Re: Tomcat https answers by hostname, but not by IP number

On 1/29/2016 12:09 PM, Hubert Hickman wrote: I am running Tomcat 7.0.67 on RHEL 6.7 I have a tomcat app that is deployed and listening on port 6443 for https traffic. tomcat answers fine by request URLS of the form https://hostname:port/rest of URL/etc. However, it does not answer on

Re: Tomcat https answers by hostname, but not by IP number

Hi Dave ! The app is specified to run on 6443 - with openings in firewalls between installations only for this port. Tomcat does answer and return data if the call is made by hostname to port 6443 - just not by IP number to port 6443. Regular Apache is running https on 443 and works fine.

Re: Tomcat https answers by hostname, but not by IP number

quick question. in tomcat can I username/password protect directories with .htaccess like I can in Apache? On Fri, Jan 29, 2016 at 12:09 PM, Hubert Hickman wrote: > I am running Tomcat 7.0.67 on RHEL 6.7 > > I have a tomcat app that is deployed and listening on port

Re: Tomcat https answers by hostname, but not by IP number

On 29/01/2016 17:36, Hubert Hickman wrote: > Hi Dave ! > > > The app is specified to run on 6443 - with openings in firewalls between > installations only for this port. Tomcat does answer and return data if > the call is made by hostname to port 6443 - just not by IP number to port > 6443. >

Re: Tomcat https redirect for other host

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 André, On 6/16/15 12:02 PM, Andre Gomes wrote: I am using tomcat 7.0.52.0 and I am trying to redirect the request from http to https so I added to /etc/tomcat7/web.xml: security-constraint web-resource-collection web-resource-nameProtected

Re: Tomcat HTTPS Connector Stops working after an hour

, December 27, 2011 10:58:29 PM Subject: Re: Tomcat HTTPS Connector Stops working after an hour On 27/12/2011 10:47, Saravanan L wrote: 3. A 504 response code is a gateway timeout. Tomcat does not issue this on its own. Either you have a proxy in front of Tomcat or your application is returning

Re: Tomcat HTTPS Connector Stops working after an hour

On 29/12/2011 08:51, Saravanan L wrote: *Point 1 and 2. * 1. When I remove acceptCount=1 My tomcat 7 works fine. So remove it and don't put it back. 2. But I had the same property in tomcat 6 and it worked fine on that. Clearly something is broken with your app / Tomcat 7 configuration.

Re: Tomcat HTTPS Connector Stops working after an hour

ma...@apache.org To: Tomcat Users List users@tomcat.apache.org Sent: Tuesday, December 27, 2011 10:58:29 PM Subject: Re: Tomcat HTTPS Connector Stops working after an hour On 27/12/2011 10:47, Saravanan L wrote: 3. A 504 response code is a gateway timeout. Tomcat does not issue this on its own

Re: Tomcat HTTPS Connector Stops working after an hour

On 27 dec. 2011, at 06:25, Saravanan L saravan...@te-soft.com wrote: Please find the server.xml attached. The real problem is I dont know where to look at. -There are no error in logs or the linux sys logs. - I cannot diagnose as the connector(443) does not even connect. I

Re: Tomcat HTTPS Connector Stops working after an hour

3. A 504 response code is a gateway timeout. Tomcat does not issue this on its own. Either you have a proxy in front of Tomcat or your application is returning this value. A. Yes the proxy relayed this message, it seems the tomcat did not respond with any message at all. looks like 200 idle

Re: Tomcat HTTPS Connector Stops working after an hour

Saravanan L saravan...@te-soft.com wrote: Please find the server.xml attached. The real problem is I dont know where to look at. -There are no error in logs or the linux sys logs. - I cannot diagnose as the connector(443) does not even connect. Of course you can diagnose this further.

Re: Tomcat HTTPS Connector Stops working after an hour

On 27/12/2011 08:55, Saravanan L wrote: Tried netstat. 443 is listening, but I cannot connect to it. I assume it shows no open connections either. Secondly Thread dump - I could not find any signs of problem or anything relative to the current issue in the threaddump [Please find the

Re: Tomcat HTTPS Connector Stops working after an hour

On 27 Dec 2011, at 10:48, Saravanan L saravan...@te-soft.com wrote: 3. A 504 response code is a gateway timeout. Tomcat does not issue this on its own. Either you have a proxy in front of Tomcat or your application is returning this value. A. Yes the proxy relayed this message, it seems the

Re: Tomcat HTTPS Connector Stops working after an hour

Tried netstat. 443 is listening, but I cannot connect to it. Secondly Thread dump - I could not find any signs of problem or anything relative to the current issue in the threaddump [Please find the threaddump in my previous post]. On 12/27/2011 2:11 PM, ma...@apache.org wrote: Saravanan

Re: Tomcat HTTPS Connector Stops working after an hour

On 27/12/2011 10:47, Saravanan L wrote: 3. A 504 response code is a gateway timeout. Tomcat does not issue this on its own. Either you have a proxy in front of Tomcat or your application is returning this value. A. Yes the proxy relayed this message, it seems the tomcat did not respond

Re: Tomcat HTTPS Connector Stops working after an hour

users@tomcat.apache.org Sent: Tuesday, December 27, 2011 10:58:29 PM Subject: Re: Tomcat HTTPS Connector Stops working after an hour On 27/12/2011 10:47, Saravanan L wrote: 3. A 504 response code is a gateway timeout. Tomcat does not issue this on its own. Either you have a proxy in front of Tomcat

Re: Tomcat HTTPS Connector Stops working after an hour

Please find the server.xml attached. The real problem is I dont know where to look at. -There are no error in logs or the linux sys logs. - I cannot diagnose as the connector(443) does not even connect. On 12/24/2011 3:31 PM, Pid wrote: On 23/12/2011 14:47, Christopher Schultz wrote:

Re: Tomcat HTTPS Connector Stops working after an hour

On 23/12/2011 10:52, Saravanan L wrote: Please find the dump below. One more interesting thing I found out, was when I remove acceptCount=1 My tomcat 7 works fine. Note the 'acceptCount' definition: http://tomcat.apache.org/tomcat-7.0-doc/config/http.html This attribute specifies the

Re: Tomcat HTTPS Connector Stops working after an hour

On 23/12/2011 14:47, Christopher Schultz wrote: Saravanan, On 12/23/11 7:03 AM, Saravanan L wrote: Please find the latest thread dump attached with mail. Tomcat 7 still crashes without acceptCount. I am wrong on this assumption. The response code is 504. It takes about 2 hours for

Re: Tomcat HTTPS Connector Stops working after an hour

Please find the dump below. One more interesting thing I found out, was when I remove acceptCount=1 My tomcat 7 works fine. But I had the same property in tomcat 6 and it worked fine on that. I believe this property is causing the problem . Also found out that when it reaches 900

Re: Tomcat HTTPS Connector Stops working after an hour

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Saravanan, On 12/23/11 7:03 AM, Saravanan L wrote: Please find the latest thread dump attached with mail. Tomcat 7 still crashes without acceptCount. I am wrong on this assumption. The response code is 504. It takes about 2 hours for this

RE: Tomcat HTTPS Connector Stops working after an hour

From: Saravanan L [mailto:saravan...@te-soft.com] Subject: Fwd: Tomcat HTTPS Connector Stops working after an hour We have setup Tomcat 7 with APR in linux box. The issue is that after an hour or two, the https stops responding, but the HTTP connector is still working. What does a thread

Re: Tomcat Https loadbalancing??

Chris, You're right - nice one. I'd always put in the extra properties into my connector config the proxyport , redirect port whether it was secure or not. but it works as you described if you don't tell it all the extra settings. Nice thanks D On 02/12/09 21:29, Christopher Schultz wrote:

Re: Tomcat Https loadbalancing??

It would be interesting if you are running on non-standard ports (ie not 80 and 443 ) to see what happens D On 03/12/09 13:40, David Cassidy wrote: Chris, You're right - nice one. I'd always put in the extra properties into my connector config the proxyport , redirect port whether it was

Re: Tomcat Https loadbalancing??

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 David, On 12/3/2009 8:42 AM, David Cassidy wrote: It would be interesting if you are running on non-standard ports (ie not 80 and 443 ) to see what happens I do that, and it works just fine. AJP doesn't use the proxyPort stuff because the

Re: Tomcat Https loadbalancing??

Some of this is also explained in http://tomcat.apache.org/connectors-doc/generic_howto/proxy.html On 03.12.2009 15:40, Christopher Schultz wrote: -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 David, On 12/3/2009 8:42 AM, David Cassidy wrote: It would be interesting if you are running on

Re: Tomcat Https loadbalancing??

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 David, On 11/25/2009 6:06 AM, David Cassidy wrote: If you want your tomcat to ever know that its getting a secure request you'll need 2 ajp connectors - one as the default is not secure the other needs to say i'm secure otherwise when you do a

Re: Tomcat Https loadbalancing??

Hey Yes if you want httpd to load balance https requests you do need it to handle the https connection - and hence it needs the keys, certs etc Sadly the ajp protocol is in fact insecure if you have the httpd and tomcat on separate boxes you do have a security issue as the connection is

Re: Tomcat Https loadbalancing??

2009/11/25 jkv j.kumara...@gmail.com: We are using Tomcat 6.0 and running HTTPS (enabled SSL). The number of requests has grown up and we have decided to do go for clustering and loadbalancing. We have decided to go for Apache and mod_proxy/mod_jk loadbalacing. My certificate resides in

Re: Tomcat Https loadbalancing??

Thanks Peter, That really helps me a lot. I got one small doubt in the last point that you said. In this environment, you only want your public certificate on httpd. Tomcat will not be doing anything that uses it, so don't put a copy on those machines. this means that I will not enable SSL in

Re: Tomcat Https loadbalancing??

On 25/11/2009 10:18, jkv wrote: Thanks Peter, That really helps me a lot. I got one small doubt in the last point that you said. In this environment, you only want your public certificate on httpd. Tomcat will not be doing anything that uses it, so don't put a copy on those machines. this

Re: Tomcat Https loadbalancing??

Thanks David, I would imagine that with mod_proxy you could load balance https requests so that the https request goes to httpd then its load balanced between https requests to multiple tomcats. What you'll loose over the ajp protocol i'm sure someone will let us know That sounds good but

Re: Tomcat Https loadbalancing??

On 25/11/2009 10:28, jkv wrote: Thanks David, I would imagine that with mod_proxy you could load balance https requests so that the https request goes to httpd then its load balanced between https requests to multiple tomcats. What you'll loose over the ajp protocol i'm sure someone will let

Re: Tomcat Https loadbalancing??

2009/11/25 jkv j.kumara...@gmail.com: I got one small doubt in the last point that you said. In this environment, you only want your public certificate on httpd. Tomcat will not be doing anything that uses it, so don't put a copy on those machines. this means that I will not enable SSL in

Re: Tomcat Https loadbalancing??

Always make a drawing. client - https - tcp-loadbalancer - still same https connection- multiple tomcats client - https - http-loadbalancer (Apache, proxy) - new ajp/http(s) connection- multiple tomcats Normally the loadbalancer and tomcats are in the same private network. It is your choice

Re: Tomcat Https loadbalancing??

Hello, As Ronald said, we made some drawings on a detailed document Tomcat, SSL, secure communications and X-Forwarded-Proto (1) that explains solutions to handle HTTPS at the Tomcat, Apache Httpd and Load Balancer layers. The document is written in french but the google translation is

Re: Tomcat Https loadbalancing??

Pid, there is no need to have a commercial grade cert between your httpd and tomcat as thats in essence a private comms channel between your 2 servers the client won't know / see / care Use a self sign - as long as httpd has your cert all should be well D On 25/11/09 10:32, Pid wrote: On

Re: Tomcat Https loadbalancing??

On 25/11/09 10:36, Peter Crowther wrote: 2009/11/25 jkvj.kumara...@gmail.com: I got one small doubt in the last point that you said. In this environment, you only want your public certificate on httpd. Tomcat will not be doing anything that uses it, so don't put a copy on those machines.

Re: Tomcat Https loadbalancing??

Cyrille, Nice if you've got that sort of money. it is quite cool because you can off-load the https part so some custom hardware - again cool if you've got the money Personally i prefer mod_proxy_ajp with the balancing as well. D On 25/11/09 10:57, Cyrille Le Clerc wrote: Hello, As

RE: Tomcat Https loadbalancing??

...@gmail.com] Sent: 25 November 2009 10:28 To: users@tomcat.apache.org Subject: Re: Tomcat Https loadbalancing?? Thanks David, I would imagine that with mod_proxy you could load balance https requests so that the https request goes to httpd then its load balanced between https requests to multiple tomcats

Re: Tomcat Https loadbalancing??

On 25/11/2009 11:03, David Cassidy wrote: Pid, there is no need to have a commercial grade cert between your httpd and tomcat as thats in essence a private comms channel between your 2 servers the client won't know / see / care Use a self sign - as long as httpd has your cert all should be

Re: Tomcat Https loadbalancing??

jkv wrote: Hello, We are using Tomcat 6.0 and running HTTPS (enabled SSL). The number of requests has grown up and we have decided to do go for clustering and loadbalancing. We have decided to go for Apache and mod_proxy/mod_jk loadbalacing. My certificate resides in Tomcat. In order to

Re: Tomcat Https loadbalancing??

Hello David, Nice if you've got that sort of money. I will go further, I feel the price of the famous hardware load balancers is completely excessive in comparison with the other components we use on production. It is very common to see on production small servers (cheap dual x86 processors,

Re: tomcat https

Torleif wrote: I am trying to set up tomcat to use https. I used keytool -genkey -alias tomcat -keyalg RSA If I use changeit as password for keystore everything works ok. If I use a different password it does not work. I have modified server.xml with keystorePass=newpassword My .keystore is

Re: tomcat https

a mailserver on the same ip citadel witch uses webcit for webmail. The ports on my mailserver and Tomcat are different.   Thanks again for all help!!   Torleif Wed Nov 04 2009 10:28:22 CET from Ognjen Blagojevic ogn...@etf.bg.ac.rs Subject: Re: tomcat https Torleif wrote: I am

Re: tomcat https

from Ognjen Blagojevic ogn...@etf.bg.ac.rs Subject: Re: tomcat https Torleif wrote: I am trying to set up tomcat to use https. I used keytool -genkey -alias tomcat -keyalg RSA If I use changeit as password for keystore everything works ok. If I use a different password it does not work. I have

Re: tomcat https

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 All, On 11/4/2009 11:47 AM, Ognjen Blagojevic wrote: Torleif wrote: By default place I mean /home/user/.keystore /home/user/.keystore? That's strange. Is it maybe /home/tomcat/.keystore? Or you have a user user on your system? Under what

Re: tomcat https

. Regards, Ognjen Thanks again for all help!! Torleif Wed Nov 04 2009 10:28:22 CET from Ognjen Blagojevic ogn...@etf.bg.ac.rs Subject: Re: tomcat https Torleif wrote: I am trying to set up tomcat to use https. I used keytool -genkey -alias

Re: tomcat https

Dear Torleif Why you r Using Default Location to Store Keystore.. ypu can Use following command to generate keystore * c:/keytool -genkey -keyalg RSA -alias tomcat -keystore tomcat.keystore -storepass tomcat* Then above command will generate tomcat keystore in current working directory.

Re: Tomcat HTTPS Help needed

where would I find any sort of performance tests of OpenSSL vs Java JSSE? is it possible to implement client authenification in both OpenSSL and Java JSSE? Thanks Martin Mladen Turk wrote: Martin Cavanagh wrote: Removing the tcnative-1.dll library worked! But doesn't that have the

Re: Tomcat HTTPS Help needed

Removing the tcnative-1.dll library worked! But doesn't that have the disadvantage of decreased performance for Tomcat? Is there a way to install OpenSSL without compiling it? Thanks Martin Mladen Turk wrote: Martin Cavanagh wrote: Hi everyone. I'm quite embarrassed - but inspite

Re: Tomcat HTTPS Help needed

Martin Cavanagh wrote: Removing the tcnative-1.dll library worked! But doesn't that have the disadvantage of decreased performance for Tomcat? Yes, APR connector with OpenSSL is 4 times faster then with Java JSSE Is there a way to install OpenSSL without compiling it? Tcnative-1.dll for

Re: Tomcat HTTPS Help needed

: Re: Tomcat HTTPS Help needed Martin Cavanagh wrote: Removing the tcnative-1.dll library worked! But doesn't that have the disadvantage of decreased performance for Tomcat? Yes, APR connector with OpenSSL is 4 times faster then with Java JSSE Is there a way to install

RE: Tomcat HTTPS Help needed

Hi, If you connect to http://localhost while https://localhost:8443, what happen? Make sure http://localhost works first. Jimmy Cash America -Original Message- From: Martin Cavanagh [mailto:[EMAIL PROTECTED] Sent: Wednesday, March 28, 2007 4:23 PM To: Tomcat Users List Subject:

Re: Tomcat HTTPS Help needed

http://localhost worked before and still works. I also checked the firewall settings. It definitely isn't a problem here - I even tried setting up a different connector http://localhost:8443 (not https) and this worked - so I'm 100% sure its not a firewall issue. Any other ideas? b.t.w.

Re: Tomcat HTTPS Help needed

qu'il est strictement interdit de le diffuser, de le distribuer ou de le reproduire. - Original Message - From: Martin Cavanagh [EMAIL PROTECTED] To: Tomcat Users List users@tomcat.apache.org Sent: Wednesday, March 28, 2007 6:41 PM Subject: Re: Tomcat HTTPS Help needed http://localhost

Re: Tomcat HTTPS Help needed

Sent: Wednesday, March 28, 2007 6:41 PM Subject: Re: Tomcat HTTPS Help needed http://localhost worked before and still works. I also checked the firewall settings. It definitely isn't a problem here - I even tried setting up a different connector http://localhost:8443 (not https

Re: Tomcat HTTPS Help needed

Martin Cavanagh wrote: Hi everyone. I'm quite embarrassed - but inspite following the Apache guide, I just can't set up HTTPS via Tomcat! C:\keytool -list -keystore c:\.keystore Geben Sie das Keystore-Passwort ein: Keystore-Typ: JKS Keystore-Provider: SUN The logs don't seem to show

Re: Tomcat https

daniel martin wrote: I'm trying to get my tomcat instance to connect over https to an external server. I have written a test servlet to do this String httpsURL = *https*://*example*.microsoft.com; The '*'s aren't really in your code, are they? But always get the following exception