On 29/01/2016 17:36, Hubert Hickman wrote:
> Hi Dave !
>
>
> The app is specified to run on 6443 - with openings in firewalls between
> installations only for this port. Tomcat does answer and return data if
> the call is made by hostname to port 6443 - just not by IP number to port
> 6443.
>
>
Hi Dave !
The app is specified to run on 6443 - with openings in firewalls between
installations only for this port. Tomcat does answer and return data if
the call is made by hostname to port 6443 - just not by IP number to port
6443.
Regular Apache is running https on 443 and works fine.
http
On 1/29/2016 12:09 PM, Hubert Hickman wrote:
I am running Tomcat 7.0.67 on RHEL 6.7
I have a tomcat app that is deployed and listening on port 6443 for https
traffic.
tomcat answers fine by request URLS of the form https://hostname:port/rest of
URL/etc. However, it does not answer on https://IP
quick question.
in tomcat can I username/password protect directories with .htaccess like I
can in Apache?
On Fri, Jan 29, 2016 at 12:09 PM, Hubert Hickman
wrote:
> I am running Tomcat 7.0.67 on RHEL 6.7
>
> I have a tomcat app that is deployed and listening on port 6443 for https
> traffic.
>
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
André,
On 6/16/15 12:02 PM, Andre Gomes wrote:
> I am using tomcat 7.0.52.0 and I am trying to redirect the request
> from http to https so I added to /etc/tomcat7/web.xml:
>
>
> Protected Context
> /*
>
> CONFIDENTIAL
>
Stop. Restore t
On 29/12/2011 08:51, Saravanan L wrote:
> *Point 1 and 2. *
> 1. When I remove acceptCount=1 My tomcat 7 works fine.
So remove it and don't put it back.
> 2. But I had the same property in tomcat 6 and it worked fine on that.
Clearly something is broken with your app / Tomcat 7 configuratio
n front of Tomcat or your
application is returning this value.
A. Yes the proxy relayed this message, it seems the tomcat did not
respond with any message at all.
- Original Message -
From: "Mark Thomas"
To: "Tomcat Users List"
Sent: Tuesday, December 27, 2011 10:58:2
at did not
>> respond with any message at all.
>
>- Original Message -
>From: "Mark Thomas"
>To: "Tomcat Users List"
>Sent: Tuesday, December 27, 2011 10:58:29 PM
>Subject: Re: Tomcat HTTPS Connector Stops working after an hour
>
>On 27/12/201
o: "Tomcat Users List"
Sent: Tuesday, December 27, 2011 10:58:29 PM
Subject: Re: Tomcat HTTPS Connector Stops working after an hour
On 27/12/2011 10:47, Saravanan L wrote:
> 3. A 504 response code is a gateway timeout. Tomcat does not issue this
> on its own. Either you have a proxy
On 27/12/2011 10:47, Saravanan L wrote:
> 3. A 504 response code is a gateway timeout. Tomcat does not issue this
> on its own. Either you have a proxy in front of Tomcat or your
> application is returning this value.
>
> A. Yes the proxy relayed this message, it seems the tomcat did not
> respon
On 27 Dec 2011, at 10:48, Saravanan L wrote:
> 3. A 504 response code is a gateway timeout. Tomcat does not issue this
> on its own. Either you have a proxy in front of Tomcat or your
> application is returning this value.
>
> A. Yes the proxy relayed this message, it seems the tomcat did not re
3. A 504 response code is a gateway timeout. Tomcat does not issue this
on its own. Either you have a proxy in front of Tomcat or your
application is returning this value.
A. Yes the proxy relayed this message, it seems the tomcat did not
respond with any message at all.
looks like 200 idle t
On 27/12/2011 08:55, Saravanan L wrote:
> Tried netstat. 443 is listening, but I cannot connect to it.
I assume it shows no open connections either.
> Secondly Thread dump - I could not find any signs of problem or anything
> relative to the current issue in the threaddump [Please find the
> thre
Tried netstat. 443 is listening, but I cannot connect to it.
Secondly Thread dump - I could not find any signs of problem or anything
relative to the current issue in the threaddump [Please find the
threaddump in my previous post].
On 12/27/2011 2:11 PM, ma...@apache.org wrote:
Saravanan L
Saravanan L wrote:
>Please find the server.xml attached.
>
>The real problem is I dont know where to look at.
> -There are no error in logs or the linux sys logs.
> - I cannot diagnose as the connector(443) does not even connect.
Of course you can diagnose this further. netstat and a thr
On 27 dec. 2011, at 06:25, Saravanan L wrote:
> Please find the server.xml attached.
>
> The real problem is I dont know where to look at.
> -There are no error in logs or the linux sys logs.
> - I cannot diagnose as the connector(443) does not even connect.
>
I saw the same with
Please find the server.xml attached.
The real problem is I dont know where to look at.
-There are no error in logs or the linux sys logs.
- I cannot diagnose as the connector(443) does not even connect.
On 12/24/2011 3:31 PM, Pid wrote:
On 23/12/2011 14:47, Christopher Schultz wrote:
S
On 23/12/2011 14:47, Christopher Schultz wrote:
> Saravanan,
>
> On 12/23/11 7:03 AM, Saravanan L wrote:
>> Please find the latest thread dump attached with mail.
>
>> Tomcat 7 still crashes without acceptCount. I am wrong on this
>> assumption.
>
>> The response code is 504. It takes about 2 h
On 23/12/2011 10:52, Saravanan L wrote:
> Please find the dump below.
>
> One more interesting thing I found out, was when I remove
> acceptCount=1 My tomcat 7 works fine.
Note the 'acceptCount' definition:
http://tomcat.apache.org/tomcat-7.0-doc/config/http.html
This attribute specifies t
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Saravanan,
On 12/23/11 7:03 AM, Saravanan L wrote:
> Please find the latest thread dump attached with mail.
>
> Tomcat 7 still crashes without acceptCount. I am wrong on this
> assumption.
>
> The response code is 504. It takes about 2 hours for th
Please find the dump below.
One more interesting thing I found out, was when I remove
acceptCount=1 My tomcat 7 works fine.
But I had the same property in tomcat 6 and it worked fine on that.
I believe this property is causing the problem .
Also found out that when it reaches 900 connec
> From: Saravanan L [mailto:saravan...@te-soft.com]
> Subject: Fwd: Tomcat HTTPS Connector Stops working after an hour
> We have setup Tomcat 7 with APR in linux box. The issue is that after an
> hour or two, the https stops responding, but the HTTP connector is still
> working.
What does a th
Some of this is also explained in
http://tomcat.apache.org/connectors-doc/generic_howto/proxy.html
On 03.12.2009 15:40, Christopher Schultz wrote:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
David,
On 12/3/2009 8:42 AM, David Cassidy wrote:
It would be interesting if you are running on non
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
David,
On 12/3/2009 8:42 AM, David Cassidy wrote:
> It would be interesting if you are running on non-standard ports (ie
> not 80 and 443 ) to see what happens
I do that, and it works just fine.
AJP doesn't use the proxyPort stuff because the HT
It would be interesting if you are running on non-standard ports (ie not
80 and 443 )
to see what happens
D
On 03/12/09 13:40, David Cassidy wrote:
Chris,
You're right - nice one.
I'd always put in the extra properties into my connector config
the proxyport , redirect port whether it was
Chris,
You're right - nice one.
I'd always put in the extra properties into my connector config
the proxyport , redirect port whether it was secure or not.
but it works as you described if you don't tell it all the extra settings.
Nice thanks
D
On 02/12/09 21:29, Christopher Schultz wrote:
--
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
David,
On 11/25/2009 6:06 AM, David Cassidy wrote:
> If you want your tomcat to ever know that its getting a secure request
> you'll need 2 ajp connectors - one as the default is "not secure"
> the other needs to say "i'm secure" otherwise when you do
Hello David,
> Nice if you've got that sort of money.
I will go further, I feel the price of the famous hardware load
balancers is completely excessive in comparison with the other
components we use on production.
It is very common to see on production small servers (cheap dual x86
processors,
jkv wrote:
Hello,
We are using Tomcat 6.0 and running HTTPS (enabled SSL). The number of
requests has grown up and we have decided to do go for clustering and
loadbalancing. We have decided to go for Apache and mod_proxy/mod_jk
loadbalacing. My certificate resides in Tomcat.
In order to loadb
On 25/11/2009 11:03, David Cassidy wrote:
Pid,
there is no need to have a commercial grade cert between your httpd and
tomcat
as thats in essence a private comms channel between your 2 servers the
client won't know / see / care
Use a self sign - as long as httpd has your cert all should be well
kumara...@gmail.com]
Sent: 25 November 2009 10:28
To: users@tomcat.apache.org
Subject: Re: Tomcat Https loadbalancing??
Thanks David,
I would imagine that with mod_proxy you could load balance https
requests
so that the https request goes to httpd then its load balanced between
https requests to
mu
Cyrille,
Nice if you've got that sort of money.
it is quite cool because you can off-load the https part
so some custom hardware - again cool if you've got the money
Personally i prefer mod_proxy_ajp with the balancing as well.
D
On 25/11/09 10:57, Cyrille Le Clerc wrote:
Hello,
As R
On 25/11/09 10:36, Peter Crowther wrote:
2009/11/25 jkv:
I got one small doubt in the last point that you said.
In this environment, you only want your "public" certificate on httpd.
Tomcat will not be doing anything that uses it, so don't put a copy
on those machines.
this means that I
Pid,
there is no need to have a commercial grade cert between your httpd and
tomcat
as thats in essence a private comms channel between your 2 servers the
client won't know / see / care
Use a self sign - as long as httpd has your cert all should be well
D
On 25/11/09 10:32, Pid wrote:
On 2
Hello,
As Ronald said, we made some drawings on a detailed document
"Tomcat, SSL, secure communications and X-Forwarded-Proto" (1) that
explains solutions to handle HTTPS at the Tomcat, Apache Httpd and
Load Balancer layers. The document is written in french but the google
translation is qu
Always make a drawing.
client -> https -> tcp-loadbalancer -> still same https connection-> multiple
tomcats
client -> https -> http-loadbalancer (Apache, proxy) -> new ajp/http(s)
connection-> multiple tomcats
Normally the loadbalancer and tomcats are in the same private network. It is
your
2009/11/25 jkv :
> I got one small doubt in the last point that you said.
>
> In this environment, you only want your "public" certificate on httpd.
> Tomcat will not be doing anything that uses it, so don't put a copy
> on those machines.
>
> this means that I will not enable SSL in my tomcat.. I
On 25/11/2009 10:28, jkv wrote:
Thanks David,
I would imagine that with mod_proxy you could load balance https requests
so that the https request goes to httpd then its load balanced between
https requests to
multiple tomcats. What you'll loose over the ajp protocol i'm sure
someone will let us
Thanks David,
I would imagine that with mod_proxy you could load balance https requests
so that the https request goes to httpd then its load balanced between
https requests to
multiple tomcats. What you'll loose over the ajp protocol i'm sure
someone will let us know
That sounds good but when
On 25/11/2009 10:18, jkv wrote:
Thanks Peter,
That really helps me a lot.
I got one small doubt in the last point that you said.
In this environment, you only want your "public" certificate on httpd.
Tomcat will not be doing anything that uses it, so don't put a copy
on those machines.
this
Thanks Peter,
That really helps me a lot.
I got one small doubt in the last point that you said.
In this environment, you only want your "public" certificate on httpd.
Tomcat will not be doing anything that uses it, so don't put a copy
on those machines.
this means that I will not enable SSL i
2009/11/25 jkv :
> We are using Tomcat 6.0 and running HTTPS (enabled SSL). The number of
> requests has grown up and we have decided to do go for clustering and
> loadbalancing. We have decided to go for Apache and mod_proxy/mod_jk
> loadbalacing. My certificate resides in Tomcat.
>
> In order to
Hey
Yes if you want httpd to load balance https requests you do need it to
handle the https connection - and hence it needs the keys, certs etc
Sadly the ajp protocol is in fact insecure
if you have the httpd and tomcat on separate boxes you do have a
security issue
as the connection is transp
ld access to you webapps (not to the entire file system)
> regardless of the keystore password.
>
>
> > I also have a mailserver on the same ip "citadel" witch uses "webcit" for
> > webmail.
> >
> > The ports on my mailserver and Tomcat are d
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
All,
On 11/4/2009 11:47 AM, Ognjen Blagojevic wrote:
> Torleif wrote:
>> By "default place" I mean /home/user/.keystore
>
> /home/user/.keystore? That's strange. Is it maybe
> /home/tomcat/.keystore? Or you have a user "user" on your system? Under
ards,
Ognjen
Thanks again for all help!!
Torleif
Wed Nov 04 2009 10:28:22 CET from "Ognjen Blagojevic"
Subject: Re: tomcat https
Torleif wrote:
I am trying to set up tomcat to use https.
I used "keytool -genkey -alias tomcat -keyalg RSA"
If I use &
hrough https if they know
the "changeit" password?
I also have a mailserver on the same ip "citadel" witch uses "webcit" for
webmail.
The ports on my mailserver and Tomcat are different.
Thanks again for all help!!
Torleif
> Wed Nov 0
Torleif wrote:
I am trying to set up tomcat to use https.
I used "keytool -genkey -alias tomcat -keyalg RSA"
If I use "changeit" as password for keystore everything works ok.
If I use a different password it does not work.
I have modified "server.xml" with keystorePass="newpassword"
My .keystore
Dear Torleif
Why you r Using Default Location to Store Keystore..
ypu can Use following command to generate keystore
* c:/keytool -genkey -keyalg RSA -alias tomcat -keystore tomcat.keystore
-storepass tomcat*
Then above command will generate tomcat keystore in current working
directory.
where would I find any sort of performance tests of OpenSSL vs Java JSSE?
is it possible to implement client authenification in both OpenSSL and
Java JSSE?
Thanks
Martin
Mladen Turk wrote:
Martin Cavanagh wrote:
Removing the tcnative-1.dll library worked!
But doesn't that have the disadva
fidentiel. Si vous n'êtes pas le destinataire de ce document, nous vous signalons qu'il est strictement interdit de le diffuser, de le distribuer ou de le reproduire.
- Original Message -----
From: "Mladen Turk" <[EMAIL PROTECTED]>
To: "Tomcat Users List"
'êtes pas le
destinataire de ce document, nous vous signalons qu'il est strictement interdit
de le diffuser, de le distribuer ou de le reproduire.
- Original Message -
From: "Mladen Turk" <[EMAIL PROTECTED]>
To: "Tomcat Users List"
Sent: Thursday, M
Martin Cavanagh wrote:
Removing the tcnative-1.dll library worked!
But doesn't that have the disadvantage of decreased performance for Tomcat?
Yes, APR connector with OpenSSL is 4 times faster then
with Java JSSE
Is there a way to install OpenSSL without compiling it?
Tcnative-1.dll for
Removing the tcnative-1.dll library worked!
But doesn't that have the disadvantage of decreased performance for Tomcat?
Is there a way to install OpenSSL without compiling it?
Thanks
Martin
Mladen Turk wrote:
Martin Cavanagh wrote:
Hi everyone.
I'm quite embarrassed - but inspite following
Martin Cavanagh wrote:
Hi everyone.
I'm quite embarrassed - but inspite following the Apache guide, I just
can't set up HTTPS via Tomcat!
"C:\>keytool -list -keystore c:\.keystore
Geben Sie das Keystore-Passwort ein:
Keystore-Typ: JKS
Keystore-Provider: SUN
The logs don't seem to show
ndiqué et peut contenir des renseignements de caractère privé ou confidentiel. Si vous n'êtes pas le destinataire de ce document, nous vous signalons qu'il est strictement interdit de le diffuser, de le distribuer ou de le reproduire.
- Original Message -
From: "Martin C
qu'il est strictement interdit
de le diffuser, de le distribuer ou de le reproduire.
- Original Message -
From: "Martin Cavanagh" <[EMAIL PROTECTED]>
To: "Tomcat Users List"
Sent: Wednesday, March 28, 2007 6:41 PM
Subject: Re: Tomcat HTTPS Help needed
&
http://localhost worked before and still works.
I also checked the firewall settings. It definitely isn't a problem here - I
even tried setting up a different connector http://localhost:8443 (not https)
and this worked - so I'm 100% sure its not a firewall issue.
Any other ideas?
b.t.w. Than
Hi,
If you connect to http://localhost while https://localhost:8443, what
happen? Make sure http://localhost works first.
Jimmy
Cash America
-Original Message-
From: Martin Cavanagh [mailto:[EMAIL PROTECTED]
Sent: Wednesday, March 28, 2007 4:23 PM
To: Tomcat Users List
Subject: Tomca
daniel martin wrote:
> I'm trying to get my tomcat instance to connect over https to an external
> server.
> I have written a test servlet to do this
>
> String httpsURL = "*https*://*example*.microsoft.com";
The '*'s aren't really in your code, are they?
> But always get the following exception
60 matches
Mail list logo
