I'm glad that we get so well over serious problems. Made my day :-) !
PS: André: Sorry for the top post.
PPS: James: I still can't get over it, that you run Tomcat on AS400, my first
contact to production systems back in '90.
-Ursprüngliche Nachricht-
Von: André Warnier (tomcat) [mailto:
Hi all,
>-Ursprüngliche Nachricht-
>Von: André Warnier (tomcat) [mailto:a...@ice-sa.com]
>Gesendet: Donnerstag, 10. August 2017 11:34
>An: users@tomcat.apache.org
>Betreff: Re: I've just installed Tomcat (7.0.67) on an old CentOS 5 box. It
>can't be reached from outside the box.
>Addend
Hi Matt,
> -Ursprüngliche Nachricht-
> Von: Matt Cosentino [mailto:mcosent...@cacorp.com]
> Gesendet: Dienstag, 11. Juli 2017 19:35
> An: Tomcat Users List
> Betreff: Response cut off after 10 seconds when using NIO2 connector
>
> I'm using Tomcat 8.5.16 with the NIO2 connector and Open
Sai,
May I suggest that you update your production system and see if that helps? No
matter if the problem is in the tomcat version or your software, Tomcat 7.0.52
is over three years old, and contains many security related problems. From the
release notes I see also quite a few performance and
Mark,
> On 09/06/17 16:02, Kreuser, Peter wrote:
> > Hi all,
> >
> > Sorry for the long text. I hope somebody can help me track down the problem
> > I'm facing with Tomcat (8.5.15), tcnative (1.2.12), openssl (1.1.0e) and
> > HTTP/2. JVM is zulu-8.
Hi all,
Sorry for the long text. I hope somebody can help me track down the problem I'm
facing with Tomcat (8.5.15), tcnative (1.2.12), openssl (1.1.0e) and HTTP/2.
JVM is zulu-8.21.0.1 (1.8.0_131-b11)
I've added (already for a long time) the logging of the ssl_cipher to the
accesslog. For som
Igal,
-Ursprüngliche Nachricht-
> Von: Igal @ Lucee.org [mailto:i...@lucee.org]
> Gesendet: Dienstag, 16. Mai 2017 16:44
> An: Tomcat Users List; modjkl...@comcast.net
> Betreff: Re: how to upgrade tomcat 8.5.x?
>
> On 5/16/2017 6:37 AM, modjkl...@comcast.net wrote:
> > I assume I need t
Hi (WhoEverYouMayBe - you may want to sign with a name???),
> Server version:Apache Tomcat/8.5.11
> Server built: Jan 10 2017 21:02:52 UTC
> Server number: 8.5.11.0
> OS Name: Linux
> OS Version:3.10.0-514.16.1.el7.x86_64
> Architecture:
Hi Cris,
> Excellent information. Thank you!
>
> Is there a way to create a split point where sendFile will handle files of
> certain mime types (or all mime-types except for an exclusion list of mime
> types) and/or of certain sizes while compression will handle files of other
> mime-types and/o
Hi Eric,
> Dear all,
>
>
> I need to implement secure connection within tomcat. That's why I need to
> implement certificate on tomcat.
> I've made a CSR in order for my company to provide me certificates and CA.
> I've implemented the configuration in TOMCAT to activate https to use my
> keys
Fady,
Sorry for top posting.
If I remember correctly, the Cluster Element goes into the Container and not
the Host.
Plus I see in our (working) case, a DeltaManager and a
JvmRouteSessionIDBinderListener
...
Besides this, only ports, limits and values are different.
You may
en after that all links, forms will be on https.
Best regards
Peter
> Our engineer who has access to the load balancer is off today, will get some
> log info on the load balancer side about the redirect.
>
> Thank you,
>
> Bin
>
> -Original Message-
> F
Bin,
> Peter:
> To answer your questions
> 1. The response header when using 8080 to post, I got:
>
> Status Code: 405 Method Not Allowed
> Allow: POST
> Cache-Control: private
> Content-Language: en
> Content-Length: 1045
> Content-Type: text/html;charset=utf-8
> Date
..
Peter
>
> Bin
>
> -Original Message-
> From: Kreuser, Peter [mailto:pkreu...@airplus.com]
> Sent: Friday, January 20, 2017 1:43 AM
> To: Tomcat Users List
> Subject: AW: https redirect failed for POST request when behind a load
> balancer
>
> Hi Bin
Hi Bin
> Konstantin:
> Thank you very much for your reply. To answer your question
>
> 1. The api-lb and lb-api was a typo.
>
> 2. I was able to reproduce this problem with a single server behind the
> load balancer.
> Where http://lb-test-api:8080 was set to forward to https://lb-tes
Hi Abishek,
> -Ursprüngliche Nachricht-
> Von: Kumar, Abhishek (IT Information Services )
> [mailto:abhishek.kum...@originenergy.com.au]
> Gesendet: Dienstag, 10. Januar 2017 12:17
> An: users@tomcat.apache.org
> Betreff: Vulnerability Issue with Apache Tomcat 8.0.15
Dear all,
> On Sun, Oct 23, 2016 at 3:15 PM, Christopher Schultz <
>
> ch...@christopherschultz.net> wrote:
>
>
>
Hi all, Hi Mark,
I see one change in the newest mod_jk (see below), that stops Apache in my
configuration:
The discussion on this bug is valid
https://bz.apache.org/bugzilla/show_bug.cgi?id=59184, however I would like to
see an explanation o why the shm may fail!
Docker 1.12
Debian Stretch w
Objections Chris,
> André,
>
> On 10/4/16 7:59 AM, André Warnier (tomcat) wrote:
> > On 04.10.2016 12:43, Garratt, Dave wrote:
> >> To elaborate, there is only this single application running on
> >> the server. All other web applications use Windows IIS.
> >>
> >> I have mentioned that the probl
Dave,
> The requirement for HTTPS is only a recent requirement and the application is
> now heavily dependent on Java 8. At this point I don’t know just how old a
> version of Tomcat I would need to make it work and I would have to make
> significant changes to the code in order to make it Java
Roman,
>I know it did not worked because as soon as I add the ciphers entry to the
>SSL HTTPS connector in the server.xml file, it tells me that value is not
>supported.
>
>On Wed, Sep 21, 2016 at 6:45 PM, Mark Thomas wrote:
>
>> On 21/09/2016 11:22, Román Valoria wrote:
>> > Before anyone tells
Roman,
> On 21/09/2016 11:22, Román Valoria wrote:
> > Before anyone tells me, I cannot upgrade either Tomcat or Java to the
> > latest major release.
> >
> > My setup is running on Windows Server 2008 R2 64-bit OS.
>
> What configuration have you tried?
>
> How do you know it didn't work?
>
>
Hi Yuval,
> -Ursprüngliche Nachricht-
> Von: Yuval Schwartz [mailto:yuval.schwa...@gmail.com]
> Gesendet: Freitag, 2. September 2016 13:28
> An: Tomcat Users List
> Betreff: Restrict access to manager app by IP
>
> Tomcat: 8.0.22
> JDK: 1.8.0_05
>
> Hello,
>
> I am currently running a
Chris,
> -BEGIN PGP SIGNED MESSAGE-
> Hash: SHA256
>
> Mark,
>
> On 8/31/16 7:21 AM, Mark Thomas wrote:
> > On 31/08/2016 12:18, Kreuser, Peter wrote:
> >>
> >> Christopher,
> >>
> >>> On 8/30/16 10:18 AM, Kreuser, Pete
Mark,
> On 31/08/2016 12:18, Kreuser, Peter wrote:
>
>
> Christopher,
>
> On 8/30/16 10:18 AM, Kreuser, Peter wrote:
>
> On 30/08/2016 10:23, Kreuser, Peter wrote:
>
> Hi all,
>
> I have compiled tcnative 1.2.8 with the new openssl 1.1.0 (ldd
> pr
Christopher,
> On 8/30/16 10:18 AM, Kreuser, Peter wrote:
>
> On 30/08/2016 10:23, Kreuser, Peter wrote:
>
> Hi all,
>
> I have compiled tcnative 1.2.8 with the new openssl 1.1.0 (ldd
> proves that it is linked). I have set the cipher string to the
> newly supp
> On 30/08/2016 10:23, Kreuser, Peter wrote:
>
> Hi all,
>
> I have compiled tcnative 1.2.8 with the new openssl 1.1.0 (ldd proves that it
> is
> linked). I have set the cipher string to the newly supported ciphers:
>
>
> ciphers="ECDH
Hi all,
I have compiled tcnative 1.2.8 with the new openssl 1.1.0 (ldd proves that it
is linked). I have set the cipher string to the newly supported ciphers:
ciphers="ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-
GC
Chuck,
>
> Hello,
>
> I am having issues when upgrading from 8.5.3 to 8.5.4 with SSL. It seems
> that my config from 8.5.3 is not working with 8.5.4 when using the same
> exact file. The majority of the server.xml is stock, but here what I
> manually have changed and it is where I am encounter
Hi Utkarsh
>Von: Utkarsh Dave [mailto:utkarshkd...@gmail.com]
>Gesendet: Donnerstag, 18. August 2016 08:18
>An: Tomcat Users List
>Betreff: Re: A way for user to specify DH parameter to tomcat !
>
>Thanks a lot Chris and Violeta.
>
>On Wed, Aug 17, 2016 at 1:59 PM, Utkarsh Dave
>wrote:
>
>> Hi A
Mark,
>
>On 27/04/2016 10:01, Kreuser, Peter wrote:
>> Mark,
>>
>> I read that you ported all the new SSL functionality to 8.5, so my first
>> guess was, that if that problem was new, you might want to know what's wrong
>> ;-).
>>
>>>
>
>-Ursprüngliche Nachricht-
>On 27/04/2016 10:01, Kreuser, Peter wrote:
>> Mark,
>>
>> I read that you ported all the new SSL functionality to 8.5, so my first
>> guess was, that if that problem was new, you might want to know what's wrong
>&g
was fine
On 27/04/2016 10:39, Kreuser, Peter wrote:
> Hi all,
>
> I have a strange problem with Tomcat 8.5. Using the exact same setup as
> Tomcat 8.0 (connector and keystore) ssllabs will downgrade my setup from A to
> B because of a missing intermediate certificate.
http://sv
Hi all,
I have a strange problem with Tomcat 8.5. Using the exact same setup as Tomcat
8.0 (connector and keystore) ssllabs will downgrade my setup from A to B
because of a missing intermediate certificate.
I have the two versions working side by side on two ports.
Openssl on the two wil
Mark,
I read that you ported all the new SSL functionality to 8.5, so my first guess
was, that if that problem was new, you might want to know what's wrong ;-).
>On 25/04/2016 17:10, Kreuser, Peter wrote:
>> Hi there,
>>
>> I have setup Tomcat 8.5 with the all
Hi there,
I have setup Tomcat 8.5 with the all new SSL Config and HTTP/2.
To test the setup I use testssl.sh (https://testssl.sh ) . The scan is
successful, also stating HTTP/2 is working. So far so good.
However I see the following exception in the Logs:
25-Apr-2016 17:36:16.697 SEVERE [https
> -Ursprüngliche Nachricht-
> Von: Mark Thomas [mailto:ma...@apache.org]
> Gesendet: Freitag, 17. Juli 2015 12:33
> An: Tomcat Users List
> Betreff: Re: Question concerning mod_jk Security Fix CVE-2014-8111
>
> On 16/07/2015 13:16, Kreuser, Peter wrote:
> &
Please let me repeat my question from June 6th:
Why is this CVE still not addressed in "Apache Tomcat JK Connectors
vulnerabilities" http://tomcat.apache.org/security-jk.html?
http://www.cvedetails.com/cve/CVE-2014-8111/
-
Hi,
could you please tell us, when th
Hi,
could you please tell us, when the fixed mod_jk-Version 1.2.41 will be publicly
available?
The webpage does not mention any vulnerability at all, plus no newer release
than the vulnerable 1.2.40.
For now RedHat mentions only the fix to the source code from December 2014.
http://svn.apache.
39 matches
Mail list logo