JmxRemoteLifecycleListener with SSL doesn't work on Centos
Hello I'm using Apache Tomcat 7.0.56 + JmxRemoteLifecycleListener with SSL on CentOS 6.5, results in the following error on startup: окт 24, 2014 6:00:17 PM org.apache.catalina.startup.Catalina load INFO: Initialization processed in 1313 ms окт 24, 2014 6:00:17 PM org.apache.catalina.mbeans.JmxRemoteLifecycleListener createServer SEVERE: The JMX connector server could not be created or failed to start for the Platform server java.io.IOException: Cannot bind to URL [rmi://localhost:7222/jmxrmi]: javax.naming.CommunicationException [Root exception is java.rmi.ConnectIOException: error during JRMP connection establishment; nested exception is: javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target] at javax.management.remote.rmi.RMIConnectorServer.newIOException(RMIConnectorServer.java:826) at javax.management.remote.rmi.RMIConnectorServer.start(RMIConnectorServer.java:431) at org.apache.catalina.mbeans.JmxRemoteLifecycleListener.createServer(JmxRemoteLifecycleListener.java:313) at org.apache.catalina.mbeans.JmxRemoteLifecycleListener.lifecycleEvent(JmxRemoteLifecycleListener.java:259) at org.apache.catalina.util.LifecycleSupport.fireLifecycleEvent(LifecycleSupport.java:117) at org.apache.catalina.util.LifecycleBase.fireLifecycleEvent(LifecycleBase.java:90) at org.apache.catalina.util.LifecycleBase.setStateInternal(LifecycleBase.java:402) at org.apache.catalina.util.LifecycleBase.setState(LifecycleBase.java:347) at org.apache.catalina.core.StandardServer.startInternal(StandardServer.java:724) at org.apache.catalina.util.LifecycleBase.start(LifecycleBase.java:150) at org.apache.catalina.startup.Catalina.start(Catalina.java:689) at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:57) at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) at java.lang.reflect.Method.invoke(Method.java:606) at org.apache.catalina.startup.Bootstrap.start(Bootstrap.java:321) at org.apache.catalina.startup.Bootstrap.main(Bootstrap.java:455) Caused by: javax.naming.CommunicationException [Root exception is java.rmi.ConnectIOException: error during JRMP connection establishment; nested exception is: javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target] at com.sun.jndi.rmi.registry.RegistryContext.bind(RegistryContext.java:143) at com.sun.jndi.toolkit.url.GenericURLContext.bind(GenericURLContext.java:226) at javax.naming.InitialContext.bind(InitialContext.java:419) at javax.management.remote.rmi.RMIConnectorServer.bind(RMIConnectorServer.java:643) at javax.management.remote.rmi.RMIConnectorServer.start(RMIConnectorServer.java:426) ... 15 more Caused by: java.rmi.ConnectIOException: error during JRMP connection establishment; nested exception is: javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target at sun.rmi.transport.tcp.TCPChannel.createConnection(TCPChannel.java:304) at sun.rmi.transport.tcp.TCPChannel.newConnection(TCPChannel.java:202) at sun.rmi.server.UnicastRef.newCall(UnicastRef.java:341) at sun.rmi.registry.RegistryImpl_Stub.bind(Unknown Source) at com.sun.jndi.rmi.registry.RegistryContext.bind(RegistryContext.java:137) ... 19 more Caused by: javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target at sun.security.ssl.Alerts.getSSLException(Alerts.java:192) at sun.security.ssl.SSLSocketImpl.fatal(SSLSocketImpl.java:1884) at sun.security.ssl.Handshaker.fatalSE(Handshaker.java:276) at sun.security.ssl.Handshaker.fatalSE(Handshaker.java:270) at sun.security.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:1341) at sun.security.ssl.ClientHandshaker.processMessage(ClientHandshaker.java:153) at sun.security.ssl.Handshaker.processLoop(Handshaker.java:868) at sun.security.ssl.Handshaker.process_record(Handshaker.java:804) at sun.security.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:1016) at sun.security.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1312) at sun.security.ssl.SSLSocketImpl.writeRecord(SSLSocketImpl.java:702) at sun.security.ssl.AppOutputStream.write(AppOutputStream.java:122) at java.io.BufferedOutputStream.flushBuffer(BufferedOutputStream.java:82) at java.io.BufferedOutputStream.flush(BufferedOutputStream.java:140) at java.io.DataOutputStream.flush(DataOutputStream.java:123) at
Re: HTTPS / URLs with no port number / Tomcat only
Hello and thank you for your answer. I followed your first advice. I edited server.xml ending up with the following connectors: --- Connector SSLEnabled=true acceptCount=100 clientAuth=false disableUploadTimeout=true enableLookups=false maxThreads=25 port=443 keystoreFile=D:\where\the\key\store\file\is\keystore_file.txt keystorePass=a_password protocol=org.apache.coyote.http11.Http11NioProtocol scheme=https secure=true sslProtocol=TLS proxyPort=80 / Connector port=80 enableLookups=false redirectPort=443/ Connector port=8009 protocol=AJP/1.3 redirectPort=443 / --- This configuration works on Windows meaning: http://localhost/my_webapp/a_page.jsp automatically redirects to: https://localhost/my_webapp/a_page.jsp without any port number in the URL. I tried exactly the same modification in server.xml on a Debian Wheezy machine and it doesn't work... The browser only says that The webpage is not available. I can't see anything in the log files but maybe I should... I am using jsvc to start Tomcat as a non-root user. I couldn't find any information in RUNNING.txt. I'm sorry I'm not more precise... Can you help me? Best regards. -- View this message in context: http://tomcat.10.x6.nabble.com/HTTPS-URLs-with-no-port-number-Tomcat-only-tp5024482p5024501.html Sent from the Tomcat - User mailing list archive at Nabble.com. - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
How to access Sessions outside of class
I have the following code for a web-socket package comm2.hello; import java.io.IOException; import java.util.ArrayList; import javax.websocket.OnClose; import javax.websocket.OnMessage; import javax.websocket.OnOpen; import javax.websocket.Session; import javax.websocket.server.ServerEndpoint; import org.apache.catalina.session.*; @ServerEndpoint(value = /echo) public class wschat { public static ArrayListSession sessionList = new ArrayListSession(); public Session session; @OnOpen public void onOpen(Session session) throws IOException { sessionList.add(session); int size = sessionList.size(); session.getBasicRemote().sendText(String.valueOf(size)); } @OnMessage public void onMessage(String message, Session session) throws IOException { session.getBasicRemote().sendText(message); } } I would like to be able to access my sessions from an external java class, however each time I do sessionList.getsize() it keeps coming back as 0, but there is an active sessions. Is there any way I can access the active sessions in tomcat from an external java class? Jason
Re: JmxRemoteLifecycleListener with SSL doesn't work on Centos
On 27/10/2014 05:58, Mихаил С. wrote: Hello I'm using Apache Tomcat 7.0.56 + JmxRemoteLifecycleListener with SSL on CentOS 6.5, results in the following error on startup: окт 24, 2014 6:00:17 PM org.apache.catalina.startup.Catalina load INFO: Initialization processed in 1313 ms окт 24, 2014 6:00:17 PM org.apache.catalina.mbeans.JmxRemoteLifecycleListener createServer SEVERE: The JMX connector server could not be created or failed to start for the Platform server java.io.IOException: Cannot bind to URL [rmi://localhost:7222/jmxrmi]: javax.naming.CommunicationException [Root exception is java.rmi.ConnectIOException: error during JRMP connection establishment; nested exception is: javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: That is the error message you get when the server certificate is not trusted. sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target] at javax.management.remote.rmi.RMIConnectorServer.newIOException(RMIConnectorServer.java:826) at javax.management.remote.rmi.RMIConnectorServer.start(RMIConnectorServer.java:431) at org.apache.catalina.mbeans.JmxRemoteLifecycleListener.createServer(JmxRemoteLifecycleListener.java:313) at org.apache.catalina.mbeans.JmxRemoteLifecycleListener.lifecycleEvent(JmxRemoteLifecycleListener.java:259) at org.apache.catalina.util.LifecycleSupport.fireLifecycleEvent(LifecycleSupport.java:117) at org.apache.catalina.util.LifecycleBase.fireLifecycleEvent(LifecycleBase.java:90) at org.apache.catalina.util.LifecycleBase.setStateInternal(LifecycleBase.java:402) at org.apache.catalina.util.LifecycleBase.setState(LifecycleBase.java:347) at org.apache.catalina.core.StandardServer.startInternal(StandardServer.java:724) at org.apache.catalina.util.LifecycleBase.start(LifecycleBase.java:150) at org.apache.catalina.startup.Catalina.start(Catalina.java:689) at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:57) at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) at java.lang.reflect.Method.invoke(Method.java:606) at org.apache.catalina.startup.Bootstrap.start(Bootstrap.java:321) at org.apache.catalina.startup.Bootstrap.main(Bootstrap.java:455) Caused by: javax.naming.CommunicationException [Root exception is java.rmi.ConnectIOException: error during JRMP connection establishment; nested exception is: javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target] at com.sun.jndi.rmi.registry.RegistryContext.bind(RegistryContext.java:143) at com.sun.jndi.toolkit.url.GenericURLContext.bind(GenericURLContext.java:226) at javax.naming.InitialContext.bind(InitialContext.java:419) at javax.management.remote.rmi.RMIConnectorServer.bind(RMIConnectorServer.java:643) at javax.management.remote.rmi.RMIConnectorServer.start(RMIConnectorServer.java:426) ... 15 more Caused by: java.rmi.ConnectIOException: error during JRMP connection establishment; nested exception is: javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target at sun.rmi.transport.tcp.TCPChannel.createConnection(TCPChannel.java:304) at sun.rmi.transport.tcp.TCPChannel.newConnection(TCPChannel.java:202) at sun.rmi.server.UnicastRef.newCall(UnicastRef.java:341) at sun.rmi.registry.RegistryImpl_Stub.bind(Unknown Source) at com.sun.jndi.rmi.registry.RegistryContext.bind(RegistryContext.java:137) ... 19 more Caused by: javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target at sun.security.ssl.Alerts.getSSLException(Alerts.java:192) at sun.security.ssl.SSLSocketImpl.fatal(SSLSocketImpl.java:1884) at sun.security.ssl.Handshaker.fatalSE(Handshaker.java:276) at sun.security.ssl.Handshaker.fatalSE(Handshaker.java:270) at sun.security.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:1341) at sun.security.ssl.ClientHandshaker.processMessage(ClientHandshaker.java:153) at sun.security.ssl.Handshaker.processLoop(Handshaker.java:868) at sun.security.ssl.Handshaker.process_record(Handshaker.java:804) at sun.security.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:1016) at sun.security.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1312) at sun.security.ssl.SSLSocketImpl.writeRecord(SSLSocketImpl.java:702) at
Re: HTTPS / URLs with no port number / Tomcat only
On Mon, Oct 27, 2014 at 10:47 AM, Léa Massiot lmhe...@orange.fr wrote: I tried exactly the same modification in server.xml on a Debian Wheezy machine and it doesn't work... Presumably with appropriate changes to the keystore path :-) The browser only says that The webpage is not available. I can't see anything in the log files but maybe I should... You should paste (or gist) the log from a Tomcat start that shows the connector initialization, at least. Is there any entry in the log for your attempt to connect? Do you have iptables set up to allow access to port 443? I am using jsvc to start Tomcat as a non-root user. I couldn't find any information in RUNNING.txt. The last part of that file is a section Apache Commons Daemon which references info on setting up jsvc properly. -- Hassan Schroeder hassan.schroe...@gmail.com http://about.me/hassanschroeder twitter: @hassan - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: HTTPS / URLs with no port number / Tomcat only
Thank you for you answer. It was the firewall. I thought about it and I thought I was disabling it temporarily by flushing iptables (iptables -F). But apparently it's not enough... Do you know the command for disabling the firewall completely (and temporarily) without having to reboot? I just added an exception for port 443. It looks like it's working now. Cheers. -- View this message in context: http://tomcat.10.x6.nabble.com/HTTPS-URLs-with-no-port-number-Tomcat-only-tp5024482p5024506.html Sent from the Tomcat - User mailing list archive at Nabble.com. - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Parallel deployment and failed to stop a thread.
I am trying out parallell deployment but there seems to be a memory leak? when undeploying the old version.. I get the following message in the log..: org.apache.catalina.loader.WebappClassLoaderBase.clearReferencesThreads The web application [##02] appears to have started a thread named [Mojarra-WebResourceMonitor-1-thread-1] but has failed to stop it. This is very likely to create a memory leak. Stack trace of thread: sun.misc.Unsafe.park(Native Method) java.util.concurrent.locks.LockSupport.parkNanos(LockSupport.java:215) java.util.concurrent.locks.AbstractQueuedSynchronizer$ConditionObject.awaitNanos(AbstractQueuedSynchronizer.java:2078) java.util.concurrent.ScheduledThreadPoolExecutor$DelayedWorkQueue.take(ScheduledThreadPoolExecutor.java:1093) java.util.concurrent.ScheduledThreadPoolExecutor$DelayedWorkQueue.take(ScheduledThreadPoolExecutor.java:809) java.util.concurrent.ThreadPoolExecutor.getTask(ThreadPoolExecutor.java:1067) java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1127) java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617) java.lang.Thread.run(Thread.java:745) Is this a problem with Tomcat 8.0.14 or JSF 2.2.8? What can I do to prevent this? Regards, BTJ -- --- Bjørn T Johansen b...@havleik.no --- Someone wrote: I understand that if you play a Windows CD backwards you hear strange Satanic messages To which someone replied: It's even worse than that; play it forwards and it installs Windows --- - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Tomcat problem with shutdown (thank)
Hi all, i cannot connect via browser and shutdown to my Tomcat (is installed in a cloud server), 1) In my cloud is Ubuntu LTS 12.04; 2) There is Java 1.8.0_25; 3) There is Tomcat 8.0.14; 4) I can connect via ssh to my server correctly; 5) with ./startup.sh, Tomcat run correctly; 6) Typing in browser http://[ip]:8080, i see a unable to connect message; 7) Typing ./shutdown.sh, i see the following message. How can i solve it? Thank in advance. Using CATALINA_BASE: /home/apache-tomcat-8.0.14 Using CATALINA_HOME: /home/apache-tomcat-8.0.14 Using CATALINA_TMPDIR: /home/apache-tomcat-8.0.14/temp Using JRE_HOME:/usr Using CLASSPATH: /home/apache-tomcat-8.0.14/bin/bootstrap.jar:/home/apache-tomcat-8.0.14/bin/tomcat-juli.jar Oct 27, 2014 12:29:14 PM org.apache.catalina.startup.Catalina stopServer SEVERE: Could not contact localhost:8005. Tomcat may not be running. Oct 27, 2014 12:29:14 PM org.apache.catalina.startup.Catalina stopServer SEVERE: Catalina.stop: java.net.ConnectException: Connection refused at java.net.PlainSocketImpl.socketConnect(Native Method) at java.net.AbstractPlainSocketImpl.doConnect(AbstractPlainSocketImpl.java:345) at java.net.AbstractPlainSocketImpl.connectToAddress(AbstractPlainSocketImpl.java:206) at java.net.AbstractPlainSocketImpl.connect(AbstractPlainSocketImpl.java:188) at java.net.SocksSocketImpl.connect(SocksSocketImpl.java:392) at java.net.Socket.connect(Socket.java:589) at java.net.Socket.connect(Socket.java:538) at java.net.Socket.init(Socket.java:434) at java.net.Socket.init(Socket.java:211) at org.apache.catalina.startup.Catalina.stopServer(Catalina.java:450) at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62) at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) at java.lang.reflect.Method.invoke(Method.java:483) at org.apache.catalina.startup.Bootstrap.stopServer(Bootstrap.java:400) at org.apache.catalina.startup.Bootstrap.main(Bootstrap.java:487)
RE: Parallel deployment and failed to stop a thread.
From: Bjørn T Johansen [mailto:b...@havleik.no] Subject: Parallel deployment and failed to stop a thread. The web application [##02] appears to have started a thread named [Mojarra-WebResourceMonitor-1-thread-1] but has failed to stop it. Is this a problem with Tomcat 8.0.14 or JSF 2.2.8? No, it's a problem with your web application, as the message states. What can I do to prevent this? Fix your webapp to stop any and all threads it creates. Given that the thread is from Mojarra, you will likely have to consult their documentation to determine how to properly shut down the monitor. - Chuck THIS COMMUNICATION MAY CONTAIN CONFIDENTIAL AND/OR OTHERWISE PROPRIETARY MATERIAL and is thus for use only by the intended recipient. If you received this in error, please contact the sender and delete the e-mail and its attachments from all computers. - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: INFO: TLD skipped Messages in logs
Hi Can someone reply to this query please. On 10/2/2014 8:10 PM, Kiran Badi wrote: Hi, I am getting below messages in the logs, Oct 26, 2014 4:05:46 PM org.apache.catalina.startup.TaglibUriRule body INFO: TLD skipped. URI: http://java.sun.com/jstl/xml_rt is already defined Oct 26, 2014 4:05:46 PM org.apache.catalina.startup.TaglibUriRule body INFO: TLD skipped. URI: http://java.sun.com/jstl/xml is already defined Oct 26, 2014 4:05:46 PM org.apache.catalina.startup.TaglibUriRule body INFO: TLD skipped. URI: http://java.sun.com/jsp/jstl/xml is already defined I have jstl.jar in web/lib app folder and probably have jstl jar in the tomcat lib directory. I wanted to understand if this messages are related to duplicate jstl jar or something else . - Kiran Badi - - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org