RE: OT: Question regarding the listeners in the upcoming releases.

Thank you Chris. I will look into Manager + JMXProxyServlet. Dumb question, but does this require the Manager.war to be deployed (Isn't that just to get to the UI?), or does it call the Catalina Manager servlet directly? Is there any documentation around this type of setup? Thanks again and

RE: OT: Question regarding the listeners in the upcoming releases.

Hi Chris, Yes, I'm aware that JMX may be the easiest method, however to use it means modifying the JAVA_OPTIONS as well as having a username and password as well as to meet our internal requirements, an ssl certificate for the jmx connection. What I'm looking for, if possible, is the addition

OT: Question regarding the listeners in the upcoming releases.

I have a question which is based around the idea of the new Listeners that are being introduced in the upcoming releases. This is based on something I’ve been thinking on for the last 6 to 9 mos. Would it be possible to have a Listener that could output stats for the Tomcat Instance, similar to

RE: [mod_jk] Is it possible to set the value of a specific attribute via HTTP?

Hi Chris and Rainer, Just want to add my .02 worth. Having the ability to "Drain" hosts in a Proxy configuration would be an awesome boon so you could gracefully take down a "node" for maintenance, or even just a restart. Then be able to put it back in action afterwards. :-) Of course, only in

RE: [SECURITY] CVE-2023-34981 Apache Tomcat - Information disclosure

Now that is what I call proactive! Dream * Excel * Explore * Inspire Jon McAlexander Senior Infrastructure Engineer Asst. Vice President He/His Middleware Product Engineering Enterprise CIO | EAS | Middleware | Infrastructure Solutions 8080 Cobblestone Rd | Urbandale, IA 50322 MAC: F4469-010

RE: Informal CIS Benchmark question

Thank you Mark! I appreciate how your summations on many of these match mine. Smh. :-) Dream * Excel * Explore * Inspire Jon McAlexander Senior Infrastructure Engineer Asst. Vice President He/His Middleware Product Engineering Enterprise CIO | EAS | Middleware | Infrastructure Solutions 8080

Informal CIS Benchmark question

I'm asking because we are doing a review of our base settings. We are using the CIS Benchmarks as a verification. One of these states to set matadata-complete to true. We have never used this setting in the past and I am worried about potential application breakage causing outages if we

RE: SOAP HTTP error: "HTTP/1.1 400 Bad Request" after upgrade to 8.5.89.

Awesome! Thanks Mark! Dream * Excel * Explore * Inspire Jon McAlexander Senior Infrastructure Engineer Asst. Vice President He/His Middleware Product Engineering Enterprise CIO | EAS | Middleware | Infrastructure Solutions 8080 Cobblestone Rd | Urbandale, IA 50322 MAC: F4469-010 Tel

RE: SOAP HTTP error: "HTTP/1.1 400 Bad Request" after upgrade to 8.5.89.

Thanks Sergent. Good catch, I'll inquire. Dream * Excel * Explore * Inspire Jon McAlexander Senior Infrastructure Engineer Asst. Vice President He/His Middleware Product Engineering Enterprise CIO | EAS | Middleware | Infrastructure Solutions 8080 Cobblestone Rd | Urbandale, IA 50322 MAC:

SOAP HTTP error: "HTTP/1.1 400 Bad Request" after upgrade to 8.5.89.

Good afternoon, Have a team that just upgraded to 8.5.89 from 8.5.72 and started getting these messages in the logs: [2023/06/01][01:05:10.012] : [INIT] - EPMSend (init) - EPMSend = SOAP [2023/06/01][01:05:10.012] : [INIT] - EPMSend (init) - SOAPPort = 8443 [2023/06/01][01:05:10.012] : [INIT] -

RE: OT: java.net.socket exception

Thanks Chris. Yes, I misspelled it, I said I'm not a developer. LOL I'm just trying to figure out WHY that setting would blow up a spring coded outbound connection like that. Thanks, Dream * Excel * Explore * Inspire Jon McAlexander Senior Infrastructure Engineer Asst. Vice President He/His

OT: java.net.socket exception

So, to start I'm not a developer. With that said, have a development team that is getting the exception below in their Tomcat 9.0.74 implementation using Java 11 (also with Java 8). After much troubleshooting with their configuration, it turned out to be this in the JAVA_OPTIONS:

RE: AW: Too many certificates in chain?!? Help!

Maybe just a bad keystore or binary copy or some type of corruption. Dream * Excel * Explore * Inspire Jon McAlexander Senior Infrastructure Engineer Asst. Vice President He/His Middleware Product Engineering Enterprise CIO | EAS | Middleware | Infrastructure Solutions 8080 Cobblestone Rd |

RE: AW: Too many certificates in chain?!? Help!

Hi James, Take a look at this URL: https://stackoverflow.com/questions/64721644/javax-net-ssl-sslprotocolexception-the-certificate-chain-length-11-exceeds-th It may help, Dream * Excel * Explore * Inspire Jon McAlexander Senior Infrastructure Engineer Asst. Vice President He/His Middleware

RE: Best Practice to Upgrade Apache Tomcat from 9.0.56 to 9.0.74

That's how I do it also. :-) Dream * Excel * Explore * Inspire Jon McAlexander Senior Infrastructure Engineer Asst. Vice President He/His Middleware Product Engineering Enterprise CIO | EAS | Middleware | Infrastructure Solutions 8080 Cobblestone Rd | Urbandale, IA 50322 MAC: F4469-010 Tel

RE: Best Practice to Upgrade Apache Tomcat from 9.0.56 to 9.0.74

How are you configured? Is your CATALINA_HOME and CATALINA_BASE Identical, or do you have the binaries separated from the configuration (Different CATALINA_BASE directory)? Thanks, Dream * Excel * Explore * Inspire Jon McAlexander Senior Infrastructure Engineer Asst. Vice President He/His

RE: OT: hsts in Tomcat 9.0.73

Ok, thank you. Dream * Excel * Explore * Inspire Jon McAlexander Senior Infrastructure Engineer Asst. Vice President He/His Middleware Product Engineering Enterprise CIO | EAS | Middleware | Infrastructure Solutions 8080 Cobblestone Rd | Urbandale, IA 50322 MAC: F4469-010 Tel 515-988-2508 |

RE: OT: hsts in Tomcat 9.0.73

Qualsys only checks ROOT (/), as it's the only context it could possibly know about. The team does have a ROOT webapps which is different from the one supplied with Tomcat. Can you show me where in the application web.xml to specify the headers? I'm not that familiar with things at that

RE: OT: hsts in Tomcat 9.0.73

Christopher, Here is the SSL connector: Thanks! Dream * Excel * Explore * Inspire Jon McAlexander Senior Infrastructure Engineer Asst. Vice President He/His Middleware Product Engineering Enterprise CIO | EAS | Middleware | Infrastructure Solutions 8080 Cobblestone Rd | Urbandale, IA 50322

RE: OT: hsts in Tomcat 9.0.73

Christopher, There is a ROOT application which is part of the overall app and not the default Tomcat one. How should this be added to those web.xml files? I'm working on getting the connector. Thanks, Dream * Excel * Explore * Inspire Jon McAlexander Senior Infrastructure Engineer Asst. Vice

RE: OT: hsts in Tomcat 9.0.73

Hi Christopher, It's the Server level web.xml in conf, and no, the file is all lowercase. Welcome to the wonderful world of Qualsys. :-) Thank you, Dream * Excel * Explore * Inspire Jon McAlexander Senior Infrastructure Engineer Asst. Vice President He/His Middleware Product Engineering

RE: OT: hsts in Tomcat 9.0.73

In this case it's only internally accessible, not public. Thanks, Dream * Excel * Explore * Inspire Jon McAlexander Senior Infrastructure Engineer Asst. Vice President He/His Middleware Product Engineering Enterprise CIO | EAS | Middleware | Infrastructure Solutions 8080 Cobblestone Rd |

RE: OT: hsts in Tomcat 9.0.73

Thank you for all the good insights Olaf. I am like you, I prefer to put a reverse proxy in front of my Tomcat instances as well. Unfortunately it is Qualsys that is calling this particular system out, so have to figure out how best to fix it. Thanks again. Dream * Excel * Explore * Inspire

RE: OT: hsts in Tomcat 9.0.73

Thanks Peter, I still do not see the hsts header. I'm wondering if this is causing it. SSL certificate verify result: self signed certificate in certificate chain (19), continuing anyway. I don't know why it's complaining as the certificate for Tomcat is not a self-signed certificate.

RE: OT: hsts in Tomcat 9.0.73

Here is the output from a powershell command: Invoke-WebRequest -Uri https://ldvwa00a0010.wellsfargo.com:8443 -MaximumRedirection 0 | Select-Object -ExpandProperty Headers KeyValue ---- X-Content-Type-Options nosniff X-Frame-OptionsSAMEORIGIN

RE: OT: hsts in Tomcat 9.0.73

Hey Peter, Yes, the context is ROOT as this app does have a ROOT component. Dream * Excel * Explore * Inspire Jon McAlexander Senior Infrastructure Engineer Asst. Vice President He/His Middleware Product Engineering Enterprise CIO | EAS | Middleware | Infrastructure Solutions 8080 Cobblestone

RE: OT: hsts in Tomcat 9.0.73

Thank you Olaf, however, the connection was made over https directly to Tomcat on port 8443. Thanks, Dream * Excel * Explore * Inspire Jon McAlexander Senior Infrastructure Engineer Asst. Vice President He/His Middleware Product Engineering Enterprise CIO | EAS | Middleware | Infrastructure

RE: OT: hsts in Tomcat 9.0.73

No, there is no error and no stack trace. Everything works, just the hsts header isn't in the list of headers. Dream * Excel * Explore * Inspire Jon McAlexander Senior Infrastructure Engineer Asst. Vice President He/His Middleware Product Engineering Enterprise CIO | EAS | Middleware |

OT: hsts in Tomcat 9.0.73

Hellow again. I hae another app team that is getting hit with a QID 11827 stating that the hsts Security header is missing. We have reviewed the web.xml and the appropriate section and filter are present. hstsEnabled is set to true. Performing a curl aganst the site does NOT show the hsts

RE: OT: Tomcat and TLS

Thank you! Dream * Excel * Explore * Inspire Jon McAlexander Senior Infrastructure Engineer Asst. Vice President He/His Middleware Product Engineering Enterprise CIO | EAS | Middleware | Infrastructure Solutions 8080 Cobblestone Rd | Urbandale, IA 50322 MAC: F4469-010 Tel 515-988-2508 | Cell

RE: OT: Tomcat and TLS

Thank You!!! Dream * Excel * Explore * Inspire Jon McAlexander Senior Infrastructure Engineer Asst. Vice President He/His Middleware Product Engineering Enterprise CIO | EAS | Middleware | Infrastructure Solutions 8080 Cobblestone Rd | Urbandale, IA 50322 MAC: F4469-010 Tel 515-988-2508 | Cell

RE: OT: Tomcat and TLS

Is this actually Kosher? Open your Tomcat server Open your server.xml file in tomcat Add the connector with TLS protocol as below Now, restart your Tomcat. If so, do we just add

RE: OT: Tomcat and TLS

Hi Christopher, I mean, for an SSL/TLS Connector, since you can't put TLS1.2 and TLS1.3 in the same connector, is it best to create separate connectors for each protocol, OR just go with TLS 1.3? Thanks, Dream * Excel * Explore * Inspire Jon McAlexander Senior Infrastructure Engineer Asst.

OT: Tomcat and TLS

Hiya, Just trying to see if I'm thinking straight. Since TLS 1.2 and 1.3 don't/can't play well with each other (no mixed mode), is it best to have a TLS 1.2 connector and a separate TLA 1.3 connector on a different port, or just go to a TLS 1.3 connector and hope for backward compat? Wanting

RE: Tomcat 9.0.73 - Exception while accessing application

Thank you!!! Dream * Excel * Explore * Inspire Jon McAlexander Senior Infrastructure Engineer Asst. Vice President He/His Middleware Product Engineering Enterprise CIO | EAS | Middleware | Infrastructure Solutions 8080 Cobblestone Rd | Urbandale, IA 50322 MAC: F4469-010 Tel 515-988-2508 | Cell

RE: Tomcat 9.0.73 - Exception while accessing application

Hi Christopher , Where was this change in functionality documented, please? Thank you , Dream * Excel * Explore * Inspire Jon McAlexander Senior Infrastructure Engineer Asst. Vice President He/His Middleware Product Engineering Enterprise CIO | EAS | Middleware | Infrastructure Solutions 8080

RE: Tomcat 9.0.73 - Exception while accessing application

I don't think they have a mixed environment, but will have them check this out. If it's not a mixed Tomcat lib issue, could it be something else? Dream * Excel * Explore * Inspire Jon McAlexander Senior Infrastructure Engineer Asst. Vice President He/His Middleware Product Engineering

RE: Tomcat 9.0.73 - Exception while accessing application

I will have them check but this would not be normal for our installations. Thanks, Dream * Excel * Explore * Inspire Jon McAlexander Senior Infrastructure Engineer Asst. Vice President He/His Middleware Product Engineering Enterprise CIO | EAS | Middleware | Infrastructure Solutions 8080

Re: Tomcat 9.0.73 - Exception while accessing application

Hi Christopher, They are using Java 11.1 Thanks From: Christopher Schultz Sent: Thursday, April 13, 2023 1:11:15 PM To: users@tomcat.apache.org Subject: Re: Tomcat 9.0.73 - Exception while accessing application Jon, On 4/12/23 17:38,

RE: Tomcat 9.0.73 - Exception while accessing application

And another app, different stack-trace, same java.lang.NoSuchFieldError: EMPTY_CHAR_ARRAY 11-Apr-2023 12:38:44.264 SEVERE [https-jsse-nio-0.0.0.0-23601-exec-11] org.apache.catalina.core.StandardWrapperValve.invoke Servlet.service() for servlet [F5 Mo nitoring.] in context with path

RE: Tomcat 9.0.73 - Exception while accessing application

Here is a full stack-trace 12:23:08.346 [https-jsse-nio-0.0.0.0-2-exec-7] DEBUG org.springframework.web.servlet.DispatcherServlet - Failed to complete request: org.springframework.web.util.NestedServletException: Handler processing failed; nested exception is java.lang.NoSuchFieldError:

RE: Tomcat 9.0.73 - Exception while accessing application

I'm not sure. I'll check with the developers. Dream * Excel * Explore * Inspire Jon McAlexander Senior Infrastructure Engineer Asst. Vice President He/His Middleware Product Engineering Enterprise CIO | EAS | Middleware | Infrastructure Solutions 8080 Cobblestone Rd | Urbandale, IA 50322 MAC:

Tomcat 9.0.73 - Exception while accessing application

I have an application team that started receiving the following Exception: 11-Apr-2023 09:26:01.396 SEVERE [https-jsse-nio-0.0.0.0-11510-exec-19] org.apache.catalina.core.StandardHostValve.custom Exception Processing ErrorPa ge[exceptionType=java.lang.Exception,

Access Log Valve

Hi everybody, I'm trying to understand the Logging Valve better for the Access Logs. I saw in there that the Apache HTTPD Logging format is supported, but not entirely sure on how to implement. Is something like this kosher? We would like to output this in json format. LogFormat "{

RE: Quick Question with Tomcat 10.1x

Thank you, the Migration Tool fixed this up lickety-split. Dream * Excel * Explore * Inspire Jon McAlexander Senior Infrastructure Engineer Asst. Vice President He/His Middleware Product Engineering Enterprise CIO | EAS | Middleware | Infrastructure Solutions 8080 Cobblestone Rd | Urbandale, IA

RE: Quick Question with Tomcat 10.1x

Thank you Chris! Dream * Excel * Explore * Inspire Jon McAlexander Senior Infrastructure Engineer Asst. Vice President He/His Middleware Product Engineering Enterprise CIO | EAS | Middleware | Infrastructure Solutions 8080 Cobblestone Rd | Urbandale, IA 50322 MAC: F4469-010 Tel 515-988-2508 |

RE: Quick Question with Tomcat 10.1x

> -Original Message- > From: jonmcalexan...@wellsfargo.com.INVALID > > Sent: Thursday, March 16, 2023 1:54 PM > To: users@tomcat.apache.org > Subject: RE: Quick Question with Tomcat 10.1x > > > -Original Message- > > From: Torsten Krah > > Sent: Thursday, March 16, 2023 1:40 PM

RE: Quick Question with Tomcat 10.1x

> -Original Message- > From: Torsten Krah > Sent: Thursday, March 16, 2023 1:40 PM > To: Tomcat Users List > Subject: Re: Quick Question with Tomcat 10.1x > > schrieb am Do., 16. März 2023, > 19:32: > > > Please read >

Quick Question with Tomcat 10.1x

Hi, I have a really simple war file I created to "test" that Tomcat is coming up and running. It works fine on Tomcat 8.5x, 9.0x, AND 10.0x, however on 10.1.7 I am getting this strange stack trace. I'm not able to determine just what is being called out. SEVERE: Servlet.service() for servlet

RE: OT: Disabling Stack Traces

Thank you Mark! Dream * Excel * Explore * Inspire Jon McAlexander Senior Infrastructure Engineer Asst. Vice President He/His Middleware Product Engineering Enterprise CIO | EAS | Middleware | Infrastructure Solutions 8080 Cobblestone Rd | Urbandale, IA 50322 MAC: F4469-010 Tel 515-988-2508 |

OT: Disabling Stack Traces

Hello everyone, I know that we can put the following in the section in the server.xml, but is there a way that we can force this setting in the catalina.properties, or some other way? Thanks, Dream * Excel * Explore * Inspire Jon McAlexander Senior Infrastructure Engineer Asst. Vice

RE: sslHostConfig and ciphers

I am not sure what the otherside is hosted on (app server type). All we have is this error string handshake. Yes, it's an internally created component in springboot making the connection. What I mean by not Tomcat, is it isn't anything defined in the tomcat configuration files, that I'm aware

RE: sslHostConfig and ciphers

The error is coming from the client-connection of their app to the webservice. Trying to convince them that it's in THEIR code not Tomcat, at least I can't think of how it could be Tomcat. Possibly something in Java? They are using 1.8 (build 361). Thanks, Dream * Excel * Explore * Inspire

RE: sslHostConfig and ciphers

:-) I'm dealing with an obstinate development team. :-) Dream * Excel * Explore * Inspire Jon McAlexander Senior Infrastructure Engineer Asst. Vice President He/His Middleware Product Engineering Enterprise CIO | EAS | Middleware | Infrastructure Solutions 8080 Cobblestone Rd | Urbandale, IA

RE: sslHostConfig and ciphers

Thank you! Dream * Excel * Explore * Inspire Jon McAlexander Senior Infrastructure Engineer Asst. Vice President He/His Middleware Product Engineering Enterprise CIO | EAS | Middleware | Infrastructure Solutions 8080 Cobblestone Rd | Urbandale, IA 50322 MAC: F4469-010 Tel 515-988-2508 | Cell

RE: sslHostConfig and ciphers

So, this is giving out this errors: javax.net.ssl|WARNING|01|main|2023-03-03 16:14:43.438 UTC|SSLSocketImpl.java:1468|handling exception ( "throwable" : { java.net.SocketException: Connection reset at java.net.SocketInputStream.read(SocketInputStream.java:210) at

RE: sslHostConfig and ciphers

Fwiw, this is happening in an outbound connection originated by a springboot app hosted in Tomcat. Any known issues with this and handshake issues? Thanks, Sent with BlackBerry Work (www.blackberry.com) From: jonmcalexan...@wellsfargo.com.INVALID Sent: Mar 4,

RE: health check return 404 after upgrade from 70 to tomcat 9.0.71

> -Original Message- > From: Chuck Caldarale > Sent: Monday, March 6, 2023 1:12 PM > To: Tomcat Users List > Subject: Re: health check return 404 after upgrade from 70 to tomcat 9.0.71 > > > > On Mar 6, 2023, at 12:03, > wrote: > > > > I believe we may have figured out what was

RE: health check return 404 after upgrade from 70 to tomcat 9.0.71

> -Original Message- > From: Mark Thomas > Sent: Monday, March 6, 2023 10:34 AM > To: users@tomcat.apache.org > Subject: Re: health check return 404 after upgrade from 70 to tomcat 9.0.71 > > On 25/02/2023 17:57, Mark Thomas wrote: > > > > > > On 25/02/2023 15:47, Rui wrote: > >> Hi > >>

RE: sslHostConfig and ciphers

Thank you!!! Thanks, Sent with BlackBerry Work (www.blackberry.com) From: "Thomas Hoffmann (Speed4Trade GmbH)" Sent: Mar 4, 2023 1:22 AM To: Tomcat Users List Subject: AW: sslHostConfig and ciphers Hello, this message originates from your used java. It's

RE: Tomcat 9.0.71 Anomalies

Hi Mark, On the slowness, this is when they are retrieving random .js files from the exploded war file after deployment. It's taking an a long amount of time. Some of these are quite large, like 2MB or more. When the issue shows, doing a curl we get to here and then it pauses for some time

sslHostConfig and ciphers

Ok, I don't know if I'm doing something wrong, or if I'm just not reading the output correctly. I have JSSE connector using sslHostConfig and in there I have defined ciphers, as below: However, if I enable ssl debugging, I am getting the following messages in my catalina.out file.

RE: Tomcat 8 impending EOL -- what's the minimum Java for Tomcat 9?

Yes, Tomcat9 runs under Java8 and above. Thanks, Sent with BlackBerry Work (www.blackberry.com) From: "James H. H. Lampert" Sent: Mar 2, 2023 5:38 PM To: Tomcat Users List Subject: Re: Tomcat 8 impending EOL -- what's the minimum Java for Tomcat 9? Am I

Tomcat 9.0.71 Anomalies

Hello gentle beings, I have a couple of application teams having issues since getting upgraded to Tomcat 9.0.71. The main one has to do with an application that has run fine in the past is now exceeding max cursors with their Oracle Database datasource. They are using spring framework to

RE: Tomcat V8.5.85

Thanks again! Dream * Excel * Explore * Inspire Jon McAlexander Senior Infrastructure Engineer Asst. Vice President He/His Middleware Product Engineering Enterprise CIO | EAS | Middleware | Infrastructure Solutions 8080 Cobblestone Rd | Urbandale, IA 50322 MAC: F4469-010 Tel 515-988-2508 | Cell

RE: Tomcat V8.5.85

Will this result in a quick move to 8.5.87 to replace 8.5.86? Dream * Excel * Explore * Inspire Jon McAlexander Senior Infrastructure Engineer Asst. Vice President He/His Middleware Product Engineering Enterprise CIO | EAS | Middleware | Infrastructure Solutions 8080 Cobblestone Rd | Urbandale,

RE: Basic SSL Certificate Usage logging

Hi Mark! Thanks so much. Please provide the sample code. :-) Dream * Excel * Explore * Inspire Jon McAlexander Senior Infrastructure Engineer Asst. Vice President He/His Middleware Product Engineering Enterprise CIO | EAS | Middleware | Infrastructure Solutions 8080 Cobblestone Rd | Urbandale,

RE: Basic SSL Certificate Usage logging

Clarification: was: KeyIdentifier [ : CD 35 CB AD 62 91 65 C4 C5 46 C8 C3 0A C7 D3 57 .5..b.e..F.W 0010: 43 46 E8 FDCF.. ] should be: CD35CBAD629165C4C546C8C30AC7D3574346E8FD Dream * Excel * Explore * Inspire Jon McAlexander Senior

RE: Basic SSL Certificate Usage logging

They also had this question. There seems to be no need to print both TEXT and HEX representations, like below (just HEX string should be fine): KeyIdentifier [ : CD 35 CB AD 62 91 65 C4 C5 46 C8 C3 0A C7 D3 57 .5..b.e..F.W 0010: 43 46 E8 FDCF..

RE: Basic SSL Certificate Usage logging

Hi Mark, I got a big thumbs up from our team here. They did have 2 questions and of course you can just tell us to go pound sand. 1. Can this be printed in JSON format, for easier parsing? (or even make it a config parameter – PLAIN / JSON / XML) 2. Is it possible to calculate and print the 2

RE: Basic SSL Certificate Usage logging

Thanks Mark. I'm checking with the requestor on my end. Dream * Excel * Explore * Inspire Jon McAlexander Senior Infrastructure Engineer Asst. Vice President He/His Middleware Product Engineering Enterprise CIO | EAS | Middleware | Infrastructure Solutions 8080 Cobblestone Rd | Urbandale, IA

RE: Basic SSL Certificate Usage logging

Once again, Awesome Possum! You guys are the greatest! Dream * Excel * Explore * Inspire Jon McAlexander Senior Infrastructure Engineer Asst. Vice President He/His Middleware Product Engineering Enterprise CIO | EAS | Middleware | Infrastructure Solutions 8080 Cobblestone Rd | Urbandale, IA

RE: Basic SSL Certificate Usage logging

Hi Mark, My thinking is that the teams requesting that I look into if this is possible or not would prefer to be able to get the more detailed information if possible. How much extra work is required to have a dedicated logger for it, as well as keeping the current message in the current

RE: Basic SSL Certificate Usage logging

Hi Mark, As a follow-up, some of my compatriots are asking if we can get all or some of these details in the log as well? Wanted to ask early if possible. • Subject o Ex: CN=splunk.glb.wellsfargo.net,OU=TMS-ADCS,O=Wells Fargo,C=US o Ex: CN=9COM,OU=APP,OU=9COM,OU=ECS,O=Wells

RE: Basic SSL Certificate Usage logging

And thank you! Dream * Excel * Explore * Inspire Jon McAlexander Senior Infrastructure Engineer Asst. Vice President He/His Middleware Product Engineering Enterprise CIO | EAS | Middleware | Infrastructure Solutions 8080 Cobblestone Rd | Urbandale, IA 50322 MAC: F4469-010 Tel 515-988-2508 |

RE: Basic SSL Certificate Usage logging

Awesome Possum Boss!!! Dream * Excel * Explore * Inspire Jon McAlexander Senior Infrastructure Engineer Asst. Vice President He/His Middleware Product Engineering Enterprise CIO | EAS | Middleware | Infrastructure Solutions 8080 Cobblestone Rd | Urbandale, IA 50322 MAC: F4469-010 Tel

RE: Basic SSL Certificate Usage logging

Hi Mark, So, is this something that can/will be added in the future? I tested my thought of setting the java logging.properties to a specific file in the command line but it didn't do what I had hoped. Thanks, Dream * Excel * Explore * Inspire Jon McAlexander Senior Infrastructure Engineer

RE: Tomcat 10.0.x

Thank you Dream * Excel * Explore * Inspire Jon McAlexander Senior Infrastructure Engineer Asst. Vice President He/His Middleware Product Engineering Enterprise CIO | EAS | Middleware | Infrastructure Solutions 8080 Cobblestone Rd | Urbandale, IA 50322 MAC: F4469-010 Tel 515-988-2508 | Cell

Tomcat 10.0.x

Hi Mark, Christopher, Remy, et-al, In regards to the Apache Tomcat(r) - End of life for Apache Tomcat 10.0.x page, is this and END OF LIFE event or just an END OF SUPPORT event for the 10.0.x releases of Tomcat 10x? Thanks, Dream * Excel *

RE: [ANN] Apache Tomcat 8.5.84 available

Please update the subject line. :-) Dream * Excel * Explore * Inspire Jon McAlexander Senior Infrastructure Engineer Asst. Vice President He/His Middleware Product Engineering Enterprise CIO | EAS | Middleware | Infrastructure Solutions 8080 Cobblestone Rd | Urbandale, IA 50322 MAC: F4469-010

RE: Basic SSL Certificate Usage logging

:-) Christopher, This is where my not being a developer really shines out. :-) Dream * Excel * Explore * Inspire Jon McAlexander Senior Infrastructure Engineer Asst. Vice President He/His Middleware Product Engineering Enterprise CIO | EAS | Middleware | Infrastructure Solutions 8080

RE: Basic SSL Certificate Usage logging

Ultimately it would be nice to be able to log it in Jason format for ingestion by Elastic or something similar. Dream * Excel * Explore * Inspire Jon McAlexander Senior Infrastructure Engineer Asst. Vice President He/His Middleware Product Engineering Enterprise CIO | EAS | Middleware |

RE: Basic SSL Certificate Usage logging

Can we include valid to dates? Dream * Excel * Explore * Inspire Jon McAlexander Senior Infrastructure Engineer Asst. Vice President He/His Middleware Product Engineering Enterprise CIO | EAS | Middleware | Infrastructure Solutions 8080 Cobblestone Rd | Urbandale, IA 50322 MAC: F4469-010 Tel

RE: Basic SSL Certificate Usage logging

Yes Chris, It's just for during startup. For a particular instance I would like to capture the Certificate Info and Truststore being used and pipe that into a separate log/txt file. Thanks, Dream * Excel * Explore * Inspire Jon McAlexander Senior Infrastructure Engineer Asst. Vice President

RE: Basic SSL Certificate Usage logging

Hi Mark, Thanks for the info. In a nutshell I think the certpath,provider would be sufficient. I'm thinking that I can add this to the java options as -Djava.security.debug=ssl:certpath,provider however I don't know how to specify where to log the information. Thanks, Dream * Excel *

Basic SSL Certificate Usage logging

Good afternoon and Happy New Year, I know about the SSL debug logging, however, I'm checking to see if there is any out-of-the-box option to capture in a log which SSL certificate and trust keystore is being used during startup? Thanks, Dream * Excel * Explore * Inspire Jon McAlexander Senior

RE: CVE-2021-43980 completely fixed?

Have you tested with a later release than 9.0.62? Dream * Excel * Explore * Inspire Jon McAlexander Senior Infrastructure Engineer Asst. Vice President He/His Middleware Product Engineering Enterprise CIO | EAS | Middleware | Infrastructure Solutions 8080 Cobblestone Rd | Urbandale, IA 50322

RE: Mod_JK vs Mod_Proxy

I get it and agree, but it does just add unnecessary complexity also. Have a Happy!!! Dream * Excel * Explore * Inspire Jon McAlexander Senior Infrastructure Engineer Asst. Vice President He/His Middleware Product Engineering Enterprise CIO | EAS | Middleware | Infrastructure Solutions 8080

RE: Mod_JK vs Mod_Proxy

What, pray tell, is an encrypted AJP connection? Are you talking AJP over an SSH Tunnel (Stunnel)? Dream * Excel * Explore * Inspire Jon McAlexander Senior Infrastructure Engineer Asst. Vice President He/His Middleware Product Engineering Enterprise CIO | EAS | Middleware | Infrastructure

RE: Mod_JK vs Mod_Proxy

IMHO, switching to mod_proxy, and using it over SSL, is by far better than using mod_jk or mod_ajp, primarily as mod_proxy allows for secure proxy connection, whereas mod_jk and mod_ajp aren't "secure" as they are not encrypted channels. Again, just my .02 worth. Dream * Excel * Explore *

RE: Tomcat 10.1.1 error starting

Awesome Possum! Dream * Excel * Explore * Inspire Jon McAlexander Senior Infrastructure Engineer Asst. Vice President He/His Middleware Product Engineering Enterprise CIO | EAS | Middleware | Infrastructure Solutions 8080 Cobblestone Rd | Urbandale, IA 50322 MAC: F4469-010 Tel 515-988-2508 |

RE: Tomcat 10.1.1 error starting

Thank you and Noted! Dream * Excel * Explore * Inspire Jon McAlexander Senior Infrastructure Engineer Asst. Vice President He/His Middleware Product Engineering Enterprise CIO | EAS | Middleware | Infrastructure Solutions 8080 Cobblestone Rd | Urbandale, IA 50322 MAC: F4469-010 Tel 515-988-2508

RE: Tomcat 10.1.1 error starting

Ok, thanks Peter. I looked at the running.txt to see if it mentioned a Java version minimum and it stated Java 8, so it confused me. I'll try with Java 11. Dream * Excel * Explore * Inspire Jon McAlexander Senior Infrastructure Engineer Asst. Vice President He/His Middleware Product

Tomcat 10.1.1 error starting

Good morning, I am getting the following error when trying to start a very generic setup of Tomcat 10.1.1 on Windows Server 2019. Error: A JNI error has occurred, please check your installation and try again Exception in thread "main" java.lang.UnsupportedClassVersionError:

RE: OT: Question on manager app in distro

Thanks! Thanks, Sent with BlackBerry Work (www.blackberry.com) From: Chuck Caldarale Sent: Oct 8, 2022 8:57 AM To: Tomcat Users List Subject: Re: OT: Question on manager app in distro > On 2022 Oct 7, at 21:13, Chuck Caldarale wrote: > > >> On 2022 Oct 7,

RE: OT: Question on manager app in distro

Thank you Chuck! Thanks, Sent with BlackBerry Work (www.blackberry.com) From: Chuck Caldarale Sent: Oct 7, 2022 9:15 PM To: Tomcat Users List Subject: Re: OT: Question on manager app in distro > On 2022 Oct 7, at 19:10, > wrote: > > If I wanted to

OT: Question on manager app in distro

Ok, so here I am again with a question that some may roll their eyes at. :) If I wanted to possibly take parts of the manager application that comes with Tomcat and put bits and pieces together for an internal utility app (status stuff only), or figure out how it's done. Where would I find the

RE: [ANN] Apache Tomcat 9.0.67 available

Thank you sir! Dream * Excel * Explore * Inspire Jon McAlexander Senior Infrastructure Engineer Asst. Vice President He/His Middleware Product Engineering Enterprise CIO | EAS | Middleware | Infrastructure Solutions 8080 Cobblestone Rd | Urbandale, IA 50322 MAC: F4469-010 Tel 515-988-2508 |

RE: [ANN] Apache Tomcat 9.0.67 available

Does this also affect the 10.1.0 (stable) version? Dream * Excel * Explore * Inspire Jon McAlexander Senior Infrastructure Engineer Asst. Vice President He/His Middleware Product Engineering Enterprise CIO | EAS | Middleware | Infrastructure Solutions 8080 Cobblestone Rd | Urbandale, IA 50322

RE: OT: Question about TomcatX.exe files

Thank you for the additional information André Dream * Excel * Explore * Inspire Jon McAlexander Senior Infrastructure Engineer Asst. Vice President He/His Middleware Product Engineering Enterprise CIO | EAS | Middleware | Infrastructure Solutions 8080 Cobblestone Rd | Urbandale, IA 50322 MAC:

  1   2   3   >