our mail server at the moment.
You may receive a message that your message has not been sent when in
fact it has. Whilst this problem is ongoing please refrain from sending
the same message repeatedly as this just makes things worse.
The infrastructure team
What URL mapping are you using? For MS clients /* works better than /.
Mark
Padmanabhan, Sheeba wrote:
Our Webdav Server works fine with Tomcat 4.0. But when it is configured to
use it through Tomcat 5.0, it just won't work. The Webfolders, Office
Appilications - all are failing. Am I missing
I think the two are unrelated although I'll be happy if that isn't the
case ;)
I have blocked the ultralingua address so these messages should be no more.
It is worth noting that I never received a message from ultralingua
although I post to the list several times a day. The lesson here is if
You are not the first to see this. I am not sure what is going on and I
have raised it with the infrastructure team. For now, subscribers can
ignore these messages.
Mark
[EMAIL PROTECTED]
Markus Schönhaber wrote:
Hello!
I recieved this message even though I am subscribed to the Tomcat Users
If you have to know and don't care about the performance impact you can
always do:
System.gc();
Runtime.freeMemory();
It's not pretty and I don't recommend doing it but it should give you
the answer you are looking for.
Mark
Charl Gerber wrote:
So there is no way to determine how much
Gagnon, Joseph M (US SSA) wrote:
snip
2. I have placed a WEB-INF directory under my test application
directory ([tomcat install dir]/webapps/ROOT/SPID_JSP) and put a web.xml
file in it. (SPID_JSP is where the JSP and HTML files reside.)
snip
You will need to fix this before anything
[EMAIL PROTECTED] wrote:
I recently downloaded the latest jakarta-tomcat-5.5.9.tar.gz installation files
and set them up, but I can not find the startup.sh, catalina.sh, ... file.
This is all I see:
[EMAIL PROTECTED] bin]$ ls -l
total 500
snip
So, where are the UNIX-type scripts?
I
Does your profiling tool tell you the classes of the objects being
created? Can you take a snapshot at two points in time, compare them and
see what is different? If we know the class of the objects being
created, it gives us a pretty good pointer as to where to start looking.
Without this
Try setting the server parameter on the connector. See
http://jakarta.apache.org/tomcat/tomcat-5.5-doc/config/http.html
Mark
Gao, Frank wrote:
Hi,
I have a Tomcat 5.5.7 standalone webserver running on my machine, recently
I got a security scan warning of ApacheServerTokenNotSet.
Does
No idea. Try , , Tin foil hats R us or something similar. I am
not even sure this is why your scanner is reporting a problem.
Mark
Gao, Frank wrote:
What the server parameter value should be in order to pass the security
scan?
-Original Message-
From: Mark Thomas [mailto:[EMAIL
Ed Hamilton wrote:
Mark,
Thanks for the response. I'm repling to you directly - if that's wrong,
please let me know.
Please always reply to the list. This is for two reasons:
- The extra information you provide might be enough for someone else
to help you even if the original respondent can
Mike,
Having I have had a look at the bug report and the message from Tomcat
user and have found the cvs commit that fixes the problem.
http://marc.theaimsgroup.com/?l=tomcat-devm=104142933517556w=2
This fix is included in 4.1.19 onwards and all 5.0.x and 5.5.x releases.
HTH,
Mark
Mike
I am not aware of any such list existing.
Mark
Rob Dickey wrote:
Can anyone tell me where I can get a list of classes deprecated in 5.5 (say
since 5.0).
Example: org.apache.catalina.HttpRequest is no longer found.
TIA for any info.
Regards,
Rob
to BEA weblogic. The page loades fine on IE and
firefox.
- I've deployed all files to tomcat. The page loads on IE, however, it
doesn't on firefox.
Therefore, I assume that this is either a bug, or tomcat just doesn't
support different clients.
Heiner
-Ursprüngliche Nachricht-
Von: Mark
Chris,
Sorry, but this isn't supported. See
http://cvs.apache.org/viewcvs.cgi/jakarta-tomcat-catalina/catalina/src/share/org/apache/catalina/servlets/CGIServlet.java?rev=1.31view=markup
and search for NPH for more info.
Patches are always welcome ;)
Mark
Chris Picton wrote:
Hi all
I am
[EMAIL PROTECTED] wrote:
Other
servers create the corret page by using the jsp:pluggin tag. Tomcat doesn't.
In what way does Tomcat not support this? As far as I am aware it does
in both 4.1.x and 5.5.x
Mark
-
To
[EMAIL PROTECTED] wrote:
Hi there,
I have two servlets. One is configured to listen to /forms/* and the
other to /documents/*.
I configured a security realm, so users need to use form based
authentication when accessing /forms/*.
Can I, in the same web.xml configure a second security realm
1. Don't cross-post
2. Try the lucene user list
Zakaria KHABOT wrote:
Hi all,
Will using 'lucene' I want to get a brief resume from the document in
witch the term of search exist, like this:
1 resultats trouvs, class par relvement
Nonbre avec date
This seems to be a popular subject today. Try looking at
http://marc.theaimsgroup.com/?l=tomcat-userm=111811136603781w=2
Mark
Panichi, Mary-Beth wrote:
Greetings ~
We're having issues downloading .pdf files in SSL. I've been all over
the web trying to find solutions. The issue appears to
Manuel Gil Perez wrote:
The client authentication only works if I add the CA certificate into
the $JAVA_HOME/jre/lib/security/cacerts. If the Tomcat keystore contains
the CA certificate but not the JDK keystore... the client authentication
fails.
AFAIK this can't be done without some custom
Konrad Bernstein wrote:
However, looks like a TC bug to me, that only occurs if you setup your
error pages by
the error-tag within web.xml (not by using the page directive
errorPage). pageContext.getException()
only returns what is saved under attribute
javax.servlet.jsp.jspException. But this
bouml wrote:
I need some more information about JSPInterceptor in server.xml. Is there a
detailed docu ?
Have you looked at
http://jakarta.apache.org/tomcat/tomcat-3.3-doc/serverxml.html#JspInterceptor
?
-
To
Paul Singleton wrote:
If I configure my HTTPS connector with the (supposedly
redundant) attribute
sslProtocol=TLS
then it works fine, but if I leave it out, requests
just hang and eventually time out (Firefox says The
request to xxx.yyy has terminated unexpectedly. Some
data may have been
Thomas Polliard wrote:
So I am running Tomcat 5.5.9
I have a jsp page that imports com.polliard.db.RaidDB;
It also has a line that invokes a new instance of this class
RaidDB rdb = new RaidDB();
The code works on Jetty but when used with Tomcat I am getting the error
RaidDB cannot be resolved
Angela Stempfel wrote:
Hello all
I have a problem concerning Tomcat 4.1.30. In web.xml i defined several
security constraint. First of all I protected the whole application and
then I excluded the directories with images and css files. Furthermore I
defined some roles.
snip
So my problem
Paul Puschmann wrote:
That is fine, but how can I use the CLIENT-CERT information in my
applications?
The certificate is exposed as a servlet attribute. You need to read
section SRV.4.7 of the servlet specification and if you search the
specification for certificate you will find some useful
Karanjkar, Sanjay V (IT) wrote:
Hi msjava,
I'm trying to migrate our webapp from ServletExec4.1.1/JDK1.3.1 to
Tomcat5.0.30/JDK1.4.2.
On ServletExec, our app was showing/saving UTF-8 strings correctly. However,
after migration to Tomcat, the pages are not showing UTF-8 encoded content
Andrés Glez. wrote:
there is no ContainerListener or something like that?
Look at
http://jakarta.apache.org/tomcat/tomcat-5.5-doc/config/engine.html and
http://jakarta.apache.org/tomcat/tomcat-5.5-doc/config/host.html
You need to seach for lifecycle listener. Not part of the spec but
Spitzley, Kai, VF-DE wrote:
is there a compatibility chart for combinations of OSes and Tomcat/JDK
Versions ?
No.
(i.e. What JDK is recommended/supported in Tomcat 4.1.29 on Solaris 8)
This is in the documentation (RUNNING.TXT) but the short answer is:
4.1.x - 1.2 or later
5.0.x - 1.3 or
Janet Dickson wrote:
Hi
I'm trying to use RemoteAddrValve to restrict access to a website to a
subnet in Tomcat 4.1
Tried :
Valve className=org.apache.catalina.valves.RemoteAddrValve
allow=xxx.xxx.xxx.xxx/25 /
but it doesnt seem to work as access from one of my IP addresses
Zakaria KHABOT wrote:
So, how to accees 'sysadmin' and configue the path of the docs to search
in.
That is a lucene configuration question. You may have better luck trying
the lucene users list.
Mark
-
To unsubscribe,
Paul,
CLIENT-CERT authentication is supported.
Mark
Paul Puschmann wrote:
we'd like to use our Tomcat with ssl and client certificates.
Does anybody know if the user information (of the user-certificate) can
be used to authenticate?
Tomcat is 5.5.7
Hmm. Looks like PageContextImpl.release() code could do with a clean up ;)
Ignoring that for now, do you have any idea what is calling
getOutputStream()? Is it called in ViewAttachment.jsp?
Mark
[EMAIL PROTECTED] wrote:
Hello Tomcat Users and Committers,Platform: Tomcat 4.1, Linux ES 2.1,
Matthew,
I take it that you call response.getOutputStream() within your JSP? If
so, this is a spec violation (section JSP.2.7 of JSP 1.2):
spec-quote
JSP page authors are prohibited from writing directly to either the
PrintWriter or OutputStream associated with the ServletResponse.
. . wrote:
1 of 3 I wanted to include an install doc for tomcat 5.5.9 on solaris 9 with
jdk1.5.0
Post it to the wiki
2 of 3 I also have a question: How do you create a login for webdav servlet so
that no one besides your access list can log into the webdav folder and read it
You secure it
XSS issues have been reported in:
- the servlet 2.3 examples (including snoop.jsp)
- the manager servlet
- the servlet 2.4 examples (affects TC5 only)
All of these have been fixed in CVS.
Fixes for these are included in Tomcat 5.5.7 onwards.
Tomcat 4.1.31 still has the following XSS issues
Hassan Schroeder wrote:
Mark Winslow wrote:
I'm wondering if there's a way to get more than one
ssl domain per server instance. The ssl Connector tag
seems to be in the top level in server.xml.
You can define multiple Connectors, each with its own keystore.
But don't forget that each
This is as per the spec:
http://www.jcp.org/aboutJava/communityprocess/maintenance/jsr053/errata_1_2_a_20020321.html
Mark
Tait, Allen wrote:
We are running our International sites on (Tomcat4.1, Jboss3.2.3, JDK 1.4)
and find that any JSP pages that do not specify UTF-8 page encoding
http://cvs.apache.org/viewcvs.cgi/jakarta-tomcat-4.0/BUILDING.txt?rev=1.35view=log
I'd use the latest version if I were you. You might end up with a couple
of different versions of libraries but you should be OK.
Another useful trick is to download a tomcat binary, that way you know
you will
Might be related to bug 22617 (which has been fixed in CVS).
Mark
Faine, Mark wrote:
I've written a JAAS Login Module for my web application that authenticates
against a third party (Documentum) content management server. It works fine
but it seems to attempt to login once before the dialog
Jim,
I am not sure I understand your question. Could you re-phrase it?
What I can say is that this Realm is not part of the standard Tomcat
distribution. You might be better off talking to whoever supplied you
with this Realm.
Mark
Jim Henderson wrote:
Can someone tell me how to access
Mark Benussi wrote:
Can I build a root certificate that is not signed by someone like Verisign
or any other trusted root? (This is a cost issue).
Yes, but then people have to trust your root certifcate. One of the
services Verisign and the other CAs offer (depending on the type of
certificate
[EMAIL PROTECTED] wrote:
Is there any info for migrating apps from oc4j to tomcat5.x? thanks
oc4j is a both a EJB container and a Servlet container. If your app uses
EJBs it won't ever work on Tomcat.
If you have a .war files that has been constructed as per the servlet
spec it shouldn't need
I suspect the IE and IIS are conspiring to use Windows Native
Authentication. I think this is a browser setting where IE tries this by
default if talking to IIS.
The settings should be under something like:
IE Tools Internet options security custom level user
authentication
I can't
Scott Purcell wrote:
Should I wrap my site around Apache now. Meaning should I install apache and put tomcat inside?
There is no standard answer to this question. It depends what you are
trying to achieve. Apache adds both functionality and configuration
complexity. You have to weigh the costs
Steve Kirk wrote:
If anyone involved in producing the Tomcat project documentation is reading
this, I would suggest maybe linking these sites from the official mailing
list pages, as alternatives to the official archive?
Which pages are you talking about? If you can give me a URL I can look
Leonardo Otoni de Assis wrote:
Tomcat 5 or higher work 100% compatible with Win2003?
The short answer: Yes
The longer answer:
Tomcat 5.0.x requires a Java JDK 1.4.x or higher
Tomcat 5.5.x requires a Java JRE 1.4.x plus the compat package
or a Java JRE 5.0.x or higher
All
Carol Chamblas wrote:
hi
i'm working with tomcat 4.X (servlet) and i want to load a certificate from
an eToken USB PRO (from aladdin).
i changed the server.xml (clientAuth=true) and i have a .keystore, and the
connection https://myIP:8443 is working.
the problem is that when the browser
raja buddha wrote:
I am new to appache. I wanted to know where tomcat is webserver or
appserver
Apache Tomcat is a Servlet container. Servlet containers can also server
static resources (ie act as a web server).
An app server in the J2EE sense usually means a Servlet container
combined
raja buddha wrote:
I am new to this group. Pls let me know to which email id i need to
subscribe to post struts doubts.
See http://struts.apache.org/using.html#Lists
-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional
Mark wrote:
OK, so I will admit that I am out of the loop with regards to #2. But
I still have an issue with storing and passwords required to open key
files in the clear. Is there some function that will handle this for
me...
Assuming that the file is sensibly protected with OS security if an
All,
Just a quick update on the recent issues.
1. The spam with German subject messages has been blocked by the
infrastructure folks updating the anti-spam rules on the Apache list
servers.
2. The New Atlanta List Server messages were blocked by me as soon as I
saw them (Monday evening UK
Mieke Banderas wrote:
What is the adress of the list nanny? I can't seem to find it. Such a
problem like we currently experience should have been blocked serverside
days ago.
See http://marc.theaimsgroup.com/?l=tomcat-userm=111639963131255w=2
for info.
Greg Vilardi wrote:
FYI. I just tried to nudge the list managers, but the folks at Jakarta don't
make it easy to find a list admin.
All the command addresses, including the owner address, are sent to
users when they subscribe.
Since the
800 messages that I've received over the past 5 days have
Read up on / talk to your network admins about DNS.
Mark
S W wrote:
Redhat 2.1 ES
Tomcat 4.1
Apache 2.0
I have tomcat configured to run off port 80.
I really wanted our users to be able to type http://helpdesk.XXX.net in
their browser and access the web app.
The machine tomcat/apache/webapp is
encoding.
but how to deal with the new changed? Is there special setup I've to do?
thanks
Fadwa
Mark Thomas [EMAIL PROTECTED] wrote:
There are lots of potential pitfalls when using non-default character
encodings. It is easy to make mistakes both with Tomcat settings and
with your code.
To sort
There are lots of potential pitfalls when using non-default character
encodings. It is easy to make mistakes both with Tomcat settings and
with your code.
To sort out the tomcat settings, get the following index.jsp to work for
whatever text you supply to the form. I have tested this with the
Where are you placing the .jar/.class files for your custom realm?
At what level in server.xml is your realm configured?
Mark
Ankit Shah wrote:
Hi everyone,
I hope someone can help us with this problem.
Current Tomcat settings:
Release in use: 5.5.9 along with 1.4.2 compatibility add-on
Logging
You need to look at line 125 of WebApplicationListener in the
org.objectstyle.cayenne.conf package and see which object might be null
that you have assumed isn't.
Mark
Fredrik Liden wrote:
Does anyone have any idea what this error means?
I'm using jdk 1.5, tomcat 5.5.9 and intellij.
Thanks!
As a minimum you are going to need to set the URIEncoding attribute on
the connector. I guess this needs to be set to UTF-8.
I have done some limited testing on this in the past and it is possible
but given the general mess that is i18n and the internet I would avoid
using non ISO-8859-1
What command did you use to generate the certificate request in the
first place?
Mark
Carlos Conde wrote:
Hello,
I'm trying to enable HTTPS with Tomcat5.5.9. Here is my connector description in
the server.xml file:
Connector port=8443
minProcessors=5
http://jakarta.apache.org/tomcat/faq/misc.html#tomcat5CharEncoding
Mark
David Harland wrote:
I am using Tomcat 5.0 and I am trying to receive and
send thai characters. Can someone please tell me the
simplest ways to do this.
Many thanks
Dave.
__
Do
. If I look at the source of the
returned page. I see
#3615;#3627;#3585;#3615;#3627;#3585; instead of
characters like
#3585;#3619;#3640;#3591;#3648;#3607;#3614;#3631;.
Regards
David.
--- Mark Thomas [EMAIL PROTECTED] wrote:
http://jakarta.apache.org/tomcat/faq/misc.html#tomcat5CharEncoding
Mark
David
peter thesing wrote:
What are the default user name and password settings for both admin and
manager?
For security reasons there isn't a default user name and password for
either of these applications.
How can i enter a custom user name and password to ensure security?
Yes.
Does an upgrade to
What response do you get when you try to POST?
Mark
Christian Dechery wrote:
Hi everyone, hope u can help me solve this one. It's at least weird.
I have a 4.1.3 installed on a FreeBSD machine running a huge intranet
corporate system. It runs smoothly and very fast, but for some very
weird
I have just confirmed you are no longer subscribed to this list and I
have configured the list not to accept any future attempts to join it
from your address.
Mark
[EMAIL PROTECTED]
Dean Trafelet wrote:
Thanks. DMT
- Original Message - From: Parsons Technical Services
[EMAIL
The CN for your server cert can be anything you like but you will get a
warning in your browser if the CN differs from how you express it in the
URL.
The user needs to look something like this
user username=CN=Mark Thomas, OU=Jakarta, O=Apache, L=London, C=GB
password=null roles=tomcat,certs
If you use servlets you should read SRV.8.4 of the spec very carefully.
You should also be aware that only the most recent TC5.5.x releases
correctly implement the requirements of this part of the spec.
Mark
Nikola Milutinovic wrote:
Hi all.
I've been struck all of a sudden with this.
http://marc.theaimsgroup.com/?l=tomcat-userr=1w=2
Roberto Rios wrote:
Hi,
I think that this post is a little bit off-topic, but I couldn't found
it elsewhere...
How do I search something in the tomcat user list?
I used to do it through mail-archives.apache.org, but they changed it
and now it's not
You will need to SSL connectors, once for each host.
Mark
Fritz Schneider wrote:
I am running TC 5.5.8 standalone under Windows XP Pro. I have two domains
coming in to the same IP address, one for production and one for testing.
There are two host elements in my engine. I have a CA created SSL
You will need two SSL connectors, once for each host.
Mark
Fritz Schneider wrote:
I am running TC 5.5.8 standalone under Windows XP Pro. I have two domains
coming in to the same IP address, one for production and one for testing.
There are two host elements in my engine. I have a CA created SSL
to
specify the RSA algorithm.
Are we screwed for using DSA?
--- Mark Thomas [EMAIL PROTECTED] wrote:
The following steps should work (although I have
only ever done this
using my own CA).
1. Create tomcat key in your own keystore
2. Create CSR
3. Submit CSR
4. Get response
5. Import CA's root cert
Your user entry in tomcat-users.xml needs to look something like this:
user username=CN=Mark Thomas, OU=Jakarta, O=Apache, L=London, C=GB
password=null roles=tomcat,certs/
Basically, the user name needs to be the CN on the user's cert.
Mark
Markus Linnemann wrote:
-BEGIN PGP SIGNED MESSAGE
Fritz,
Ideally patches should be against CVS head to minimise the overhead for
the developers. I will, of course, look at patches against any recent
release but the older the release patches are created against, the
longer it takes me to apply the patch.
Mark
Fritz Schneider wrote:
Mark,
Would
deployOnStartup
and
http://jakarta.apache.org/tomcat/tomcat-5.5-doc/config/host.html#Automatic%20Application%20Deployment
Mark
Robert Bateman wrote:
Under Tomcat 4.1.27 and 4.1.30, if I deploy an application via a .WAR
file to the server (via ANT and the manager) Tomcat knows about my
deployed
Posting multiple copies of the same message and posting the same message
to both the tomcat-user and the tomcat-dev lists is a sure-fire way to
make sure your message is ignored by most, if not all, members of this list.
Please read http://jakarta.apache.org/site/mail.html for guidance.
Mark
Bruce,
You should not have done step 5. This deleted your private key. I hope
you have a backup ;)
Mark
Bruce Perryman wrote:
Hello,
I'm using TC 5.0.19 and j2sdk1.4.2_04 on RedHat 9.
My SSL certificate expired and I received a new one
but haven't been able to get the new one to work.
Here are
Fritz,
Please forgive the format. I just cut'n'pasted stuff from the source).
The currently supported variables are:
AUTH_TYPE, CONTENT_LENGTH, CONTENT_TYPE, DOCUMENT_NAME,
DOCUMENT_URI, GATEWAY_INTERFACE, PATH_INFO, PATH_TRANSLATED,
QUERY_STRING, QUERY_STRING_UNESCAPED, REMOTE_ADDR,
was the only entry and it was the trusted cert
entry.
Does this have anything to do with the problem?
--- Mark Thomas [EMAIL PROTECTED] wrote:
Bruce,
You should not have done step 5. This deleted your
private key. I hope
you have a backup ;)
Mark
Bruce Perryman wrote:
Hello,
I'm using TC 5.0.19
try:
web-resource-collection
web-resource-nameAdmin/web-resource-name
url-pattern/*/url-pattern
/web-resource-collection
You don't need to include the context in your url patterns.
Mark
teknokrat wrote:
I have placed the following context file
101 - 200 of 456 matches
Mail list logo