eters).
I welcome any rephrasing on my addition to the comment block.
--
James H. H. Lampert
-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org
On 9/6/16, 8:05 AM, Christopher Schultz wrote:
It's worth noting that, when creating the service from the
command-line, the service.bat script will use the current environment
to configure the service. That means that CATALINA_HOME and
CATALINA_BASE are all used to configure the service.
Unfort
Seems to me that a paraphrase of the third paragraph quoted above
ought to be added -- PROMINENTLY -- to the comment lines at the top
of catalina.bat and catalina.sh, to keep midrange jocks like me
from driving ourselves nuts trying to manipulate services the
wrong way.
On 9/1/16, 3:52 PM, André
On 9/1/16, 12:14 PM, Olaf Kock wrote:
if I'm remembering correctly, parameters for services are stored
somewhere in the registry. Instead of poking there, you should use the
tomcatw.exe executable which parameterizes the service.
I hope that memory serves me right - it's been a long time since I
Ladies and Gentlemen:
One of our Tomcat servers (refreshed from
apache-tomcat-7.0.67-windows-x86.zip) is running AS A SERVICE on a
Windows box.
And we need to set JVM Options of
-Djavax.servlet.request.encoding=UTF-8
-Dfile.encoding=UTF-8
-Djava.awt.headless=true
Unlike IBM Midrange boxes
"It doesn't work" is not very informative.
What does not work ?
What do the Tomcat logfiles say about the problem ?
Does NETSTAT (or WRKTCPSTS, for IBM Midrange Systems, or other tools on
other systems) tell you the port actually opened?
Do any of the log files tell you that it didn't, and/or
On 8/24/16, 12:36 PM, Mark Thomas wrote:
At a guess, something in the web application is using the platform
default encoding rather than an explicit encoding. Given that the Linux
box is OK, it looks like the app should be explicitly using UTF-8
everywhere.
Based on a response I got on the Mid
On 8/24/16, 11:48 AM, Jason D. Burkert wrote:
Try running \bin\version.bat on the Tomcat in question and examining
'Architecture' field.
"version.bat"?? I don't see any "version.bat" anywhere.
The Windows box in question, BTW, is a Pentium 4, running Windows Server
2003, and Tomcat is runnin
The box in question currently has 7.0.47. I'm not sure whether it's
32-bit or 64-bit; I'm pretty sure it is set up for OpenSSL security,
rather than JSSE.
At
https://archive.apache.org/dist/tomcat/tomcat-7/v7.0.67/bin/
I see
apache-tomcat-7.67-windows-i64.zip,
apache-tomcat-7.67-windows-x64.
Ladies and Gentlemen of the Tomcat and Midrange-Java communities:
We're having a weird problem with character encoding in a Tomcat webapp.
We've added an interface to GMail to our webapp, and we've got, just for
our own development, testing, and production use, instances of that
webapp running
On 8/9/16, 9:25 AM, Christopher Schultz wrote:
There /is/ a POODLE variation which is against TLS 1.0 - 1.2 [1]. If
SSLv3 is completely disabled (TLS1.0 is okay), then you aren't
vulnerable to "classic" POODLE. If you aren't using CBC-based cipher
suites with TLS1.0 - TLS1.2, then you should be o
Hmm. This is interesting.
pentest-tools.com says that neither our server nor the customer server
is vulnerable to POODLE.
But Site24x7.com says ours IS vulnerable to POODLE. Then (when I click
"View Result") it says it isn't. Then (when I actually run the test
again) it once again says it is
On 8/8/16, 10:32 AM, Coty Sutherland wrote:
So you've already mitigated POODLE and the scanner is just
complaining about your TLS version.
Or SSLLabs isn't actually checking to see if it can connect via SSLv3:
At present, SSL Labs has the following limitations:
In general, cipher suite suppor
On 8/8/16, 9:59 AM, Coty Sutherland wrote:
To mitigate POODLE you must disable SSLv3 and only use TLS. Please
visit the wiki page for more info:
https://wiki.apache.org/tomcat/Security/POODLE
Actually, I found that on my own, only a few minutes after I posted my
question.
So would the existi
On 7/27/16, 11:59 AM, Mark Thomas wrote:
ciphers="SSL_RSA_WITH_AES_256_CBC_SHA,SSL_RSA_WITH_AES_128_CBC_SHA"
Ladies and Gentlemen:
Thanks, Mark; that raises the SSLLabs rating from "F" to "C," and seems
to have dealt with most of the concerns raised by the customer.
Except for one. It seem
On 7/27/16, 7:01 PM, Matthew Herzog wrote:
HAHAHAHAHAHA
That was uncalled-for.
--
JHHL
-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org
Ladies and Gentlemen of both Lists:
Does anybody in either the Tomcat List or the Java 400 List have
experience running Tomcat 8 on an IBM Midrange box?
And (just for the Java 400 list) does anybody know if there's a way to
run Java 7 on a V6 box (specifically, an E4A running V6R1M0) without
On 7/27/16, 11:59 AM, Mark Thomas wrote:
Note since you are on Java 6 you can't force the server preference order
on the client. You might want to drop the 128 bit version.
Thanks. That brings our own server up from an "F" rating on SSLLABS.COM
to a "C."
--
JHHL
I've read so far about specifying ciphers, I understand that
this is done by adding "cipher" attribute, with a list of acceptable
ciphers, to the connector tag in conf/server.xml. Am I correct so far?
At the moment, that connector tag looks like:
So where do I go from there
On 7/27/16, 9:20 AM, Mark Thomas wrote:
Take a look at this:
http://wiki.apache.org/tomcat/Security/Ciphers
I've done some further research, and according to cve.mitre.org,
CVE-2015-0204 appears to be very specific to OpenSSL. CVE-2015-4000, on
the other hand, appears to be a problem.
Tomc
I was just forwarded a vulnerability report from one of our customers,
who is on 7.0.67 (as are we), with Java SSL, not OpenSSL (again, as are
we). The gist of it is below.
SSL/TLS Diffie-Hellman Modulus <= 1024 Bits (Logjam) (CVE-2015-4000)
SSL/TLS EXPORT_RSA <= 512-bit Cipher Suites Suppo
But what is now, given that compilers can optimize stuff like this and tell
the processor to calculate all 3 branches simultaneously, which is not
possible for ifelse.
Which one would you choose?
Equally important, which one do you think is more readable? I would say if
else is hard to read, but
On 3/31/16, 2:30 PM, Christopher Schultz wrote:
Wild Googling has produced this page:
http://www.texas400.com/b400tip16.html
...which claims that priority *30* is the same as "interactive".
Something tells me that it's going to come down to a matter of opinion
what exact priority should be use
On 3/31/16, 10:52 AM, Christopher Schultz wrote:
. . .
I don't see any particular reason not to change this from priority 6
to priority 20. If you've got a (publicly-available) reference for
AS/400 that lists the appropriate priorities of different kinds of
jobs, I can change the priority there a
Earlier this week, we noticed that the JVM job (QP0ZPWT) assocated with
the CATALINA job of a Tomcat server runs at Priority 6. This priority
level puts it ahead of everything but the operating system itself.
This morning, a response to a query on the Java forum at Midrange.com
pointed me to t
The only ways I know of to start and stop individual webapp contexts is
to (1) start and stop them from the manager, or (2) start and stop
Tomcat itself.
Is there a way, from the back end, to start and stop individual contexts?
--
James H. H. Lampert
Out of morbid curiosity, is there a way to make a certificate update
take effect without restarting Tomcat?
--
JHHL
-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomca
On 2/12/16, 11:40 AM, m...@kimwana.com wrote:
Perhaps I should have phrased this differently. I want to force
clients to ssl. When they hit http://app.myurl.com their browser
should load https://app.myurl.com
Wouldn't mind knowing that myself. All the Tomcat installations I'm
responsible for a
On 1/26/16 3:01 PM, Caldarale, Charles R wrote:
You found the right documentation page. Update the
JreMemoryLeakPreventionListener entry in your conf/server.xml to look like this:
Thanks, Messrs. Caldarale, Thomas, and Schultz. The above change worked
(by then, I'd just barely caught on th
cat-7.0-doc/config/listeners.html> but I
don't have a clue what to do with what I see.
Please don't tell me that it's something that requires recompilation
from source. Assuming I could even get Tomcat to compile from source, I
wouldn't be
On 1/26/16 12:55 PM, Christopher Schultz wrote:
If you are explicitly configuring the APR connector and the APR
library (or some required dependency -- e.g. OpenSSL -- then Tomcat
will not start.
to which I just replied:
> This is quite literally straight out of apache-tomcat-7.0.67.zip.
> We'
On 1/26/16 12:55 PM, Christopher Schultz wrote:
If you are explicitly configuring the APR connector and the APR
library (or some required dependency -- e.g. OpenSSL -- then Tomcat
will not start.
This is quite literally straight out of apache-tomcat-7.0.67.zip. We're
currently using 7.0.54 on
I'm attempting to install Tomcat 7.0.67 on an AS/400 (something I've
done several times before), and when I launch, I get a crash-on-takeoff
with an exception I've never seen before. Here's the complete catalina.out:
Jan 26, 2016 12:37:47 PM org.apache.catalina.startup.VersionLoggerListener lo
On 6/22/15 12:11 PM, Christopher Schultz wrote:
Well... what's in the catalina.out file? Is it huge numbers of
exceptions of the type described above?
Still haven't been able to see what's in it (the terminal-based tools
won't handle stream files that big), but when this happened before, it
w
rase turns up hundreds of references specific to
aix, it doesn't turn up any specific to OS/400 (or whatever IBM is
calling it this week). Don't know if there's any connection between that
and the enormous catalina.out.
Tomcat version is 7.0.47, running on an AS/400.
--
J
People on both the Tomcat and Java400-L Lists nailed the problem: it
turned out to be a PTF issue.
Once the customer got the box's PTFs fully in order, Tomcat started up
without a problem, a self-signed certificate brought up their SSL, and
our WAR file uploaded and deployed normally.
They s
On the Tomcat Users List, Pete Helgren wrote:
Also, are you sure that Java 6 on this box is current with PTF's and
that the profile this is running under is picking up the correct JVM
version when it runs?
My money is on a J9 JVM PTF but an issue with permissions or JVM
version could be a possib
On 12/12/14 5:36 PM, Filip Hanik wrote:
We're not looking for change, we're looking for the output, that may tell
us what is going on. Please post it, if you're not getting any output, then
either those aren't supported (which I definitely thought they would be),
or you're invoking it incorrect
On 12/12/14 2:54 PM, Pete Helgren wrote:
My money is on a J9 JVM PTF but an issue with permissions or JVM version
could be a possibility..
That's occurred to us as well; we've asked someone at their end to check
for PTFs.
--
JHHL
On Fri, Dec 12, 2014 at 2:26 PM, Filip Hanik wrote:
possibly add
-verbose:class
to your JVM options and see if that yields anything
On 12/12/14 1:27 PM, Filip Hanik wrote:> or
-Dibm.cl.verbose=ClassToTrace
Again calling /wintouch/tomcat/bin/startup.sh from an interactive QSHELL
sessi
On 12/12/14 11:43 AM, Christopher Schultz wrote:
I wouldn't be surprised if the AS/400 unzip software does Bad Things
to ZIP archives. Make sure you use UNIX-compatible tools to unpack
everything, or maybe do everything from "inside" that UNIX-like
environment (I seem to recall that, while you ar
On 12/12/14 11:21 AM, Ameer Mawia wrote:
catalina.jar is loaded by common.loader defined catalina.properties:
common.loader="${catalina.base}/lib","${catalina.base}/lib/*.jar","${catalina.home}/lib","${catalina.home}/lib/*.jar"
As stack-trace shows Bootstrap has been loaded successfully. So
boo
On 12/12/14 10:02 AM, Caldarale, Charles R wrote:
From: James H. H. Lampert [mailto:jam...@touchtonecorp.com]
Subject: Help! Tomcat crashing on takeoff
I'm trying to bring up Tomcat on a customer's AS/400.
Don't suppose you'd want to give us a clue as to _exactly_ whi
mcat/bin/tomcat-juli.jar
Tomcat started.
which is exactly the same as what comes out of STDOUT when we launch
Tomcat on our own box.
I can't recall ever seeing this exception before, and I don't know what
to make of it. Object size of their "tomcat-juli.jar" mat
Thanks, Messrs Janner and Schultz. I feared that was the case, but it
never hurts to ask.
The thing is, if I have it sitting someplace off-site, and Manager could
snag it from there directly, then we'd only have to pass it through the
"insulin needle" upload pipe of our cable internet when we
On 9/19/14 12:22 PM, Tran, Minh wrote:
Hope you all have a good Friday. I am new to Tom Cat server and I
have a basic question which I would like to seek your helps and
expertise. Could I have a several web applications running on one
tomcat server? I am using tomcat manager version 7. If I can
over half
an hour. But our web and FTP servers are on a hosting service's server,
so they're not passing through the narrow pipe.
Can I, from Manager, deploy a WAR file that's sitting on a web or FTP
site, instead of on my local system?
--
James H. H. Lampert
Toucht
It appears to be Tomcat 7.0.50.
We can be reasonably certain that the webapp was running.
We can be reasonably certain that it did not redeploy, because that
would have (1) changed an awful lot of timestamps that did not change,
and (2) would have required somebody to manually change its own
s would be happening?
--
James H. H. Lampert
Touchtone Corporation
-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org
On 8/1/14 4:54 PM, David Kerber wrote:
I don't think the problem is so much bandwidth as it is server CPU.
Encryption and decryption are very cpu-intensive tasks.
Not to mention client CPU. (Let's face it, if somebody's on dial-up,
they're probably on an old, slow box, too. Like my G4 "bionic
Why would you want to do that? Other than a few extra server CPU cycles,
what's the harm in allowing SSL anywhere at the client's discretion?
I'm with Chuck on that one.
From the docs:
Also, while the SSL protocol was designed to be as efficient as securely
possible, encryption/decryption i
We launch Tomcat from a CL program, with a command front-end, and
currently we have the defaults set to 512M for the minimum heap space,
and 2048M for the maximum, running 7.0.47 or 7.0.54, and using the JVM
at /QOpenSys/QIBM/ProdData/JavaVM/jdk60/32bit.
Any recommendations about heap size, pa
When this thread first came up, I tried one obvious approach: creating a
symbolic link in the file system, mapping a new directory name into an
existing context's directory.
It didn't work.
If I actually needed such a thing myself, I'd definitely look into what
Mr. Kolinko described; indeed,
On 4/10/14 2:10 PM, Ji Song wrote:
Does heartbleeding bug impact on Tomcat 6.x, 7.x and 8.x ? I noticed
that Tomcat native connector version 1.1.22 uses : OpenSSL 0.9.8
which doesn't have the heartbleeding bug, but 1.1.24 and 1.1.29 also
include the buggy openssl.
If you use JSSE for your SSL
On 4/9/14 10:17 AM, Andrew Russell wrote:
Thank you for the quick response!
It's a mixed bag, some are java keystores and some are pfx files.
So I'm only using OpenSSL if it's marked as such in the configuration file?
All I know is JSSE, myself.
From our own server.xml, running with securit
On 4/9/14 10:01 AM, Andrew Russell wrote:
If I installed tomcat on windows using the service installer, how can I
know which version of openssl was used?
All I know is that if you're using a Java keystore and Keytool (or
KeyStore Explorer) to set it up and maintain it, you're most likely not
I've only barely glanced at this thread, so forgive me if I'm saying
something that's already been mentioned, or that's irrelevant.
But yesterday, I was tearing my hair out over something similar while
setting up a keystore for a customer: it seems that the customer's CA of
choice had assumed
On 3/31/14 10:32 AM, Blume Wolfgang wrote:
Hi,
If your certificate need not be changed,
then you need not create a new Certificate Signing Request (CSR) to get a
new certificate,
but only do the "Importing the Certificate" part of the description:
Import chain certificate, then your existing cert
On 3/24/14 11:06 AM, Christopher Schultz wrote:
Do you have any idea what the cause in your particular case?
I didn't yesterday; it would be putting it mildly that there's very
little of my own code in the Tomcat context (almost all of it in a layer
that communicates with an AS/400-native se
ic to Tomcat, to detect an
out-of-memory condition, so that Tomcat can be shut down (abended if
necessary) and restarted?
--
James H. H. Lampert
-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional comman
I've been asked to come up with a command-line (or batch job) utility
(running on an AS/400) to check, programmatically, whether a Tomcat
context that's part of one of our products is alive and accepting
connections, or hung.
I'm already attempting to pick the brains of our people who develope
On 2/24/14 8:33 AM, Mark Thomas wrote:
. . .
I've worked with Tomcat on Windows, Linux, Solaris, FreeBSD, HP-UX and
some more unusual hardware like plug-computers. By far the biggest issue
the first time I hit a new OS is figuring out how to do stuff in that OS.
. . .
And I have a fair amount o
FWIW:
I've had similar situations arise (we've never found a reason why, but
it happens far less frequently since we updated all our Tomcat
installations to a more recent release) on AS/400s. I responded to it by
rewriting our shutdown CL program so that if a normal shutdown fails to
bring To
On 1/22/14 5:26 PM, Caldarale, Charles R wrote:
You have installed and enabled the APR connector, but are trying to use the
Java keystore.
Actually, *I* didn't do the installation (the fellow at the next desk
over did), and so I have no idea what options were selected.
AS/400 installations
I've set up at least half a dozen AS/400 installations of Tomcat, with
SSL on 443, and once I got the hang of it, they went smoothly, and ran
flawlessly.
So now, I'm asked to do it on a WinDoze Server 2008 box, and it's not
working. Netsat -na shows 443 listening when Tomcat is active, and not
On 1/21/14 9:59 AM, David kerber wrote:
You can update the single .jsp on the server, in at least some
situations. I do that occasionally when I need to get an update out and
can't take the service down.
But note that if and when you DO replace the WAR file, it will stomp on
whatever changes
On 1/21/14 12:40 AM, Ognjen Blagojevic wrote:
Hard to say without seeing your server.xml. I could only guess: you
misspelled "keyAlias" attribute name, so Tomcat just reads first key in
the keystore.
That would explain much: instead of a "keyAlias" attribute in the
connector tag, I have an "al
It seems that one of our customers moved their server to a different
physical box, over the weekend, and we're now seeing some definite
weirdness:
Their Tomcat now shows a certificate that expired this past September.
But it gets weirder:
Their connector for port 443 in server.xml shows a wor
At this point, if you haven't already done so, I would strongly suggest
getting your CA's tech support in on this.
Of course, your latest posts also beg the question of why you would be
spending good money on a signed SSL certificate for an internal web
site, or why you'd be using an internal
Christopher Schultz wrote:
:)
Give me OpenSSL any day of the week. ;)
Dunno. Can't recall ever having any experience with it at all. Just DCM
(for securing IBM-proprietary servers, like their Secured Telnet [NOT
ssh] server and their various proprietary web-serving products), and
Keytool (f
Christopher Schultz wrote:
That is always true. But you don't need a certificate to create a CSR.
If Keytool and the Java Keystore format even recognize any difference
between the concepts of "keypair" and "self-signed certificate," it
would be news to me.
Speaking of one who regularly ins
on an AS/400, you want to
do this whole process on something else entirely, and then FTP your
keystore into place on the 400. Keytool does NOT work well on AS/400s,
and I haven't the slightest idea why.
--
James H. H. Lampert
---
? will existing become redundant ?
NO, the SIGNED certificate will, at least in effect, be MERGED with the
original certificate.
Deleting the original certificate from the keystore before importing the
signed one will render the signed certificate WORTHLESS.
--
James H. H. Lampert
only will it not "complain"; it is the ONLY way to apply the CSR reply.
--
James H. H. Lampert
Touchtone Corporation
-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mai
On 12/27/13 1:32 PM, Christopher Schultz wrote:
Upgrading Tomcat is certainly something you should do, but it probably
won't fix your issue.
Yet it might. We were having all kinds of difficulties with lockups,
usually at times and places where a thread dump couldn't be done, for
one reason or
On 12/16/13 9:37 AM, pierre posset wrote:
My problem is that when in a browser I am writing mycompany.com I am redirected
with to www.mycompany.com.
I could be way off-base here (it wouldn't be the first time!), but:
It could also be that your browser thinks it's smarter than you are.
I've s
On 12/9/13 2:51 PM, Christopher Schultz wrote:
Can you confirm that qsh is telling you it can't actually run
/foo/tomcat/bin/startup.sh because of a permissions problem, or is it
that /foo/tomcat/bin/startup.sh *is* running and something it's trying
to do is failing?
Does it fail when running fr
On 12/9/13 11:58 AM, Dan Kimmel (on the Midrange Java List) wrote:
Your user needs x permission on startup.sh in order to execute it.
The user draws that authority from owner, group or public which are
the three groupings of rwx authorities you see, in that order (the
first of the 10 characters a
On 12/9/13 11:40 AM, Tim Watts wrote:
What about execute permissions on /wintouch. As Chris pointed out
earlier, WTADMIN must have execute permission to the top of the tree.
You seem to have investigated every corner except that one.
Both tomcat and tomcat.bak are subdirectories of /wintouch,
On 12/6/13 6:56 PM, CRPence (on the Midrange Java List) wrote:
The T-AF audit entry should log the object to which there
was insufficient authority, then the chmod can be requested against that
object to grant the necessary authority bits.
The T-AF audit entry shows (and I'm no longer bothering
e the problem, then I would expect 47 to work
and 25 to crash on takeoff.
For now, I've got that customer back on 7.0.25, but we've already found
that 7.0.47 seems to work a good deal better, so I want to figure out
what's the matter here.
--
James H. H. Lampert
Touchtone Corpo
On 11/20/13 10:22 AM, Milo Hyson wrote:
Out of curiosity, what problems do you see hashed passwords resolving in this
case?
As others have already pointed out, I was shooting off my mouth without
understanding the question.
Oh. That's very different. Nevermind.
--
JHHL
(Now going back to a
2013/11/20 :
Is there any way to not have the password visible in the realm for
example for active directory realm?
. . .
On 11/20/13 12:36 AM, Konstantin Kolinko wrote:
https://wiki.apache.org/tomcat/FAQ/Password
Harrumph. It occurs to me that if Tomcat stored passwords the way OS/400
does
Thanks to all, and once again, my apologies for my grumpiness.
--
James H. H. Lampert
-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org
, but this does scare me a bit.
--
James H. H. Lampert
-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org
y way (presumably from
Manager?) to deploy a WAR file that's already present on the machine?
--
James H. H. Lampert
-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mai
manually removing the
WAR file from the webapps directory after deployment have any
undesirable side effects, such as causing (or blocking) undeployment?
--
James H. H. Lampert
Touchtone Corporation
-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org
On 11/4/13 3:49 PM, Konstantin Kolinko wrote:
If you run with then ~every 10 seconds
Tomcat checks whether the war file is newer than the directory that
was created when extracting the war file. If it is then a
redeployment happens. You should be able to see deployment /
undeployment messages
Time ending?
--
James H. H. Lampert
-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org
Up until the situation prompting my "P7B" thread this week, I hadn't
bothered with non-default passwords, given that they then have to be
inserted into the server.xml file in order for them to work.
Have I missed something (I'm sure I've missed a great deal.) Is there a
way to use a non-defaul
x of server.xml, the first time I tried to adjust it from
our choice of keystore name and alias to their choices and their
non-default password), and finally managed to get it to come up.
Thanks, Mr. Schultz, et al. You were more helpful than you might realize.
--
James H. H. Lampert
T
On 9/10/13 2:19 PM, Christopher Schultz wrote:
"P7B" is otherwise known as a PKCS#7 file and usually contains a
certificate. Does the file contain *only* a certificate, or does it
also contain the key that was used to generate the CSR? If you have
the cert but not the key, you won't be able to us
We have a customer that wants to apply an existing multi-domain
certificate to the tomcat server in our application.
The only thing is, all we've seen is a P7B file, not a keystore, and we
don't even know what sort of keystore they used to generate the original
CSR.
The only time a similar s
We ended up changing the port number.
But do we have to change it anywhere else, for shutdown to work properly?
--
JHHL
-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@t
We appear to be having, on a multi-IP-address system, a collision with
port 8005, causing Tomcat to crash on takeoff.
Looking at server.xml, I see that 8005 is not mentioned in any
"connector" definition, but rather in this:
I know how to bind a connector to a specific IP address, but I k
Neven Cvetkovic wrote:
Btw in your log "" is actual real IP address, you just removed it for
the mailing list, correct?
That's the actual message from CATALINA.OUT, verbatim. Perhaps we're not
specifying an IP address in the configuration files (how would one do
that?), and (with several IP
We're trying to bring up SSL in Tomcat on a customer AS/400 (an E4C at
V7R1, using the /QOpenSys/QIBM/ProdData/JavaVM/jdk60/64bit JVM), and
every time we launch CATALINA, we get
SEVERE: Failed to initialize end point associated with ProtocolHandler
["http-bio-443"]
Throwable occurred: java.ne
301 - 397 of 397 matches
Mail list logo
