Re: Need help installing SSL certificate in tomcat keystore

2024-05-31 Thread Christopher Schultz 

Mark,

On 5/30/24 08:46, Fung-A-Fat, Mark wrote:
I am running a java web app on windows 2019 server and need some help 
getting the SSL certificate installed into my keystore.


I am running tomcat 9.x and java 11

I am able to generate a certificate request using both keytool and/or 
openssl


For both the CSR file looks like this, but the openssl also generates a 
private key xxx.


-BEGIN NEW CERTIFICATE REQUEST-

MIIC2TCCAcECAQAwZDELMAkGA1UEBhMCdXMxCzAJBgNVBAgTAm1hMRAwDgYDVQQH

-END NEW CERTIFICATE REQUEST-

Private key from OPENSSL

-BEGIN PRIVATE KEY-
MIIJQgIBADANBgkqhkiG9w0BAQEFAASCCSwwggkoAgEAAoICAQC5EqmuGM9nRQ5n
-END PRIVATE KEY-


You may have compromised your private key by posting it like this. I 
would start everything over again from scratch, starting with generating 
a new private key and CSR.


I use the CSR to submit a request to my company’s certificate server and 
I am able to download 2 files in DER format


The downloaded certificate has a name certnew.cer, the downloaded chain 
certificate has a name cernew.p7b and both appear to be binary because 
when I open them in notepad++ they are unreadable


.p12 and .p7 files are always binary. Are you able to get the files as 
PEM? That is, IMHO, the most convenient package format.


Not sure how I go about importing converting and importing these into my 
keystore using keytool.


The documenation is confusing to me as to what needs to be done.

https://tomcat.apache.org/tomcat-9.0-doc/ssl-howto.html 
the section on 
importing the certificate does nto go into how to convert or merge the 
certificate or the certificate chain and also does not say anyting about 
a private keyfile


Has anyone out there done this consistenly and successfully.


You should be able to use keytool -importcert as described here:

https://stackoverflow.com/questions/15814569/import-pkcs7-chained-certificate-using-keytool-command-to-jks

When you do all of this start-to-finish, basically you do the following:

1. $ keytool -genkeypair -alias 'mykey' (creates key + self-signed cert 
in keystore, plus CSR)


2. Send CSR to CA for signing, get signed cert in return

3. $ keytool -importcert -alias 'mykey'

This will UPDATE THE CERT in your keystore with the one signed by the 
CA. Now, you are ready to use the signed certificate with Tomcat.


But definitely start over with a new private key. The one you posted 
shouldn't be trusted anymore.


Hope that helps,
-chris

-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org

Need help installing SSL certificate in tomcat keystore

2024-05-30 Thread Fung-A-Fat, Mark 



I am running a java web app on windows 2019 server and need some help getting 
the SSL certificate installed into my keystore.

I am running tomcat 9.x and java 11

I am able to generate a certificate request using both keytool and/or openssl

For both the CSR file looks like this, but the openssl also generates a private 
key xxx.



-BEGIN NEW CERTIFICATE REQUEST-

MIIC2TCCAcECAQAwZDELMAkGA1UEBhMCdXMxCzAJBgNVBAgTAm1hMRAwDgYDVQQH

-END NEW CERTIFICATE REQUEST-



Private key from OPENSSL

-BEGIN PRIVATE KEY-

MIIJQgIBADANBgkqhkiG9w0BAQEFAASCCSwwggkoAgEAAoICAQC5EqmuGM9nRQ5n

-END PRIVATE KEY-



I use the CSR to submit a request to my company's certificate server and I am 
able to download 2 files in DER format

[cid:image002.png@01DAB26D.E0B15B70]

The downloaded certificate has a name certnew.cer, the downloaded chain 
certificate has a name cernew.p7b and both appear to be binary because when I 
open them in notepad++ they are unreadable

Not sure how I go about importing converting and importing these into my 
keystore using keytool.

The documenation is confusing to me as to what needs to be done.

https://tomcat.apache.org/tomcat-9.0-doc/ssl-howto.html  the section on 
importing the certificate does nto go into how to convert or merge the 
certificate or the certificate chain and also does not say anyting about a 
private keyfile

Has anyone out there done this consistenly and successfully.

Thanks for the help

mark

RE: Need help for a problem on migrating from Tomcat-8 to Tomcat-9

2024-02-27 Thread Saha, Rajib 
Hi Chris,

I got your point.

Actually, this service for us is a core service of our product, which control 
several core servers on it.
But, we will Definity see the options to unblock the dependency as you said.

Regards
Rajib

-Original Message-
From: Christopher Schultz 
Sent: 27 February 2024 19:51
To: users@tomcat.apache.org
Subject: Re: Need help for a problem on migrating from Tomcat-8 to Tomcat-9

[You don't often get email from ch...@christopherschultz.net. Learn why this is 
important at https://aka.ms/LearnAboutSenderIdentification ]

Rajib,

On 2/26/24 23:43, Saha, Rajib wrote:
> Hi Mark,
>
> Thanks for your explanation and suggestion.
> For my use case, I have used the below option and its working fine.
> =
> --ServiceUser="LocalSystem"
> =
>
> Thank you very much for showing the way. 😊

I'm glad you got your service working.

But.

Your next task should be to determine why you need to run your service
as (essentially) local-Administrator and fix it so you don't have to.
Anyone who is able to take control of your application will have
complete control of the local machine.

This is a huge red-flag from a security standpoint.

-chris

> -Original Message-
> From: Mark Thomas 
> Sent: 26 February 2024 14:23
> To: users@tomcat.apache.org
> Subject: Re: Need help for a problem on migrating from Tomcat-8 to Tomcat-9
>
> [You don't often get email from ma...@apache.org. Learn why this is important 
> at https://aka.ms/LearnAboutSenderIdentification ]
>
> On 26/02/2024 06:11, Saha, Rajib wrote:
>> Hi Experts,
>>
>> In our product, we are using Tomcat [OriginalFileName:  prunsrv.exe] for 
>> creating a service[Say, Service-A]. It's a huge product running in market 
>> for last 20 years.
>> We are in progress of moving from Tomcat-8 to tomcat-9.
>>
>> When we are creating the Service-A with Tomcat-8 [tomcat8.exe]. In 
>> "Services" desktop app, we can see the service is created with "Local 
>> System" in "Log On as".
>> When we are creating the Service-A with Tomcat-9 [tomcat9.exe]. in 
>> "Services" desktop app, we can see the service is created with "Local 
>> service" in "Log On as".
>>
>> Looks like "Local service" has less power than "Local System".
>> Due to it, Service-A created with Tomcat-9 failing for several operation 
>> inside product.
>
> That should be a security concern. Local System is broadly equivalent to
> local administrator. You generally don't want to be running Tomcat under
> Local System.
>
>> Can somebody suggest, how we can create a service with tomcat-9, with the 
>> privilege of "Local System"?
>
> Have you looked at the documentation?
>
> https://tomcat.apache.org/tomcat-9.0-doc/windows-service-howto.html
>
> Look for "--ServiceUser"
>
> Mark
>
> -
> To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
> For additional commands, e-mail: users-h...@tomcat.apache.org
>
>
> -
> To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
> For additional commands, e-mail: users-h...@tomcat.apache.org
>

-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org

Re: Need help for a problem on migrating from Tomcat-8 to Tomcat-9

2024-02-27 Thread Christopher Schultz 

Rajib,

On 2/26/24 23:43, Saha, Rajib wrote:

Hi Mark,

Thanks for your explanation and suggestion.
For my use case, I have used the below option and its working fine.
=
--ServiceUser="LocalSystem"
=

Thank you very much for showing the way. 😊


I'm glad you got your service working.

But.

Your next task should be to determine why you need to run your service 
as (essentially) local-Administrator and fix it so you don't have to. 
Anyone who is able to take control of your application will have 
complete control of the local machine.


This is a huge red-flag from a security standpoint.

-chris


-Original Message-
From: Mark Thomas 
Sent: 26 February 2024 14:23
To: users@tomcat.apache.org
Subject: Re: Need help for a problem on migrating from Tomcat-8 to Tomcat-9

[You don't often get email from ma...@apache.org. Learn why this is important 
at https://aka.ms/LearnAboutSenderIdentification ]

On 26/02/2024 06:11, Saha, Rajib wrote:

Hi Experts,

In our product, we are using Tomcat [OriginalFileName:  prunsrv.exe] for 
creating a service[Say, Service-A]. It's a huge product running in market for 
last 20 years.
We are in progress of moving from Tomcat-8 to tomcat-9.

When we are creating the Service-A with Tomcat-8 [tomcat8.exe]. In "Services" desktop app, we can 
see the service is created with "Local System" in "Log On as".
When we are creating the Service-A with Tomcat-9 [tomcat9.exe]. in "Services" desktop app, we can 
see the service is created with "Local service" in "Log On as".

Looks like "Local service" has less power than "Local System".
Due to it, Service-A created with Tomcat-9 failing for several operation inside 
product.


That should be a security concern. Local System is broadly equivalent to
local administrator. You generally don't want to be running Tomcat under
Local System.


Can somebody suggest, how we can create a service with tomcat-9, with the privilege of 
"Local System"?


Have you looked at the documentation?

https://tomcat.apache.org/tomcat-9.0-doc/windows-service-howto.html

Look for "--ServiceUser"

Mark

-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org


-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org



-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org

RE: Need help for a problem on migrating from Tomcat-8 to Tomcat-9

2024-02-26 Thread Saha, Rajib 
Hi Mark,

Thanks for your explanation and suggestion.
For my use case, I have used the below option and its working fine.
=
--ServiceUser="LocalSystem"
=

Thank you very much for showing the way. 😊

Regards
Rajib

-Original Message-
From: Mark Thomas 
Sent: 26 February 2024 14:23
To: users@tomcat.apache.org
Subject: Re: Need help for a problem on migrating from Tomcat-8 to Tomcat-9

[You don't often get email from ma...@apache.org. Learn why this is important 
at https://aka.ms/LearnAboutSenderIdentification ]

On 26/02/2024 06:11, Saha, Rajib wrote:
> Hi Experts,
>
> In our product, we are using Tomcat [OriginalFileName:  prunsrv.exe] for 
> creating a service[Say, Service-A]. It's a huge product running in market for 
> last 20 years.
> We are in progress of moving from Tomcat-8 to tomcat-9.
>
> When we are creating the Service-A with Tomcat-8 [tomcat8.exe]. In "Services" 
> desktop app, we can see the service is created with "Local System" in "Log On 
> as".
> When we are creating the Service-A with Tomcat-9 [tomcat9.exe]. in "Services" 
> desktop app, we can see the service is created with "Local service" in "Log 
> On as".
>
> Looks like "Local service" has less power than "Local System".
> Due to it, Service-A created with Tomcat-9 failing for several operation 
> inside product.

That should be a security concern. Local System is broadly equivalent to
local administrator. You generally don't want to be running Tomcat under
Local System.

> Can somebody suggest, how we can create a service with tomcat-9, with the 
> privilege of "Local System"?

Have you looked at the documentation?

https://tomcat.apache.org/tomcat-9.0-doc/windows-service-howto.html

Look for "--ServiceUser"

Mark

-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org


-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org

Re: Need help for a problem on migrating from Tomcat-8 to Tomcat-9

2024-02-26 Thread Mark Thomas 

On 26/02/2024 06:11, Saha, Rajib wrote:

Hi Experts,

In our product, we are using Tomcat [OriginalFileName:  prunsrv.exe] for 
creating a service[Say, Service-A]. It's a huge product running in market for 
last 20 years.
We are in progress of moving from Tomcat-8 to tomcat-9.

When we are creating the Service-A with Tomcat-8 [tomcat8.exe]. In "Services" desktop app, we can 
see the service is created with "Local System" in "Log On as".
When we are creating the Service-A with Tomcat-9 [tomcat9.exe]. in "Services" desktop app, we can 
see the service is created with "Local service" in "Log On as".

Looks like "Local service" has less power than "Local System".
Due to it, Service-A created with Tomcat-9 failing for several operation inside 
product.


That should be a security concern. Local System is broadly equivalent to 
local administrator. You generally don't want to be running Tomcat under 
Local System.



Can somebody suggest, how we can create a service with tomcat-9, with the privilege of 
"Local System"?


Have you looked at the documentation?

https://tomcat.apache.org/tomcat-9.0-doc/windows-service-howto.html

Look for "--ServiceUser"

Mark

-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org

Need help for a problem on migrating from Tomcat-8 to Tomcat-9

2024-02-25 Thread Saha, Rajib 
Hi Experts,

In our product, we are using Tomcat [OriginalFileName:  prunsrv.exe] for 
creating a service[Say, Service-A]. It's a huge product running in market for 
last 20 years.
We are in progress of moving from Tomcat-8 to tomcat-9.

When we are creating the Service-A with Tomcat-8 [tomcat8.exe]. In "Services" 
desktop app, we can see the service is created with "Local System" in "Log On 
as".
When we are creating the Service-A with Tomcat-9 [tomcat9.exe]. in "Services" 
desktop app, we can see the service is created with "Local service" in "Log On 
as".

Looks like "Local service" has less power than "Local System".
Due to it, Service-A created with Tomcat-9 failing for several operation inside 
product.

Can somebody suggest, how we can create a service with tomcat-9, with the 
privilege of "Local System"?

Please let me know, if any more details is required from my side.

Regards
Rajib

Re: Need Help : Unable to write back a response error code from ReadListener#onError

2023-10-31 Thread Adwait Kumar Singh 
Sorry for the wrong bug id. This is the one I filed,
https://bz.apache.org/bugzilla/show_bug.cgi?id=68037


On Tue, Oct 31, 2023 at 3:24 PM Adwait Kumar Singh 
wrote:

> AFAIK the response is not being committed.
>
> I created a bug for this with a reproducible test case,
> https://bz.apache.org/bugzilla/show_bug.cgi?id=54123
>
>
> On Tue, Oct 31, 2023 at 12:49 PM Mark Thomas  wrote:
>
>>
>>
>> On 30/10/2023 22:25, Adwait Kumar Singh wrote:
>> > Hi,
>> >
>> > I am using the async Servlet API and NIO, by setting a ReadListener.
>> >
>> > In the onError of the ReadListener, I am catching a
>> SocketTimeoutException
>> > and trying to send back an error code 408. Here is the simplified
>> example
>> > of what I am trying to do,
>> >
>> > @Override
>> >> public void onError(Throwable failure) {
>> >>  if(failure instanceof SocketTimeoutException) {
>> >>  response.sendError(408);
>> >>  request.getAsyncContext().complete();
>> >>  }
>> >> }
>> >>
>> >>
>> > However, Tomcat just refuses to send back the error I want and instead
>> just
>> > closes the connection. Am I missing something trivial or is this
>> supposed
>> > to be achieved in a different way?
>> >
>> > I am using Tomcat 9.0.82 and the Http11NioEndpoint.
>>
>> Has the response already been committed?
>>
>> If not, a minimal (ideally a single servlet) web application that
>> demonstrates the issue is often the easiest way for developers to
>> re-create the problem.
>>
>> Mark
>>
>> -
>> To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
>> For additional commands, e-mail: users-h...@tomcat.apache.org
>>
>>

Re: Need Help : Unable to write back a response error code from ReadListener#onError

2023-10-31 Thread Adwait Kumar Singh 
AFAIK the response is not being committed.

I created a bug for this with a reproducible test case,
https://bz.apache.org/bugzilla/show_bug.cgi?id=54123


On Tue, Oct 31, 2023 at 12:49 PM Mark Thomas  wrote:

>
>
> On 30/10/2023 22:25, Adwait Kumar Singh wrote:
> > Hi,
> >
> > I am using the async Servlet API and NIO, by setting a ReadListener.
> >
> > In the onError of the ReadListener, I am catching a
> SocketTimeoutException
> > and trying to send back an error code 408. Here is the simplified example
> > of what I am trying to do,
> >
> > @Override
> >> public void onError(Throwable failure) {
> >>  if(failure instanceof SocketTimeoutException) {
> >>  response.sendError(408);
> >>  request.getAsyncContext().complete();
> >>  }
> >> }
> >>
> >>
> > However, Tomcat just refuses to send back the error I want and instead
> just
> > closes the connection. Am I missing something trivial or is this supposed
> > to be achieved in a different way?
> >
> > I am using Tomcat 9.0.82 and the Http11NioEndpoint.
>
> Has the response already been committed?
>
> If not, a minimal (ideally a single servlet) web application that
> demonstrates the issue is often the easiest way for developers to
> re-create the problem.
>
> Mark
>
> -
> To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
> For additional commands, e-mail: users-h...@tomcat.apache.org
>
>

Re: Need Help : Unable to write back a response error code from ReadListener#onError

2023-10-31 Thread Mark Thomas 




On 30/10/2023 22:25, Adwait Kumar Singh wrote:

Hi,

I am using the async Servlet API and NIO, by setting a ReadListener.

In the onError of the ReadListener, I am catching a SocketTimeoutException
and trying to send back an error code 408. Here is the simplified example
of what I am trying to do,

@Override

public void onError(Throwable failure) {
 if(failure instanceof SocketTimeoutException) {
 response.sendError(408);
 request.getAsyncContext().complete();
 }
}



However, Tomcat just refuses to send back the error I want and instead just
closes the connection. Am I missing something trivial or is this supposed
to be achieved in a different way?

I am using Tomcat 9.0.82 and the Http11NioEndpoint.


Has the response already been committed?

If not, a minimal (ideally a single servlet) web application that 
demonstrates the issue is often the easiest way for developers to 
re-create the problem.


Mark

-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org

Re: Need Help : Unable to write back a response error code from ReadListener#onError

2023-10-30 Thread Adwait Kumar Singh 
FYI, I am doing the async processing on the Container thread itself, just
that I yield the thread back if I can't read without blocking.

Based on the code here
,
I see that the error is only dispatched if the request is not being
executed in the container thread.

On Mon, Oct 30, 2023 at 3:25 PM Adwait Kumar Singh 
wrote:

> Hi,
>
> I am using the async Servlet API and NIO, by setting a ReadListener.
>
> In the onError of the ReadListener, I am catching a SocketTimeoutException
> and trying to send back an error code 408. Here is the simplified example
> of what I am trying to do,
>
> @Override
>> public void onError(Throwable failure) {
>> if(failure instanceof SocketTimeoutException) {
>> response.sendError(408);
>> request.getAsyncContext().complete();
>> }
>> }
>>
>>
> However, Tomcat just refuses to send back the error I want and instead
> just closes the connection. Am I missing something trivial or is this
> supposed to be achieved in a different way?
>
> I am using Tomcat 9.0.82 and the Http11NioEndpoint.
>
>
> Thanks,
> Adwait.
>

Need Help : Unable to write back a response error code from ReadListener#onError

2023-10-30 Thread Adwait Kumar Singh 
Hi,

I am using the async Servlet API and NIO, by setting a ReadListener.

In the onError of the ReadListener, I am catching a SocketTimeoutException
and trying to send back an error code 408. Here is the simplified example
of what I am trying to do,

@Override
> public void onError(Throwable failure) {
> if(failure instanceof SocketTimeoutException) {
> response.sendError(408);
> request.getAsyncContext().complete();
> }
> }
>
>
However, Tomcat just refuses to send back the error I want and instead just
closes the connection. Am I missing something trivial or is this supposed
to be achieved in a different way?

I am using Tomcat 9.0.82 and the Http11NioEndpoint.


Thanks,
Adwait.

Re: Need Help : Tomcat 9.0.75 not honoring session timeout configured in tomcat web.xml for FORM Authentication

2023-10-27 Thread Christopher Schultz 

Channa,

On 10/27/23 00:07, Channa Puchakayala wrote:

Tomcat Version : 9.0.75

Operating System: Windows and Linux

Bits: 64

Tomcat 9.0.75 not honoring  session timeout configured in 
tomcat/conf/web.xml for FORM Authentication and it is effecting customers.


==

    

     30 // 30 minutes

     

=

Verified the Tomcat source code

-FormAuthenticator overriding above configured session timeout setting 
(30 minutes)  with value (120 seconds)


-As per FormAuthenticator.Java, this change/issue started from Tomcat 
Version : 9.0.74 for FORM Authentication and it overwrites the original 
session-timeout value


-This issue/behavior not observed in 9.0.73

Verified the Tomcat documentation

-Verified the tomcat changelog, there is a fix/change went in Tomcat 
9.0.74 below related to FORM Based Authentication Session @ 
https://tomcat.apache.org/tomcat-9.0-doc/changelog.html 
, looks which 
is causing this issue.



Can you please state clearly what the issue actually is? This is 
documented behavior of Tomcat. There is a well-documented setting that 
you can adjust if necessary.


Are you reporting a problem? If so, it is not clear from your message above.

What test did you perform?
What did you expect to happen?
What actually happened that was different from your expectation?

-chris


-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org

Re: Need Help : Tomcat 9.0.75 not honoring session timeout configured in tomcat web.xml for FORM Authentication

2023-10-26 Thread Mark Thomas 

1. Do not cross-post the same question to multiple lists.

2. Do not post the same question multiple times if you don't get an 
answer as quickly as you would like. We all all volunteers here. If you 
want a guaranteed SLA then pick you preferred vendor and pay for support.


Mark


27 Oct 2023 05:07:20 Channa Puchakayala 
:



Hi All,
 

Tomcat Version : 9.0.75
Operating System: Windows and Linux
Bits: 64   
 

Tomcat 9.0.75 not honoring  session timeout configured in 
tomcat/conf/web.xml for FORM Authentication and it is effecting 
customers.

==
   
    30 // 30 minutes
    
=
 

Verified the Tomcat source code
-    FormAuthenticator overriding above configured session timeout 
setting (30 minutes)  with value (120 seconds)
-    As per FormAuthenticator.Java, this change/issue started from 
Tomcat Version : 9.0.74 for FORM Authentication and it overwrites the 
original session-timeout value

-    This issue/behavior not observed in 9.0.73
 

Verified the Tomcat documentation
-    Verified the tomcat changelog, there is a fix/change went in 
Tomcat 9.0.74 below related to FORM Based Authentication Session @ 
https://tomcat.apache.org/tomcat-9.0-doc/changelog.html, looks which is 
causing this issue.


--
Harden the FORM authentication process against DoS attacks by using a 
reduced session timeout if the FORM authentication process creates a 
session. The duration of this timeout is configured by 
the *authenticationSessionTimeout* attribute of the FORM authenticator. 
(markt)


-
 

Is it bug ? Could you please help/suggest.
 

Thanks
Channa
 


This electronic communication and the information and any files 
transmitted with it, or attached to it, are confidential and are 
intended solely for the use of the individual or entity to whom it is 
addressed and may contain information that is confidential, legally 
privileged, protected by privacy laws, or otherwise restricted from 
disclosure to anyone else. If you are not the intended recipient or the 
person responsible for delivering the e-mail to the intended recipient, 
you are hereby notified that any use, copying, distributing, 
dissemination, forwarding, printing, or copying of this e-mail is 
strictly prohibited. If you received this e-mail in error, please 
return the e-mail to the sender, delete it from your computer, and 
destroy any printed copy of it.


-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org

Need Help : Tomcat 9.0.75 not honoring session timeout configured in tomcat web.xml for FORM Authentication

2023-10-26 Thread Channa Puchakayala 
Hi All,



Tomcat Version : 9.0.75

Operating System: Windows and Linux

Bits: 64



Tomcat 9.0.75 not honoring  session timeout configured in
tomcat/conf/web.xml for FORM Authentication and it is effecting customers.

==

   

30 // 30 minutes



=



Verified the Tomcat source code

-FormAuthenticator overriding above configured session timeout
setting (30 minutes)  with value (120 seconds)

-As per FormAuthenticator.Java, this change/issue started from
Tomcat Version : 9.0.74 for FORM Authentication and it overwrites the
original session-timeout value

-This issue/behavior not observed in 9.0.73



Verified the Tomcat documentation

-Verified the tomcat changelog, there is a fix/change went in
Tomcat 9.0.74 below related to FORM Based Authentication Session @
https://tomcat.apache.org/tomcat-9.0-doc/changelog.html, looks which is
causing this issue.

--

Harden the FORM authentication process against DoS attacks by using a
reduced session timeout if the FORM authentication process creates a
session. The duration of this timeout is configured by the
authenticationSessionTimeout attribute of the FORM authenticator. (markt)

-



Is it bug ? Could you please help/suggest.



Thanks

Channa

-- 
This electronic communication and the information and any files transmitted 
with it, or attached to it, are confidential and are intended solely for 
the use of the individual or entity to whom it is addressed and may contain 
information that is confidential, legally privileged, protected by privacy 
laws, or otherwise restricted from disclosure to anyone else. If you are 
not the intended recipient or the person responsible for delivering the 
e-mail to the intended recipient, you are hereby notified that any use, 
copying, distributing, dissemination, forwarding, printing, or copying of 
this e-mail is strictly prohibited. If you received this e-mail in error, 
please return the e-mail to the sender, delete it from your computer, and 
destroy any printed copy of it.


smime.p7s
Description: S/MIME Cryptographic Signature

Re: Need help tomcat

2023-10-03 Thread Mark Thomas 
Asking the same question over and over again isn't going to change the 
answer.


You need to contact the Eclipse community.

If we knew how Eclipse was determining the Tomcat version we might be 
able to suggest ways to trick Eclipse into thinking Tomcat 10.1.x was an 
earlier, supported version.


Mark


On 03/10/2023 06:27, Deepak Lalchandani wrote:

Mark,
   In Apache Tomcat website I can install 10.1 only ,when I
configure the server by clicking on Add server and select location of
tomcat server, it adds 10.1.3 and the error with red symbol appears


On Mon, 2 Oct 2023, 11:07 pm Deepak Lalchandani, 
wrote:


Hi Mark,
   In Apache Tomcat website I can install 10.1 only ,when I
configure the server by clicking on Add server and select location of
tomcat  server, it adds 10.1.3 and the  error with red symbol appears

Regards,
Deepak


On Mon, 2 Oct 2023, 10:58 pm Mark Thomas,  wrote:


On 02/10/2023 18:23, Deepak Lalchandani wrote:

The Apache Tomcat installation at this directory is version 10.1.13. A
Tomcat 10.0 installation is expected
The above is error message I'm getting.
Please resolve and screenshots are detached from e mail


The error looks pretty clear to me.

Eclipse is expecting an instance of Tomcat 10.0.x.

You are trying to use it with an instance of Tomcat 10.1.x.

This would be an issue for the Eclipse plugin you are using to either
provide support for 10.1.x or provide a workaround so you can use Tomcat
10.1.x.

Mark




On Mon, 2 Oct 2023, 5:31 pm Alex O'Ree,  wrote:


Assuming windows sc delete servicename

On Mon, Oct 2, 2023, 7:44 AM jean-frederic clere 
wrote:


On 10/1/23 09:02, Deepak Lalchandani wrote:

I have deleted and Uninstalled all tomcat services but despite that

the

tomcat service exists in services window . I want to delete the

services

permanently which is not happening

Please help

Deepak



Have you tried to remove the service using
https://commons.apache.org/proper/commons-daemon/procrun.html

//DS is the option to delete the service

--
Cheers

Jean-Frederic


-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org






-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org






-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org

Re: need help in solving CVE-2020-1938 error regards

2023-10-03 Thread Nithin P 
thanks mark,





Nithin P








 On Tue, 03 Oct 2023 15:05:31 +0530 Mark Thomas  wrote ---



On 03/10/2023 06:16, Nithin P wrote: 
> Hi, 
> 
> I'm using Apache Ofbiz v18.12.06 While I'm trying to upload an image for 
> vulnerability scanning it shows CVE-2020-1938. I have tried to update to the 
> latest version having the same issue, Does Anyone know where the tomcat conf 
> files are stored in the Apache OFBiz application or how to disable ajp 8009 
> protocol in Apache OFBiz thanks in advance. 
 
Those are all questions best asked to the Apache Ofbiz project. The 
Tomcat community has no visibility of how Ofbiz is using and/or 
configuring Tomcat. 
 
If Ofbiz is using server.xml (you can search for that file) you could 
try removing the AJP Connector element from that file. If Ofbiz is using 
embedded Tomcat then you'll definitely need to ask the Ofbiz folks. 
 
Mark 
 
- 
To unsubscribe, e-mail: mailto:users-unsubscr...@tomcat.apache.org 
For additional commands, e-mail: mailto:users-h...@tomcat.apache.org
This message contains confidential information and is intended only for the 
individual named. If you are not the named addressee you should not 
disseminate, distribute or copy this e-mail. You cannot use or forward any 
attachments in the email. Please notify the sender immediately by e-mail if you 
have received this e-mail by mistake and delete this e-mail from your system. 
Finally, the opinions disclosed by the sender do not have to reflect those of 
the company, therefore the company refuses to take any liability for the damage 
caused by the content of this email. Yobitel Communications Limited,  #11, 
Kingsley Mews, Ley Street, Ilford, London - IG1 4BT, United Kingdom.   
www.yobitel.com

Re: need help in solving CVE-2020-1938 error regards

2023-10-03 Thread Mark Thomas 

On 03/10/2023 06:16, Nithin P wrote:

Hi,

I'm using Apache Ofbiz v18.12.06 While I'm trying to upload an image for 
vulnerability scanning it shows CVE-2020-1938. I have tried to update to the 
latest version having the same issue, Does Anyone know where the tomcat conf 
files are stored in the Apache OFBiz application or how to disable ajp 8009 
protocol in Apache OFBiz thanks in advance.


Those are all questions best asked to the Apache Ofbiz project. The 
Tomcat community has no visibility of how Ofbiz is using and/or 
configuring Tomcat.


If Ofbiz is using server.xml (you can search for that file) you could 
try removing the AJP Connector element from that file. If Ofbiz is using 
embedded Tomcat then you'll definitely need to ask the Ofbiz folks.


Mark

-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org

Re: Need help tomcat

2023-10-02 Thread Nithin P 
Nithin P








 On Tue, 03 Oct 2023 10:57:15 +0530 Deepak Lalchandani 
 wrote ---



Mark, 
 In Apache Tomcat website I can install 10.1 only ,when I 
configure the server by clicking on Add server and select location of 
tomcat server, it adds 10.1.3 and the error with red symbol appears 
 
 
On Mon, 2 Oct 2023, 11:07 pm Deepak Lalchandani, 
 
wrote: 
 
> Hi Mark, 
>   In Apache Tomcat website I can install 10.1 only ,when I 
> configure the server by clicking on Add server and select location of 
> tomcat  server, it adds 10.1.3 and the  error with red symbol appears 
> 
> Regards, 
> Deepak 
> 
> 
> On Mon, 2 Oct 2023, 10:58 pm Mark Thomas,  wrote: 
> 
>> On 02/10/2023 18:23, Deepak Lalchandani wrote: 
>> > The Apache Tomcat installation at this directory is version 10.1.13. A 
>> > Tomcat 10.0 installation is expected 
>> > The above is error message I'm getting. 
>> > Please resolve and screenshots are detached from e mail 
>> 
>> The error looks pretty clear to me. 
>> 
>> Eclipse is expecting an instance of Tomcat 10.0.x. 
>> 
>> You are trying to use it with an instance of Tomcat 10.1.x. 
>> 
>> This would be an issue for the Eclipse plugin you are using to either 
>> provide support for 10.1.x or provide a workaround so you can use Tomcat 
>> 10.1.x. 
>> 
>> Mark 
>> 
>> 
>> > 
>> > On Mon, 2 Oct 2023, 5:31 pm Alex O'Ree,  
>> > wrote: 
>> > 
>> >> Assuming windows sc delete servicename 
>> >> 
>> >> On Mon, Oct 2, 2023, 7:44 AM jean-frederic clere 
>> >>  
>> >> wrote: 
>> >> 
>> >>> On 10/1/23 09:02, Deepak Lalchandani wrote: 
>>  I have deleted and Uninstalled all tomcat services but despite that 
>> the 
>>  tomcat service exists in services window . I want to delete the 
>> services 
>>  permanently which is not happening 
>>  
>>  Please help 
>>  
>>  Deepak 
>>  
>> >>> 
>> >>> Have you tried to remove the service using 
>> >>> https://commons.apache.org/proper/commons-daemon/procrun.html 
>> >>> 
>> >>> //DS is the option to delete the service 
>> >>> 
>> >>> -- 
>> >>> Cheers 
>> >>> 
>> >>> Jean-Frederic 
>> >>> 
>> >>> 
>> >>> - 
>> >>> To unsubscribe, e-mail: mailto:users-unsubscr...@tomcat.apache.org 
>> >>> For additional commands, e-mail: mailto:users-h...@tomcat.apache.org 
>> >>> 
>> >>> 
>> > 
>>




 >Hi, 



I'm using Apache Ofbiz v18.12.06 While I'm trying to upload an image for 
vulnerability scanning it shows CVE-2020-1938. I have tried to update to the 
latest version having the same issue, Does Anyone know where the tomcat conf 
files are stored in the Apache OFBiz application or how to disable ajp 8009 
protocol in Apache OFBiz thanks in advance.




>> - 
>> To unsubscribe, e-mail: mailto:users-unsubscr...@tomcat.apache.org 
>> For additional commands, e-mail: mailto:users-h...@tomcat.apache.org 
>> 
>>
This message contains confidential information and is intended only for the 
individual named. If you are not the named addressee you should not 
disseminate, distribute or copy this e-mail. You cannot use or forward any 
attachments in the email. Please notify the sender immediately by e-mail if you 
have received this e-mail by mistake and delete this e-mail from your system. 
Finally, the opinions disclosed by the sender do not have to reflect those of 
the company, therefore the company refuses to take any liability for the damage 
caused by the content of this email. Yobitel Communications Limited,  #11, 
Kingsley Mews, Ley Street, Ilford, London - IG1 4BT, United Kingdom.   
www.yobitel.com

Re: Need help tomcat

2023-10-02 Thread Deepak Lalchandani 
Mark,
  In Apache Tomcat website I can install 10.1 only ,when I
configure the server by clicking on Add server and select location of
tomcat server, it adds 10.1.3 and the error with red symbol appears


On Mon, 2 Oct 2023, 11:07 pm Deepak Lalchandani, 
wrote:

> Hi Mark,
>   In Apache Tomcat website I can install 10.1 only ,when I
> configure the server by clicking on Add server and select location of
> tomcat  server, it adds 10.1.3 and the  error with red symbol appears
>
> Regards,
> Deepak
>
>
> On Mon, 2 Oct 2023, 10:58 pm Mark Thomas,  wrote:
>
>> On 02/10/2023 18:23, Deepak Lalchandani wrote:
>> > The Apache Tomcat installation at this directory is version 10.1.13. A
>> > Tomcat 10.0 installation is expected
>> > The above is error message I'm getting.
>> > Please resolve and screenshots are detached from e mail
>>
>> The error looks pretty clear to me.
>>
>> Eclipse is expecting an instance of Tomcat 10.0.x.
>>
>> You are trying to use it with an instance of Tomcat 10.1.x.
>>
>> This would be an issue for the Eclipse plugin you are using to either
>> provide support for 10.1.x or provide a workaround so you can use Tomcat
>> 10.1.x.
>>
>> Mark
>>
>>
>> >
>> > On Mon, 2 Oct 2023, 5:31 pm Alex O'Ree,  wrote:
>> >
>> >> Assuming windows sc delete servicename
>> >>
>> >> On Mon, Oct 2, 2023, 7:44 AM jean-frederic clere 
>> >> wrote:
>> >>
>> >>> On 10/1/23 09:02, Deepak Lalchandani wrote:
>>  I have deleted and Uninstalled all tomcat services but despite that
>> the
>>  tomcat service exists in services window . I want to delete the
>> services
>>  permanently which is not happening
>> 
>>  Please help
>> 
>>  Deepak
>> 
>> >>>
>> >>> Have you tried to remove the service using
>> >>> https://commons.apache.org/proper/commons-daemon/procrun.html
>> >>>
>> >>> //DS is the option to delete the service
>> >>>
>> >>> --
>> >>> Cheers
>> >>>
>> >>> Jean-Frederic
>> >>>
>> >>>
>> >>> -
>> >>> To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
>> >>> For additional commands, e-mail: users-h...@tomcat.apache.org
>> >>>
>> >>>
>> >
>>
>> -
>> To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
>> For additional commands, e-mail: users-h...@tomcat.apache.org
>>
>>

need help in solving CVE-2020-1938 error regards

2023-10-02 Thread Nithin P 
Hi, 



I'm using Apache Ofbiz v18.12.06 While I'm trying to upload an image for 
vulnerability scanning it shows CVE-2020-1938. I have tried to update to the 
latest version having the same issue, Does Anyone know where the tomcat conf 
files are stored in the Apache OFBiz application or how to disable ajp 8009 
protocol in Apache OFBiz thanks in advance.
This message contains confidential information and is intended only for the 
individual named. If you are not the named addressee you should not 
disseminate, distribute or copy this e-mail. You cannot use or forward any 
attachments in the email. Please notify the sender immediately by e-mail if you 
have received this e-mail by mistake and delete this e-mail from your system. 
Finally, the opinions disclosed by the sender do not have to reflect those of 
the company, therefore the company refuses to take any liability for the damage 
caused by the content of this email. Yobitel Communications Limited,  #11, 
Kingsley Mews, Ley Street, Ilford, London - IG1 4BT, United Kingdom.   
www.yobitel.com

Re: Need help tomcat

2023-10-02 Thread Deepak Lalchandani 
Hi Mark,
  In Apache Tomcat website I can install 10.1 only ,when I
configure the server by clicking on Add server and select location of
tomcat  server, it adds 10.1.3 and the  error with red symbol appears

Regards,
Deepak


On Mon, 2 Oct 2023, 10:58 pm Mark Thomas,  wrote:

> On 02/10/2023 18:23, Deepak Lalchandani wrote:
> > The Apache Tomcat installation at this directory is version 10.1.13. A
> > Tomcat 10.0 installation is expected
> > The above is error message I'm getting.
> > Please resolve and screenshots are detached from e mail
>
> The error looks pretty clear to me.
>
> Eclipse is expecting an instance of Tomcat 10.0.x.
>
> You are trying to use it with an instance of Tomcat 10.1.x.
>
> This would be an issue for the Eclipse plugin you are using to either
> provide support for 10.1.x or provide a workaround so you can use Tomcat
> 10.1.x.
>
> Mark
>
>
> >
> > On Mon, 2 Oct 2023, 5:31 pm Alex O'Ree,  wrote:
> >
> >> Assuming windows sc delete servicename
> >>
> >> On Mon, Oct 2, 2023, 7:44 AM jean-frederic clere 
> >> wrote:
> >>
> >>> On 10/1/23 09:02, Deepak Lalchandani wrote:
>  I have deleted and Uninstalled all tomcat services but despite that
> the
>  tomcat service exists in services window . I want to delete the
> services
>  permanently which is not happening
> 
>  Please help
> 
>  Deepak
> 
> >>>
> >>> Have you tried to remove the service using
> >>> https://commons.apache.org/proper/commons-daemon/procrun.html
> >>>
> >>> //DS is the option to delete the service
> >>>
> >>> --
> >>> Cheers
> >>>
> >>> Jean-Frederic
> >>>
> >>>
> >>> -
> >>> To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
> >>> For additional commands, e-mail: users-h...@tomcat.apache.org
> >>>
> >>>
> >
>
> -
> To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
> For additional commands, e-mail: users-h...@tomcat.apache.org
>
>

Re: Need help tomcat

2023-10-02 Thread Mark Thomas 

On 02/10/2023 18:23, Deepak Lalchandani wrote:

The Apache Tomcat installation at this directory is version 10.1.13. A
Tomcat 10.0 installation is expected
The above is error message I'm getting.
Please resolve and screenshots are detached from e mail


The error looks pretty clear to me.

Eclipse is expecting an instance of Tomcat 10.0.x.

You are trying to use it with an instance of Tomcat 10.1.x.

This would be an issue for the Eclipse plugin you are using to either 
provide support for 10.1.x or provide a workaround so you can use Tomcat 
10.1.x.


Mark




On Mon, 2 Oct 2023, 5:31 pm Alex O'Ree,  wrote:


Assuming windows sc delete servicename

On Mon, Oct 2, 2023, 7:44 AM jean-frederic clere 
wrote:


On 10/1/23 09:02, Deepak Lalchandani wrote:

I have deleted and Uninstalled all tomcat services but despite that the
tomcat service exists in services window . I want to delete the services
permanently which is not happening

Please help

Deepak



Have you tried to remove the service using
https://commons.apache.org/proper/commons-daemon/procrun.html

//DS is the option to delete the service

--
Cheers

Jean-Frederic


-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org






-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org

Re: [EXTERNAL] - Need help tomcat

2023-10-02 Thread Deepak Lalchandani 
The Apache Tomcat installation at this directory is version 10.1.13. A
Tomcat 10.0 installation is expected



On Mon, 2 Oct 2023, 1:43 pm Olaf Kock,  wrote:

>
> On 02.10.23 10:07, Deepak Lalchandani wrote:
> > Hi Please advice , Where to send the screenshot
> >
> Hi Deepak,
>
> You're dealing with textual messages, right? Just send the text - it's
> easier to read, search for etc anyway.
>
> Olaf
>
>
> -
> To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
> For additional commands, e-mail: users-h...@tomcat.apache.org
>
>

Re: Need help tomcat

2023-10-02 Thread Deepak Lalchandani 
The Apache Tomcat installation at this directory is version 10.1.13. A
Tomcat 10.0 installation is expected
The above is error message I'm getting.
Please resolve and screenshots are detached from e mail

On Mon, 2 Oct 2023, 5:31 pm Alex O'Ree,  wrote:

> Assuming windows sc delete servicename
>
> On Mon, Oct 2, 2023, 7:44 AM jean-frederic clere 
> wrote:
>
>> On 10/1/23 09:02, Deepak Lalchandani wrote:
>> > I have deleted and Uninstalled all tomcat services but despite that the
>> > tomcat service exists in services window . I want to delete the services
>> > permanently which is not happening
>> >
>> > Please help
>> >
>> > Deepak
>> >
>>
>> Have you tried to remove the service using
>> https://commons.apache.org/proper/commons-daemon/procrun.html
>>
>> //DS is the option to delete the service
>>
>> --
>> Cheers
>>
>> Jean-Frederic
>>
>>
>> -
>> To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
>> For additional commands, e-mail: users-h...@tomcat.apache.org
>>
>>

Re: Need help tomcat

2023-10-02 Thread Alex O'Ree 
Assuming windows sc delete servicename

On Mon, Oct 2, 2023, 7:44 AM jean-frederic clere  wrote:

> On 10/1/23 09:02, Deepak Lalchandani wrote:
> > I have deleted and Uninstalled all tomcat services but despite that the
> > tomcat service exists in services window . I want to delete the services
> > permanently which is not happening
> >
> > Please help
> >
> > Deepak
> >
>
> Have you tried to remove the service using
> https://commons.apache.org/proper/commons-daemon/procrun.html
>
> //DS is the option to delete the service
>
> --
> Cheers
>
> Jean-Frederic
>
>
> -
> To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
> For additional commands, e-mail: users-h...@tomcat.apache.org
>
>

Re: Need help tomcat

2023-10-02 Thread jean-frederic clere 

On 10/1/23 09:02, Deepak Lalchandani wrote:

I have deleted and Uninstalled all tomcat services but despite that the
tomcat service exists in services window . I want to delete the services
permanently which is not happening

Please help

Deepak



Have you tried to remove the service using 
https://commons.apache.org/proper/commons-daemon/procrun.html


//DS is the option to delete the service

--
Cheers

Jean-Frederic


-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org

Re: [EXTERNAL] - Need help tomcat

2023-10-02 Thread Olaf Kock 



On 02.10.23 10:07, Deepak Lalchandani wrote:

Hi Please advice , Where to send the screenshot


Hi Deepak,

You're dealing with textual messages, right? Just send the text - it's 
easier to read, search for etc anyway.


Olaf


-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org

Re: [EXTERNAL] - Need help tomcat

2023-10-02 Thread Deepak Lalchandani 
Hi Please advice , Where to send the screenshot

On Mon, 2 Oct 2023, 12:36 pm Simon Matter,  wrote:

> > Yes I have deleted them and again I have sent a email with screenshot.
> > Please check that.
> >
> > Regards,
> > Deepak
>
> Hi,
>
> please note that attachments are not delivered on this mailing list.
>
> Regards,
> Simon
>
>
> -
> To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
> For additional commands, e-mail: users-h...@tomcat.apache.org
>
>

Re: [EXTERNAL] - Need help tomcat

2023-10-02 Thread Simon Matter 
> Yes I have deleted them and again I have sent a email with screenshot.
> Please check that.
>
> Regards,
> Deepak

Hi,

please note that attachments are not delivered on this mailing list.

Regards,
Simon


-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org

Re: [EXTERNAL] - Need help tomcat

2023-10-01 Thread Deepak Lalchandani 
Yes I have deleted them and again I have sent a email with screenshot.
Please check that.

Regards,
Deepak

On Mon, 2 Oct 2023, 4:05 am Jason Tan,  wrote:

> Did you use one of these methods to remove the window service of Tomcat ?
>
> https://helpdeskgeek.com/windows-xp-tips/4-ways-to-delete-or-remove-a-service-in-windows/
>
> Best Regards,
> Jason Tan
> -Original Message-
> From: Deepak Lalchandani 
> Sent: Sunday, October 1, 2023 6:03 PM
> To: users@tomcat.apache.org; Deepak Lalchandani 
> Subject: [EXTERNAL] - Need help tomcat
>
> CAUTION: This email originated from outside of the organization. Do not
> click links or open attachments unless you recognize the sender and know
> the content is safe. If you feel that the email is suspicious, please
> report it using PhishAlarm.
>
>
> I have deleted and Uninstalled all tomcat services but despite that the
> tomcat service exists in services window . I want to delete the services
> permanently which is not happening
>
> Please help
>
> Deepak
>

Re: Need help tomcat

2023-10-01 Thread Deepak Lalchandani 
The Apache Tomcat installation at this directory is version 10.1.13. A
Tomcat 10.0 installation is expected


Screenshot  attached

Please provide steps to correct this
I installed tomcat 10.1 from apache website


Thanks and Regards,
Deepak

On Mon, 2 Oct 2023, 2:44 am Frank Tornack,  wrote:

> Hi
>
> do you mean windows services or systemd services?
> In powershell you can use this 2 lines
> Remove-Service -Name "YourServiceName"
> sc.exe delete "YourServiceName"
>
> this should remove the service and registry for the service
>
>
> Am Sonntag, dem 01.10.2023 um 12:32 +0530 schrieb Deepak Lalchandani:
> > I have deleted and Uninstalled all tomcat services but despite that
> > the
> > tomcat service exists in services window . I want to delete the
> > services
> > permanently which is not happening
> >
> > Please help
> >
> > Deepak
>
>

-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org

Need help tomcat

2023-10-01 Thread Deepak Lalchandani 
I have deleted and Uninstalled all tomcat services but despite that the
tomcat service exists in services window . I want to delete the services
permanently which is not happening

Please help

Deepak

Re: [OT] Apache Tomcat 10.0.26 Shortcut issue in our environment - Need Help

2023-04-05 Thread Christopher Schultz 

Sriharikumar,

On 4/5/23 07:04, P M, SRIHARIKUMAR (Consultant) wrote:
While validating source for Apache Tomcat 10.0.26, The shortcut is 
throwing error while launching. Please find the results below


Tomcat Version : 10.0.26


End of life: https://tomcat.apache.org/tomcat-10.0-eol.html


Operating system : Windows 10
I was sure this was EOL as well, but it's not. Microsoft just pretends 
it doesn't exist anymore ;)



Dependency : JAVA SDK 11 is installed.

*Error :*“ The item referred to by this shortcut cannot be accessed. You 
may not have appropriate Permission”.


Method tried but still could not make shortcut work:

 1. Searched in Google and tried removing shortcut and created manually.
 2. Rebooted the system and checked.
 3. Started the Tomcat Service Manually and checked.


Does this work?


 4. Provided Permission to the Shortcut pointing exe and tried.
 5. Tried more than 5 Machines to make sure if its due to any machine
related issue.

 1. Error while launching Configure Tomcat Shortcut.

 2. Error while launching Monitor Tomcat Shortcut.

 3. Error while launching Tomcat Manager Shortcut.



Do you need to use a shortcut? What happens if you point your service 
directly at the binary?


-chris

-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org

Re: Apache Tomcat 10.0.26 Shortcut issue in our environment - Need Help

2023-04-05 Thread Rob Sargent 


> On Apr 5, 2023, at 5:04 AM, P M, SRIHARIKUMAR (Consultant) 
>  wrote:
> 
> 
> Hi Team,
>  
> While validating source for Apache Tomcat 10.0.26, The shortcut is throwing 
> error while launching. Please find the results below
>  
> Tomcat Version : 10.0.26
>  
> Operating system : Windows 10
>  
> Dependency : JAVA SDK 11 is installed.
>  
> Error : “ The item referred to by this shortcut cannot be accessed. You may 
> not have appropriate Permission”.
>  
> Method tried but still could not make shortcut work:
>  
> Searched in Google and tried removing shortcut and created manually.
> Rebooted the system and checked.
> Started the Tomcat Service Manually and checked.
> Provided Permission to the Shortcut pointing exe and tried.
> Tried more than 5 Machines to make sure if its due to any machine related 
> issue.
>  
> Error while launching Configure Tomcat Shortcut.
>  
>  

Pictures don’t work on this list. Get the text (as text)
> 
>  
>  
> Error while launching Monitor Tomcat Shortcut.
>  
>  
> 
>  
>  
> Error while launching Tomcat Manager Shortcut.
>  
>  
> 
>  
>  
> Thanks & Regards
> Sriharikumar PM
>  
>

Re: Apache Tomcat 10.0.26 Shortcut issue in our environment - Need Help

2023-04-05 Thread Kevin Huntly 
Hi Sriharikumar,

It looks like the images were stripped from the email... When you have a
chance, can you run the following on the Tomcat executable:

Open Powershell
Navigate to the Tomcat installation directory
Run the following:
  - Get-Acl tomcat.exe

On Wed, Apr 5, 2023, 07:04 P M, SRIHARIKUMAR (Consultant)
 wrote:

> Hi Team,
>
>
>
> While validating source for Apache Tomcat 10.0.26, The shortcut is
> throwing error while launching. Please find the results below
>
>
>
> Tomcat Version : 10.0.26
>
>
>
> Operating system : Windows 10
>
>
>
> Dependency : JAVA SDK 11 is installed.
>
>
>
> *Error :* “ The item referred to by this shortcut cannot be accessed. You
> may not have appropriate Permission”.
>
>
>
> Method tried but still could not make shortcut work:
>
>
>
>1. Searched in Google and tried removing shortcut and created manually.
>2. Rebooted the system and checked.
>3. Started the Tomcat Service Manually and checked.
>4. Provided Permission to the Shortcut pointing exe and tried.
>5. Tried more than 5 Machines to make sure if its due to any machine
>related issue.
>
>
>
>1. Error while launching Configure Tomcat Shortcut.
>
>
>
>
>
>
>
>
>
>1. Error while launching Monitor Tomcat Shortcut.
>
>
>
>
>
>
>
>
>
>1. Error while launching Tomcat Manager Shortcut.
>
>
>
>
>
>
>
>
>
> Thanks & Regards
>
> Sriharikumar PM
>
>
>
>
>

Apache Tomcat 10.0.26 Shortcut issue in our environment - Need Help

2023-04-05 Thread P M, SRIHARIKUMAR (Consultant) 
Hi Team,

While validating source for Apache Tomcat 10.0.26, The shortcut is throwing 
error while launching. Please find the results below

Tomcat Version : 10.0.26

Operating system : Windows 10

Dependency : JAVA SDK 11 is installed.

Error : " The item referred to by this shortcut cannot be accessed. You may not 
have appropriate Permission".

Method tried but still could not make shortcut work:


  1.  Searched in Google and tried removing shortcut and created manually.
  2.  Rebooted the system and checked.
  3.  Started the Tomcat Service Manually and checked.
  4.  Provided Permission to the Shortcut pointing exe and tried.
  5.  Tried more than 5 Machines to make sure if its due to any machine related 
issue.


  1.  Error while launching Configure Tomcat Shortcut.


[cid:image003.png@01D967D6.F9D4DEC0]



  1.  Error while launching Monitor Tomcat Shortcut.


[cid:image005.png@01D967D6.F9D4DEC0]



  1.  Error while launching Tomcat Manager Shortcut.


[cid:image002.png@01D961AE.E6EFCFA0]


Thanks & Regards
Sriharikumar PM

Re: Need help on ssl handshake logging for audit purpose

2021-06-10 Thread Mark Thomas 

On 10/06/2021 12:40, Ragavendhiran Bhiman (rabhiman) wrote:

Any help please?


Exact JDK name and version?

Mark




From: Ragavendhiran Bhiman (rabhiman) 
Date: Wednesday, 9 June 2021 at 7:37 PM
To: Tomcat Users List 
Subject: Re: Need help on ssl handshake logging for audit purpose
Hi John

I am getting the output like this

10966181161114832473721710433823523866273491920411012289522541835156
0451112281652151321572412101201618710026238431618119549401121401171233324158

42501341314694224184221573623625026123232102239748963162282031315479568415410816714824988456515811161712381042357237101163207528011232191246200181691271811772110:
 A8 3C 2E B6 4E DD 31 26   AB F1 06 00 8C 2E E8 4F  .<..N.1&...O
0010: D4 92 83 35 E1 DA 1D E7   A1 C8 CB E5 5A 2E DB FA  ...5Z...
: 60 C0 4A 1A 6D 42 B5 A1   72 53 F7 25 D9 68 03 26  `.J.mB..rS.%.h.&
0010: EB EE 42 1B 03 31 13 CC   6E 7A 59 34 FE B7 05 9C  ..B..1..nzY4
: 22 70 51 FA 2D 6F E4 A5   D7 84 9D F1 D2 78 A1 57  "pQ.-o...x.W
0010: 64 1A EE 2B A1 51 C3 31   28 70 8C 75 7B 21 F1 3A  d..+.Q.1(p.u.!.:
: 83 04 6C 63 69 8A E8 0B   F5 43 9E 05 0C 0A E8 16  ..lciC..
0010: 96 93 E4 6A 87 13 F6 7D   0D 1D 20 08 27 31 82 27  ...j.. .'1.'
0020: 1B 8A F0 18 D2 DD 5E BB   0A DF A6 E2 14 81 E3 DC  ..^.
: 4A D4 E5 68 C2 63 F8 91   3D 76 B3 41 41 07 67 6D  J..h.c..=v.AA.gm
: 57 8A 27 73 2F B5 16 24   03 A3 21 37 D1 F4 29 32  W.'s/..$..!7..)2
: 4C B5 BB 4FL..O
: B4 B7 59 3B..Y;
22618924724621010316224313810322810210322025425412734108751091578720586134212421861742242322282151444201162195251381361052262242071952223010517584
086134212421861742242322282151444201162195251381361052262242071952223010517584
050168210587015618110341164162418918160185202512541454715622811317821717232
050168210587015618110341164162418918160185202512541454715622811317821717232
017018119731266076432682421698238201241421872101374251165943619924771
017018119731266076432682421698238201241421872101374251165943619924771
0197513234491791511232391311646424511639144164531851431382451535291109105173
0197513234491791511232391311646424511639144164531851431382451535291109105173
0165273404544562229869431866751661420731628519075881212516497
0165273404544562229869431866751661420731628519075881212516497
0162215220131114313012964121735315431197818226189183158121672152730255135
0162215220131114313012964121735315431197818226189183158121672152730255135
0174251623522412132441636156193199643314391140113617521632383522891177
0174251623522412132441636156193199643314391140113617521632383522891177
016172153323923311721332236451412341979725524824323115820018920327155244
016172153323923311721332236451412341979725524824323115820018920327155244
02555162931826317721088252116103172112174681781811831591951062001732151285667
02555162931826317721088252116103172112174681781811831591951062001732151285667
02434513417921281596377905722819048352231781071546621230722431053615071
02434513417921281596377905722819048352231781071546621230722431053615071
0341744557183234171232141168229125938115013199142137050247921521265183188
0341744557183234171232141168229125938115013199142137050247921521265183188
013962213818324423661197416712420868203102001795024773201441213623025467
013962213818324423661197416712420868203102001795024773201441213623025467
02263295187184129931764824618134152429721124328179572171522446620714230247
02263295187184129931764824618134152429721124328179572171522446620714230247
025210871552362171396122248195434021117619979659286210176194770163241139
025210871552362171396122248195434021117619979659286210176194770163241139
028159162521301292351143532172061711341592073874203241142251185189489420
028159162521301292351143532172061711341592073874203241142251185189489420
03956222114828171171751315334156124240187685701262397019722317714025541
020363141169591622613713314615297431001152129929143100621753222047191159
: 60 C0 4A 36 03 5F 3E DD   94 1C AB AB 4B 83 35 22  `.J6._>.K.5"
0010: 9C 7C F0 BB 44 39 00 7E   EF 46 C5 DF B1 8C FF 29  D9...F.)
: 83 F1 8F 38 CB 3F 8D A9   3B A2 1A 89 85 92 98 61  ...8.?..;..a
0010: 2B 64 73 D4 63 1D 8F 64   3E 11 35 16 CC 47 5B 9F  +ds.c..d>.5..G[.
: FC 59 08 24 49 7F 24 E5   17 98 15 9C 6D 4D CF 34  .Y.$I.$.mM.4
0010: 45 C6 58 A9 45 5A 78 38   0D 4F 52 1A 65 43 B0 2C  E.X.EZx8.OR.eC.,
0020: 17 C4 B5 23 DE 57 15 60   2C 65 24 B6 2B 9A 31 AE  ...#.W.`,e$.+.1.
: CD F2 EE 3C 1C D1 1F 13   A5 EB AA 8A DA EF A2 09  ...<
: 6F 30 03 F9 0E C4 79 F1   C8 2E E3 57 6F 90 26 C8  o0yWo.&.
: 34 24 0E D74$..
: 2B D4 B7 01+...
18221835149659103228381331551575241147331031321291661321159

No client Hello messages etc., in the Catalina.out log.
I tried to change the enc

Re: Need help on ssl handshake logging for audit purpose

2021-06-10 Thread Ragavendhiran Bhiman (rabhiman) 
Any help please?

From: Ragavendhiran Bhiman (rabhiman) 
Date: Wednesday, 9 June 2021 at 7:37 PM
To: Tomcat Users List 
Subject: Re: Need help on ssl handshake logging for audit purpose
Hi John

I am getting the output like this

10966181161114832473721710433823523866273491920411012289522541835156
0451112281652151321572412101201618710026238431618119549401121401171233324158

42501341314694224184221573623625026123232102239748963162282031315479568415410816714824988456515811161712381042357237101163207528011232191246200181691271811772110:
 A8 3C 2E B6 4E DD 31 26   AB F1 06 00 8C 2E E8 4F  .<..N.1&...O
0010: D4 92 83 35 E1 DA 1D E7   A1 C8 CB E5 5A 2E DB FA  ...5Z...
: 60 C0 4A 1A 6D 42 B5 A1   72 53 F7 25 D9 68 03 26  `.J.mB..rS.%.h.&
0010: EB EE 42 1B 03 31 13 CC   6E 7A 59 34 FE B7 05 9C  ..B..1..nzY4
: 22 70 51 FA 2D 6F E4 A5   D7 84 9D F1 D2 78 A1 57  "pQ.-o...x.W
0010: 64 1A EE 2B A1 51 C3 31   28 70 8C 75 7B 21 F1 3A  d..+.Q.1(p.u.!.:
: 83 04 6C 63 69 8A E8 0B   F5 43 9E 05 0C 0A E8 16  ..lciC..
0010: 96 93 E4 6A 87 13 F6 7D   0D 1D 20 08 27 31 82 27  ...j.. .'1.'
0020: 1B 8A F0 18 D2 DD 5E BB   0A DF A6 E2 14 81 E3 DC  ..^.
: 4A D4 E5 68 C2 63 F8 91   3D 76 B3 41 41 07 67 6D  J..h.c..=v.AA.gm
: 57 8A 27 73 2F B5 16 24   03 A3 21 37 D1 F4 29 32  W.'s/..$..!7..)2
: 4C B5 BB 4FL..O
: B4 B7 59 3B..Y;
22618924724621010316224313810322810210322025425412734108751091578720586134212421861742242322282151444201162195251381361052262242071952223010517584
086134212421861742242322282151444201162195251381361052262242071952223010517584
050168210587015618110341164162418918160185202512541454715622811317821717232
050168210587015618110341164162418918160185202512541454715622811317821717232
017018119731266076432682421698238201241421872101374251165943619924771
017018119731266076432682421698238201241421872101374251165943619924771
0197513234491791511232391311646424511639144164531851431382451535291109105173
0197513234491791511232391311646424511639144164531851431382451535291109105173
0165273404544562229869431866751661420731628519075881212516497
0165273404544562229869431866751661420731628519075881212516497
0162215220131114313012964121735315431197818226189183158121672152730255135
0162215220131114313012964121735315431197818226189183158121672152730255135
0174251623522412132441636156193199643314391140113617521632383522891177
0174251623522412132441636156193199643314391140113617521632383522891177
016172153323923311721332236451412341979725524824323115820018920327155244
016172153323923311721332236451412341979725524824323115820018920327155244
02555162931826317721088252116103172112174681781811831591951062001732151285667
02555162931826317721088252116103172112174681781811831591951062001732151285667
02434513417921281596377905722819048352231781071546621230722431053615071
02434513417921281596377905722819048352231781071546621230722431053615071
0341744557183234171232141168229125938115013199142137050247921521265183188
0341744557183234171232141168229125938115013199142137050247921521265183188
013962213818324423661197416712420868203102001795024773201441213623025467
013962213818324423661197416712420868203102001795024773201441213623025467
02263295187184129931764824618134152429721124328179572171522446620714230247
02263295187184129931764824618134152429721124328179572171522446620714230247
025210871552362171396122248195434021117619979659286210176194770163241139
025210871552362171396122248195434021117619979659286210176194770163241139
028159162521301292351143532172061711341592073874203241142251185189489420
028159162521301292351143532172061711341592073874203241142251185189489420
03956222114828171171751315334156124240187685701262397019722317714025541
020363141169591622613713314615297431001152129929143100621753222047191159
: 60 C0 4A 36 03 5F 3E DD   94 1C AB AB 4B 83 35 22  `.J6._>.K.5"
0010: 9C 7C F0 BB 44 39 00 7E   EF 46 C5 DF B1 8C FF 29  D9...F.)
: 83 F1 8F 38 CB 3F 8D A9   3B A2 1A 89 85 92 98 61  ...8.?..;..a
0010: 2B 64 73 D4 63 1D 8F 64   3E 11 35 16 CC 47 5B 9F  +ds.c..d>.5..G[.
: FC 59 08 24 49 7F 24 E5   17 98 15 9C 6D 4D CF 34  .Y.$I.$.mM.4
0010: 45 C6 58 A9 45 5A 78 38   0D 4F 52 1A 65 43 B0 2C  E.X.EZx8.OR.eC.,
0020: 17 C4 B5 23 DE 57 15 60   2C 65 24 B6 2B 9A 31 AE  ...#.W.`,e$.+.1.
: CD F2 EE 3C 1C D1 1F 13   A5 EB AA 8A DA EF A2 09  ...<
: 6F 30 03 F9 0E C4 79 F1   C8 2E E3 57 6F 90 26 C8  o0yWo.&.
: 34 24 0E D74$..
: 2B D4 B7 01+...
18221835149659103228381331551575241147331031321291661321159

No client Hello messages etc., in the Catalina.out log.
I tried to change the encoding but still the same issue.

Thanks & Regards,

Raghav

From: john.e.gr...@wellsfargo.com.INVAL

Re: Need help on ssl handshake logging for audit purpose

2021-06-09 Thread Ragavendhiran Bhiman (rabhiman) 
Hi John

I am getting the output like this

10966181161114832473721710433823523866273491920411012289522541835156
0451112281652151321572412101201618710026238431618119549401121401171233324158

42501341314694224184221573623625026123232102239748963162282031315479568415410816714824988456515811161712381042357237101163207528011232191246200181691271811772110:
 A8 3C 2E B6 4E DD 31 26   AB F1 06 00 8C 2E E8 4F  .<..N.1&...O
0010: D4 92 83 35 E1 DA 1D E7   A1 C8 CB E5 5A 2E DB FA  ...5Z...
: 60 C0 4A 1A 6D 42 B5 A1   72 53 F7 25 D9 68 03 26  `.J.mB..rS.%.h.&
0010: EB EE 42 1B 03 31 13 CC   6E 7A 59 34 FE B7 05 9C  ..B..1..nzY4
: 22 70 51 FA 2D 6F E4 A5   D7 84 9D F1 D2 78 A1 57  "pQ.-o...x.W
0010: 64 1A EE 2B A1 51 C3 31   28 70 8C 75 7B 21 F1 3A  d..+.Q.1(p.u.!.:
: 83 04 6C 63 69 8A E8 0B   F5 43 9E 05 0C 0A E8 16  ..lciC..
0010: 96 93 E4 6A 87 13 F6 7D   0D 1D 20 08 27 31 82 27  ...j.. .'1.'
0020: 1B 8A F0 18 D2 DD 5E BB   0A DF A6 E2 14 81 E3 DC  ..^.
: 4A D4 E5 68 C2 63 F8 91   3D 76 B3 41 41 07 67 6D  J..h.c..=v.AA.gm
: 57 8A 27 73 2F B5 16 24   03 A3 21 37 D1 F4 29 32  W.'s/..$..!7..)2
: 4C B5 BB 4FL..O
: B4 B7 59 3B..Y;
22618924724621010316224313810322810210322025425412734108751091578720586134212421861742242322282151444201162195251381361052262242071952223010517584
086134212421861742242322282151444201162195251381361052262242071952223010517584
050168210587015618110341164162418918160185202512541454715622811317821717232
050168210587015618110341164162418918160185202512541454715622811317821717232
017018119731266076432682421698238201241421872101374251165943619924771
017018119731266076432682421698238201241421872101374251165943619924771
0197513234491791511232391311646424511639144164531851431382451535291109105173
0197513234491791511232391311646424511639144164531851431382451535291109105173
0165273404544562229869431866751661420731628519075881212516497
0165273404544562229869431866751661420731628519075881212516497
0162215220131114313012964121735315431197818226189183158121672152730255135
0162215220131114313012964121735315431197818226189183158121672152730255135
0174251623522412132441636156193199643314391140113617521632383522891177
0174251623522412132441636156193199643314391140113617521632383522891177
016172153323923311721332236451412341979725524824323115820018920327155244
016172153323923311721332236451412341979725524824323115820018920327155244
02555162931826317721088252116103172112174681781811831591951062001732151285667
02555162931826317721088252116103172112174681781811831591951062001732151285667
02434513417921281596377905722819048352231781071546621230722431053615071
02434513417921281596377905722819048352231781071546621230722431053615071
0341744557183234171232141168229125938115013199142137050247921521265183188
0341744557183234171232141168229125938115013199142137050247921521265183188
013962213818324423661197416712420868203102001795024773201441213623025467
013962213818324423661197416712420868203102001795024773201441213623025467
02263295187184129931764824618134152429721124328179572171522446620714230247
02263295187184129931764824618134152429721124328179572171522446620714230247
025210871552362171396122248195434021117619979659286210176194770163241139
025210871552362171396122248195434021117619979659286210176194770163241139
028159162521301292351143532172061711341592073874203241142251185189489420
028159162521301292351143532172061711341592073874203241142251185189489420
03956222114828171171751315334156124240187685701262397019722317714025541
020363141169591622613713314615297431001152129929143100621753222047191159
: 60 C0 4A 36 03 5F 3E DD   94 1C AB AB 4B 83 35 22  `.J6._>.K.5"
0010: 9C 7C F0 BB 44 39 00 7E   EF 46 C5 DF B1 8C FF 29  D9...F.)
: 83 F1 8F 38 CB 3F 8D A9   3B A2 1A 89 85 92 98 61  ...8.?..;..a
0010: 2B 64 73 D4 63 1D 8F 64   3E 11 35 16 CC 47 5B 9F  +ds.c..d>.5..G[.
: FC 59 08 24 49 7F 24 E5   17 98 15 9C 6D 4D CF 34  .Y.$I.$.mM.4
0010: 45 C6 58 A9 45 5A 78 38   0D 4F 52 1A 65 43 B0 2C  E.X.EZx8.OR.eC.,
0020: 17 C4 B5 23 DE 57 15 60   2C 65 24 B6 2B 9A 31 AE  ...#.W.`,e$.+.1.
: CD F2 EE 3C 1C D1 1F 13   A5 EB AA 8A DA EF A2 09  ...<
: 6F 30 03 F9 0E C4 79 F1   C8 2E E3 57 6F 90 26 C8  o0yWo.&.
: 34 24 0E D74$..
: 2B D4 B7 01+...
18221835149659103228381331551575241147331031321291661321159

No client Hello messages etc., in the Catalina.out log.
I tried to change the encoding but still the same issue.

Thanks & Regards,

Raghav

From: john.e.gr...@wellsfargo.com.INVALID 
Date: Wednesday, 9 June 2021 at 7:20 PM
To: users@tomcat.apache.org 
Subject: RE: Need help on ssl handshake logging for audit purpose
Raghav,

> -Original Message-
> Fro

RE: Need help on ssl handshake logging for audit purpose

2021-06-09 Thread John.E.Gregg 
Raghav,

> -Original Message-
> From: Ragavendhiran Bhiman (rabhiman) 
> Sent: Wednesday, June 09, 2021 6:47 AM
> To: Tomcat Users List 
> Subject: Re: Need help on ssl handshake logging for audit purpose
> 
> Kindly help me on the below.
> 
> Thanks a lot for the help.
> 
> From: Ragavendhiran Bhiman (rabhiman) 
> Date: Tuesday, 8 June 2021 at 7:18 PM
> To: users@tomcat.apache.org 
> Subject: Need help on ssl handshake logging for audit purpose Hi All,
> 
> In our product we are using jdk8 and tomcat apache latest version. I have
> enabled -Djavax.net.debug=ssl:handshake from jdk side. But I could see the
> handshake logging are coming as hex in the Catalina.out log messages. I want
> to know how to print the message in the proper English format. Is any other
> mistake I am doing?
> Kindly help me in this regard.
> 
> Thanks & Regards,
> Raghav

Can you provide an example?  When I use that same debug flag, the only hex I 
see is for binary content, such as the content of a cert.

John

-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org

Re: Need help on ssl handshake logging for audit purpose

2021-06-09 Thread Ragavendhiran Bhiman (rabhiman) 
Kindly help me on the below.

Thanks a lot for the help.

From: Ragavendhiran Bhiman (rabhiman) 
Date: Tuesday, 8 June 2021 at 7:18 PM
To: users@tomcat.apache.org 
Subject: Need help on ssl handshake logging for audit purpose
Hi All,

In our product we are using jdk8 and tomcat apache latest version. I have 
enabled -Djavax.net.debug=ssl:handshake from jdk side. But I could see the 
handshake logging are coming as hex in the Catalina.out log messages. I want to 
know how to print the message in the proper English format. Is any other 
mistake I am doing?
Kindly help me in this regard.

Thanks & Regards,
Raghav

RE: Need help on ssl handshake logging for audit purpose

2021-06-08 Thread Mysore, Raghunath 
You may want to try the following "verbose" option
-Djavax.net.debug=ssl:handshake:verbose

-Original Message-
From: Ragavendhiran Bhiman (rabhiman)  
Sent: Tuesday, June 8, 2021 7:48 AM
To: users@tomcat.apache.org
Subject: Need help on ssl handshake logging for audit purpose

Hi All,

In our product we are using jdk8 and tomcat apache latest version. I have 
enabled -Djavax.net.debug=ssl:handshake from jdk side. But I could see the 
handshake logging are coming as hex in the Catalina.out log messages. I want to 
know how to print the message in the proper English format. Is any other 
mistake I am doing?
Kindly help me in this regard.

Thanks & Regards,
Raghav


-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org

Need help on ssl handshake logging for audit purpose

2021-06-08 Thread Ragavendhiran Bhiman (rabhiman) 
Hi All,

In our product we are using jdk8 and tomcat apache latest version. I have 
enabled -Djavax.net.debug=ssl:handshake from jdk side. But I could see the 
handshake logging are coming as hex in the Catalina.out log messages. I want to 
know how to print the message in the proper English format. Is any other 
mistake I am doing?
Kindly help me in this regard.

Thanks & Regards,
Raghav

Need help with tomcat access log

2021-04-13 Thread shreya hegde 
Hi
I have a spring boot application with embedded tomcat which provides
logging in access logs.I am using ExtendedAccessLogValve and the pattern is
c-ip date time x-P(XX)
But i want to log in below format:

client_ip:c-ip date time 'GMT' x-P(XX)

Basically want to notify the developers on the type of value and time zone
of date time getting logged.
Please help me in defining a pattern in ExtendedAccessLog.

Thanks,
Shreya

Re: Need help with image file location

2019-07-14 Thread Усманов Азат Анварович 

Hi!

I believe that you are writing to the wrong mailing list.

"Apache" is an organisation, which groups together many different open-source 
software "products" or "projects". See : 
http://apache.org/index.html#projects-list

One of these is "Apache httpd", a webserver, and that seems to be the one you 
are mentioning below. See : http://httpd.apache.org/
Mailing lists for Apache httpd can be found here :
http://httpd.apache.org/lists.html

Another (totally different) one is "Apache Tomcat", a java servlet container. 
See : http://tomcat.apache.org/
This user's list (users@tomcat.apache.org) is for Apache Tomcat.

(note : you are always welcome on this Apache Tomcat mailing list, if your 
question/problem relates to Apache Tomcat in any way)


От: Barry Kimelman 
Отправлено: 14 июля 2019 г. 0:42:32
Кому: Tomcat Users List
Тема: Need help with image file location

I am running Apache2.4 on windows 10

I have apache installed under c:\Apache24

Everything has been working fine for quite some time. Today I tried to
display an image and no matter what I tried the image is not displayed. I
read in some documentation that all static content (HTML files, image
files, etc..) should go in the same place so I put my image file under
c:\Apache24\htdocs but the image file was not displayed. When I checked the
log files the errors.log file complained "script not found or unable to
stat" but the path was listed under "cgi-bin". So I tried to modify my
image tag to use a relative path but that also did not work.

Where should I put my image files ? How should I code my  tag ? Do I
need to make any changes to my httpd.conf file ?

Thanks.


==

Barry Kimelman
Winnipeg, Manitoba, Canada

<https://www.avast.com/sig-email?utm_medium=email&utm_source=link&utm_campaign=sig-email&utm_content=webmail>
Virus-free.
www.avast.com<http://www.avast.com>
<https://www.avast.com/sig-email?utm_medium=email&utm_source=link&utm_campaign=sig-email&utm_content=webmail>
<#DAB4FAD8-2DD7-40BB-A1B8-4E2AA1F9FDF2>

Need help with image file location

2019-07-13 Thread Barry Kimelman 
I am running Apache2.4 on windows 10

I have apache installed under c:\Apache24

Everything has been working fine for quite some time. Today I tried to
display an image and no matter what I tried the image is not displayed. I
read in some documentation that all static content (HTML files, image
files, etc..) should go in the same place so I put my image file under
c:\Apache24\htdocs but the image file was not displayed. When I checked the
log files the errors.log file complained "script not found or unable to
stat" but the path was listed under "cgi-bin". So I tried to modify my
image tag to use a relative path but that also did not work.

Where should I put my image files ? How should I code my  tag ? Do I
need to make any changes to my httpd.conf file ?

Thanks.


==

Barry Kimelman
Winnipeg, Manitoba, Canada


Virus-free.
www.avast.com

<#DAB4FAD8-2DD7-40BB-A1B8-4E2AA1F9FDF2>

[OT] Re: Need help configuring Apache 2.4 on Windows 10 with PHP

2019-01-27 Thread tomcat 

On 27.01.2019 20:57, Hassan Schroeder wrote:

On Sun, Jan 27, 2019 at 10:53 AM Barry Kimelman
 wrote:


I am running Apache 2.4 on a 64 bit windows 10 system.


This mailing list is for Apache Tomcat, not Apache httpd -- you will
likely get better responses on an appropriate list.



It's OK, Hassan. We'll just send the invoice to the httpd people.
:-)


-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org

Re: Need help configuring Apache 2.4 on Windows 10 with PHP

2019-01-27 Thread Barry Kimelman 
Hello,

Thanks for all your help. After much Google searching I have found
something which seems to be working (at least for the very basic hello.php
script). I will now try more complicated PHP scripts.

Thanks again.

On Sun, Jan 27, 2019 at 1:53 PM Ulises Gonzalez Horta 
wrote:

> On 2019-01-27 14:15, Barry Kimelman wrote:
> > Hello,
> >
> > Thanks for the reply. I have looked at the URL you specified and the
> > information shown there is not specific enough. It shows config info,
> > but
> > it does not say where to put it and it doe snot adequately explain it.
> >
> > On Sun, Jan 27, 2019 at 1:06 PM Ulises Gonzalez Horta
> > 
> > wrote:
> >
>
> Related to where to put it you can put the config in the httpd.conf file
> or in a separated file and in your httpd.conf file you use include $
> file  to include that file. I haven't work with apache in windows so I
> don't know if you have httpd.conf file or apache2.conf file with your
> main config.
> --
> Salu2, Ulinx
> "En un problema con n ecuaciones
> siempre habrá al menos n+1 incógnitas"
> Linux user 366775
>
> -
> To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
> For additional commands, e-mail: users-h...@tomcat.apache.org
>
>

-- 

==

Barry Kimelman
Atlanta, GA, USA

Re: Need help configuring Apache 2.4 on Windows 10 with PHP

2019-01-27 Thread Hassan Schroeder 
On Sun, Jan 27, 2019 at 10:53 AM Barry Kimelman
 wrote:

> I am running Apache 2.4 on a 64 bit windows 10 system.

This mailing list is for Apache Tomcat, not Apache httpd -- you will
likely get better responses on an appropriate list.

-- 
Hassan Schroeder  hassan.schroe...@gmail.com
twitter: @hassan
Consulting Availability : Silicon Valley or remote

-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org

Re: Need help configuring Apache 2.4 on Windows 10 with PHP

2019-01-27 Thread Ulises Gonzalez Horta 

On 2019-01-27 14:15, Barry Kimelman wrote:

Hello,

Thanks for the reply. I have looked at the URL you specified and the
information shown there is not specific enough. It shows config info, 
but

it does not say where to put it and it doe snot adequately explain it.

On Sun, Jan 27, 2019 at 1:06 PM Ulises Gonzalez Horta 


wrote:



Related to where to put it you can put the config in the httpd.conf file 
or in a separated file and in your httpd.conf file you use include $ 
file  to include that file. I haven't work with apache in windows so I 
don't know if you have httpd.conf file or apache2.conf file with your 
main config.

--
Salu2, Ulinx
"En un problema con n ecuaciones
siempre habrá al menos n+1 incógnitas"
Linux user 366775

-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org

Re: Need help configuring Apache 2.4 on Windows 10 with PHP

2019-01-27 Thread Barry Kimelman 
Hello,

Thanks for the reply. I have looked at the URL you specified and the
information shown there is not specific enough. It shows config info, but
it does not say where to put it and it doe snot adequately explain it.

On Sun, Jan 27, 2019 at 1:06 PM Ulises Gonzalez Horta 
wrote:

> On 2019-01-27 13:52, Barry Kimelman wrote:
> > Hello,
> >
> > I am running Apache 2.4 on a 64 bit windows 10 system.
> >
> > For a while I have been running Perl CGI scripts with no problems. Now
> > I
> > want to run PHP CGI scripts.
> >
> > The last few linbes of my conf/httpd.conf file looks like the following
> >
> > 
> > Include conf/extra/proxy-html.conf
> > 
> >
> > # Secure (SSL/TLS) connections
> > ##
> > # Note: The following must must be present to support
> > #   starting without SSL on platforms with no /dev/random
> > equivalent
> > #   but a statically compiled-in mod_ssl.
> > #
> > 
> > SSLRandomSeed startup builtin
> > SSLRandomSeed connect builtin
> > Include conf/extra/httpd-ssl.conf
> > 
> >
> > # PHP FastCGI
> > #
> > # Edit conf/extra/httpd-fcgid.conf to match your php configuration
> > # and uncomment the Include line below.
> > #
> > #Include conf/extra/httpd-fcgid.conf
> >
> > However the file named in the comment on the last line does not exist
> > and I
> > have not been able to find a "sample" of the named file. What do I need
> > to
> > do for the named file in order to be able to run CGI scripts written in
> > PHP
> > ?
> >
> > Thanks.
> >
> > ==
> >
> > Barry Kimelman
> > Atlanta, GA, USA
>
> Hi did you check https://httpd.apache.org/mod_fcgid/mod/mod_fcgid.html
> ?? Is the php example there good for you??
>
> --
> Salu2, Ulinx
> "En un problema con n ecuaciones
> siempre habrá al menos n+1 incógnitas"
> Linux user 366775
>
> -
> To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
> For additional commands, e-mail: users-h...@tomcat.apache.org
>
>

-- 

==

Barry Kimelman
Atlanta, GA, USA

Re: Need help configuring Apache 2.4 on Windows 10 with PHP

2019-01-27 Thread Ulises Gonzalez Horta 

On 2019-01-27 13:52, Barry Kimelman wrote:

Hello,

I am running Apache 2.4 on a 64 bit windows 10 system.

For a while I have been running Perl CGI scripts with no problems. Now 
I

want to run PHP CGI scripts.

The last few linbes of my conf/httpd.conf file looks like the following


Include conf/extra/proxy-html.conf


# Secure (SSL/TLS) connections
##
# Note: The following must must be present to support
#   starting without SSL on platforms with no /dev/random 
equivalent

#   but a statically compiled-in mod_ssl.
#

SSLRandomSeed startup builtin
SSLRandomSeed connect builtin
Include conf/extra/httpd-ssl.conf


# PHP FastCGI
#
# Edit conf/extra/httpd-fcgid.conf to match your php configuration
# and uncomment the Include line below.
#
#Include conf/extra/httpd-fcgid.conf

However the file named in the comment on the last line does not exist 
and I
have not been able to find a "sample" of the named file. What do I need 
to
do for the named file in order to be able to run CGI scripts written in 
PHP

?

Thanks.

==

Barry Kimelman
Atlanta, GA, USA


Hi did you check https://httpd.apache.org/mod_fcgid/mod/mod_fcgid.html 
?? Is the php example there good for you??


--
Salu2, Ulinx
"En un problema con n ecuaciones
siempre habrá al menos n+1 incógnitas"
Linux user 366775

-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org

Need help configuring Apache 2.4 on Windows 10 with PHP

2019-01-27 Thread Barry Kimelman 
Hello,

I am running Apache 2.4 on a 64 bit windows 10 system.

For a while I have been running Perl CGI scripts with no problems. Now I
want to run PHP CGI scripts.

The last few linbes of my conf/httpd.conf file looks like the following


Include conf/extra/proxy-html.conf


# Secure (SSL/TLS) connections
##
# Note: The following must must be present to support
#   starting without SSL on platforms with no /dev/random equivalent
#   but a statically compiled-in mod_ssl.
#

SSLRandomSeed startup builtin
SSLRandomSeed connect builtin
Include conf/extra/httpd-ssl.conf


# PHP FastCGI
#
# Edit conf/extra/httpd-fcgid.conf to match your php configuration
# and uncomment the Include line below.
#
#Include conf/extra/httpd-fcgid.conf

However the file named in the comment on the last line does not exist and I
have not been able to find a "sample" of the named file. What do I need to
do for the named file in order to be able to run CGI scripts written in PHP
?

Thanks.

==

Barry Kimelman
Atlanta, GA, USA

RE: Need help on Tomcat 9.0.x release

2017-09-21 Thread Inderjeet Banwait 
Hi Violeta, Mark,

Thank you for clarifying.

Regards,
Inderjeet

-Original Message-
From: Violeta Georgieva [mailto:violet...@apache.org] 
Sent: Thursday, September 21, 2017 7:26 PM
To: Tomcat Users List
Subject: Re: Need help on Tomcat 9.0.x release

2017-09-21 16:17 GMT+03:00 Rémy Maucherat :
>
> On Thu, Sep 21, 2017 at 3:12 PM, Mark Thomas  wrote:
>
> > On 21/09/17 10:35, Inderjeet Banwait wrote:
> > > Hi Mark,
> > >
> > > Java EE 8 is already released .Can we expect a stable release by 
> > > the
end
> > of September 2017?
> >
> > Servlet 4.0 was released on 5 September 2017.
> > Java EE 8 platform was released on 18 September 2017.
> >
> > It would have been helpful if Oracle had mentioned either of those 
> > releases to the Servlet EG members.
> >
> > I've taken a very quick look and the relevant specifications for 
> > Tomcat
> > are:
> > - Java 8(complete)
> > - Servlet 4.0   (should be complete but need to check for last minute
> >  changes)
> > - JSP 2.3   (no change from Java EE 7 / Tomcat 8.x)
> > - EL 3.0(no change from Java EE 7 / Tomcat 8.x)
> > - WebSocket 1.1 (no change from Tomcat 8.x)
> > - JASPIC 1.1(no change from Java EE 7 / Tomcat 8.x)
> >
> >
> > The Tomcat team is a little busy elsewhere at the moment. A stable 
> > Tomcat 9 release in September is highly unlikely.
> >
> > Releases are typically on a monthly basis with the process starting 
> > at the beginning of the month. The September releases are complete 
> > for 9.0.x and 8.5.x and would have been announced if it wasn't for 
> > CVE-2017-12617.
> >
>
> Since we'll revote, we could include the option to vote the new 9.0 
> build as beta. Since it's very close to 8.5, I don't see any problem with 
> that.


+1

Regards, Violeta

-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org

Re: Need help on Tomcat 9.0.x release

2017-09-21 Thread Violeta Georgieva 
2017-09-21 16:17 GMT+03:00 Rémy Maucherat :
>
> On Thu, Sep 21, 2017 at 3:12 PM, Mark Thomas  wrote:
>
> > On 21/09/17 10:35, Inderjeet Banwait wrote:
> > > Hi Mark,
> > >
> > > Java EE 8 is already released .Can we expect a stable release by the
end
> > of September 2017?
> >
> > Servlet 4.0 was released on 5 September 2017.
> > Java EE 8 platform was released on 18 September 2017.
> >
> > It would have been helpful if Oracle had mentioned either of those
> > releases to the Servlet EG members.
> >
> > I've taken a very quick look and the relevant specifications for Tomcat
> > are:
> > - Java 8(complete)
> > - Servlet 4.0   (should be complete but need to check for last minute
> >  changes)
> > - JSP 2.3   (no change from Java EE 7 / Tomcat 8.x)
> > - EL 3.0(no change from Java EE 7 / Tomcat 8.x)
> > - WebSocket 1.1 (no change from Tomcat 8.x)
> > - JASPIC 1.1(no change from Java EE 7 / Tomcat 8.x)
> >
> >
> > The Tomcat team is a little busy elsewhere at the moment. A stable
> > Tomcat 9 release in September is highly unlikely.
> >
> > Releases are typically on a monthly basis with the process starting at
> > the beginning of the month. The September releases are complete for
> > 9.0.x and 8.5.x and would have been announced if it wasn't for
> > CVE-2017-12617.
> >
>
> Since we'll revote, we could include the option to vote the new 9.0 build
> as beta. Since it's very close to 8.5, I don't see any problem with that.


+1

Regards, Violeta

Re: Need help on Tomcat 9.0.x release

2017-09-21 Thread Rémy Maucherat 
On Thu, Sep 21, 2017 at 3:12 PM, Mark Thomas  wrote:

> On 21/09/17 10:35, Inderjeet Banwait wrote:
> > Hi Mark,
> >
> > Java EE 8 is already released .Can we expect a stable release by the end
> of September 2017?
>
> Servlet 4.0 was released on 5 September 2017.
> Java EE 8 platform was released on 18 September 2017.
>
> It would have been helpful if Oracle had mentioned either of those
> releases to the Servlet EG members.
>
> I've taken a very quick look and the relevant specifications for Tomcat
> are:
> - Java 8(complete)
> - Servlet 4.0   (should be complete but need to check for last minute
>  changes)
> - JSP 2.3   (no change from Java EE 7 / Tomcat 8.x)
> - EL 3.0(no change from Java EE 7 / Tomcat 8.x)
> - WebSocket 1.1 (no change from Tomcat 8.x)
> - JASPIC 1.1(no change from Java EE 7 / Tomcat 8.x)
>
>
> The Tomcat team is a little busy elsewhere at the moment. A stable
> Tomcat 9 release in September is highly unlikely.
>
> Releases are typically on a monthly basis with the process starting at
> the beginning of the month. The September releases are complete for
> 9.0.x and 8.5.x and would have been announced if it wasn't for
> CVE-2017-12617.
>

Since we'll revote, we could include the option to vote the new 9.0 build
as beta. Since it's very close to 8.5, I don't see any problem with that.

Rémy


>
> Assuming that there have been no / trivial changes to the Servlet API
> since the EG last saw it, I'd expect the October release to be either
> beta or stable depending on how the community votes. If it is beta, the
> community will consider whether to change that to stable for each
> subsequent release until we have a first stable release. My personal
> view is that we could get to a stable release pretty quickly. But I am
> only one voice and this is a decision that the community makes.
>
> Mark
>
>
>
> >
> > Thanks,
> > Inderjeet
> >
> > -Original Message-
> > From: Mark Thomas [mailto:ma...@apache.org]
> > Sent: Thursday, September 21, 2017 1:58 PM
> > To: Tomcat Users List
> > Subject: Re: Need help on Tomcat 9.0.x release
> >
> > On 21/09/17 08:57, Inderjeet Banwait wrote:
> >> Hi,
> >>
> >>
> >>
> >> We are Oracle Knowledge team from Oracle and want to upgrade our
> product to support Tomcat 9.0.x but as per the version pages from Tomcat
> wiki it is not stable.
> >>
> >> We want to know when we can have a stable Tomcat 9.0.x release?
> >
> > Shortly after Oracle release Java EE 8.
> >
> > Mark
> >
> > -
> > To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
> > For additional commands, e-mail: users-h...@tomcat.apache.org
> >
> >
> > -
> > To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
> > For additional commands, e-mail: users-h...@tomcat.apache.org
> >
>
>
> -
> To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
> For additional commands, e-mail: users-h...@tomcat.apache.org
>
>

Re: Need help on Tomcat 9.0.x release

2017-09-21 Thread Mark Thomas 
On 21/09/17 10:35, Inderjeet Banwait wrote:
> Hi Mark,
> 
> Java EE 8 is already released .Can we expect a stable release by the end of 
> September 2017?

Servlet 4.0 was released on 5 September 2017.
Java EE 8 platform was released on 18 September 2017.

It would have been helpful if Oracle had mentioned either of those
releases to the Servlet EG members.

I've taken a very quick look and the relevant specifications for Tomcat are:
- Java 8(complete)
- Servlet 4.0   (should be complete but need to check for last minute
 changes)
- JSP 2.3   (no change from Java EE 7 / Tomcat 8.x)
- EL 3.0(no change from Java EE 7 / Tomcat 8.x)
- WebSocket 1.1 (no change from Tomcat 8.x)
- JASPIC 1.1(no change from Java EE 7 / Tomcat 8.x)


The Tomcat team is a little busy elsewhere at the moment. A stable
Tomcat 9 release in September is highly unlikely.

Releases are typically on a monthly basis with the process starting at
the beginning of the month. The September releases are complete for
9.0.x and 8.5.x and would have been announced if it wasn't for
CVE-2017-12617.

Assuming that there have been no / trivial changes to the Servlet API
since the EG last saw it, I'd expect the October release to be either
beta or stable depending on how the community votes. If it is beta, the
community will consider whether to change that to stable for each
subsequent release until we have a first stable release. My personal
view is that we could get to a stable release pretty quickly. But I am
only one voice and this is a decision that the community makes.

Mark



> 
> Thanks,
> Inderjeet 
> 
> -Original Message-
> From: Mark Thomas [mailto:ma...@apache.org] 
> Sent: Thursday, September 21, 2017 1:58 PM
> To: Tomcat Users List
> Subject: Re: Need help on Tomcat 9.0.x release
> 
> On 21/09/17 08:57, Inderjeet Banwait wrote:
>> Hi,
>>
>>  
>>
>> We are Oracle Knowledge team from Oracle and want to upgrade our product to 
>> support Tomcat 9.0.x but as per the version pages from Tomcat wiki it is not 
>> stable.
>>
>> We want to know when we can have a stable Tomcat 9.0.x release?
> 
> Shortly after Oracle release Java EE 8.
> 
> Mark
> 
> -
> To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
> For additional commands, e-mail: users-h...@tomcat.apache.org
> 
> 
> -
> To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
> For additional commands, e-mail: users-h...@tomcat.apache.org
> 


-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org

RE: Need help on Tomcat 9.0.x release

2017-09-21 Thread Inderjeet Banwait 
Hi Mark,

Java EE 8 is already released .Can we expect a stable release by the end of 
September 2017?

Thanks,
Inderjeet 

-Original Message-
From: Mark Thomas [mailto:ma...@apache.org] 
Sent: Thursday, September 21, 2017 1:58 PM
To: Tomcat Users List
Subject: Re: Need help on Tomcat 9.0.x release

On 21/09/17 08:57, Inderjeet Banwait wrote:
> Hi,
> 
>  
> 
> We are Oracle Knowledge team from Oracle and want to upgrade our product to 
> support Tomcat 9.0.x but as per the version pages from Tomcat wiki it is not 
> stable.
> 
> We want to know when we can have a stable Tomcat 9.0.x release?

Shortly after Oracle release Java EE 8.

Mark

-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org


-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org

Re: Need help on Tomcat 9.0.x release

2017-09-21 Thread Mark Thomas 
On 21/09/17 08:57, Inderjeet Banwait wrote:
> Hi,
> 
>  
> 
> We are Oracle Knowledge team from Oracle and want to upgrade our product to 
> support Tomcat 9.0.x but as per the version pages from Tomcat wiki it is not 
> stable.
> 
> We want to know when we can have a stable Tomcat 9.0.x release?

Shortly after Oracle release Java EE 8.

Mark

-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org

Need help on Tomcat 9.0.x release

2017-09-21 Thread Inderjeet Banwait 
Hi,

 

We are Oracle Knowledge team from Oracle and want to upgrade our product to 
support Tomcat 9.0.x but as per the version pages from Tomcat wiki it is not 
stable.

We want to know when we can have a stable Tomcat 9.0.x release?

 

Thanks,

Inderjeet

Re: Need help with url rewrite

2017-07-24 Thread tomcat 

On 24.07.2017 17:42, Sri Linux wrote:

Hi

I need help with url rewrite. Please let me know the process to contact
some one..


You could start here : http://tuckey.org/urlrewrite/#support



-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org

Need help with url rewrite

2017-07-24 Thread Sri Linux 
Hi

I need help with url rewrite. Please let me know the process to contact
some one..


Thanks
Sri

Re: need help with websocket

2017-03-29 Thread Robert Lewis 
WSS will work if you enable and configure the HTTPS connector in server.xml.

This part of the configuration is not really wss specific and tomcat site 
contains a bunch of good docs on how to do this.

> On Mar 29, 2017, at 4:40 PM, Sharat Jagannath  wrote:
> 
> The code on the tomcat page does not have examples for wss. But I will look
> into his ngnix is configured
> 
> Thanks
> 
> On Mar 29, 2017 1:15 PM, "Mark Eggers" 
> wrote:
> 
>> Sharat,
>> 
>>> On 3/29/2017 9:23 AM, Sharat Jagannath wrote:
>>> I get a 404 error when I call my server endpoint with wss.
>>> I'm using tomcat 9 which sits behind ngnix. Does that make a difference?
>>> here's how my server.xml looks like-
>>> 
>>> 
>>> 
>>> 
>>> 
>>> 
>>>  > />
>>>  
>>>  
>>>  >> SSLEngine="on" />
>>>  
>>>  >> className="org.apache.catalina.core.JreMemoryLeakPreventionListener" />
>>>  >> className="org.apache.catalina.mbeans.GlobalResourcesLifecycleListener"
>> />
>>>  >> className="org.apache.catalina.core.ThreadLocalLeakPreventionListener"
>> />
>>> 
>>> 
>>>  
>>>  
>>>
>>>>>  type="org.apache.catalina.UserDatabase"
>>>  description="User database that can be updated and saved"
>>>  factory="org.apache.catalina.users.
>> MemoryUserDatabaseFactory"
>>>  pathname="conf/tomcat-users.xml" />
>>>  
>>> 
>>>  
>>>  
>>> 
>>>
>>>
>>> 
>>> 
>>>
>>> 
>>> 
>>>>>   connectionTimeout="2"
>>>   redirectPort="8443" URIEncoding="UTF-8"
>>> useBodyEncodingForURI="true" compression="on" compressionMinSize="2048"
>>> noCompressionUserAgents="gozilla, traviata"
>>> compressableMimeType="text/html,text/xml,text/plain,text/
>> css,text/javascript"
>>> />
>>> 
>>> 
>>>
>>>
>>>
>>>
>>>
>>>
>>> 
>>>
>>>
>>> 
>>> 
>>>
>>> 
>>>
>>>
>>> 
>>> 
>>>  
>>>  
>>> 
>>>  
>>>  
>>>
>>>>>   resourceName="UserDatabase"/>
>>>  
>>> 
>>>  >>unpackWARs="true" autoDeploy="true">
>>> 
>>>
>>>
>>> 
>>>
>>>>> directory="logs"
>>>   prefix="localHost_access_log" suffix=".txt"
>>>   pattern="%h %l %u %t "%r" %s %b" />
>>> 
>>>  
>>>
>>>  
>>> 
>>> 
>>> 
>>> 
 On Mar 29, 2017 6:24 AM, "calder"  wrote:
 
 On Tuesday, March 28, 2017, Sharat Jagannath 
>> wrote:
 
> how do i setup websocket on server side for using wss with tomcat
>> config?
> is there any config i need to do with tomcat? any certification to
>> setup?
 
 
> 
 
 Read up using the How-to:
 
 https://tomcat.apache.org/tomcat-8.0-doc/web-socket-howto.html
 
 
 http://tomcat-configure.blogspot.com/2014/05/tomcat-websock
 et-example.html
 
>>> 
>> 
>> Two things to try:
>> 
>> 1. Have you tried to connect without using NGINX as a front end proxy?
>> 
>> 2. Have you configured your NGINX server appropriately?
>> 
>> See the following for configuring NGINX to act as a websocket proxy:
>> 
>> http://nginx.org/en/docs/http/websocket.html
>> https://www.nginx.com/blog/websocket-nginx/
>> 
>> Also, see the following:
>> 
>> http://tomcat.apache.org/tomcat-9.0-doc/web-socket-howto.html
>> 
>> and follow the links to look at both the server and client side code.
>> 
>> Please note that I've not done any of this, since I have Tomcat sitting
>> behind Apache HTTPD 2.2. I have not ported the proxy_wstunnel module
>> from Apache HTTPD 2.4 to 2.2.
>> 
>> . . . just my two cents
>> /mde/
>> 
>> Please note that I've not done any of this.
>> 
>> 
>> 

-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org

Re: need help with websocket

2017-03-29 Thread Sharat Jagannath 
The code on the tomcat page does not have examples for wss. But I will look
into his ngnix is configured

Thanks

On Mar 29, 2017 1:15 PM, "Mark Eggers" 
wrote:

> Sharat,
>
> On 3/29/2017 9:23 AM, Sharat Jagannath wrote:
> > I get a 404 error when I call my server endpoint with wss.
> > I'm using tomcat 9 which sits behind ngnix. Does that make a difference?
> > here's how my server.xml looks like-
> >
> >
> > 
> > 
> > 
> > 
> >/>
> >   
> >   
> >> SSLEngine="on" />
> >   
> >> className="org.apache.catalina.core.JreMemoryLeakPreventionListener" />
> >> className="org.apache.catalina.mbeans.GlobalResourcesLifecycleListener"
> />
> >> className="org.apache.catalina.core.ThreadLocalLeakPreventionListener"
> />
> >
> >
> >   
> >   
> > 
> >  >   type="org.apache.catalina.UserDatabase"
> >   description="User database that can be updated and saved"
> >   factory="org.apache.catalina.users.
> MemoryUserDatabaseFactory"
> >   pathname="conf/tomcat-users.xml" />
> >   
> >
> >   
> >   
> >
> > 
> > 
> >
> >
> > 
> >
> >
> >  >connectionTimeout="2"
> >redirectPort="8443" URIEncoding="UTF-8"
> > useBodyEncodingForURI="true" compression="on" compressionMinSize="2048"
> > noCompressionUserAgents="gozilla, traviata"
> > compressableMimeType="text/html,text/xml,text/plain,text/
> css,text/javascript"
> > />
> >
> >
> > 
> > 
> > 
> > 
> > 
> > 
> >
> > 
> > 
> >
> >
> > 
> >
> > 
> > 
> >
> >
> >   
> >   
> >
> >   
> >   
> > 
> >  >resourceName="UserDatabase"/>
> >   
> >
> >> unpackWARs="true" autoDeploy="true">
> >
> > 
> > 
> >
> > 
> >  > directory="logs"
> >prefix="localHost_access_log" suffix=".txt"
> >pattern="%h %l %u %t "%r" %s %b" />
> >
> >   
> > 
> >   
> > 
> >
> >
> >
> > On Mar 29, 2017 6:24 AM, "calder"  wrote:
> >
> >> On Tuesday, March 28, 2017, Sharat Jagannath 
> wrote:
> >>
> >>> how do i setup websocket on server side for using wss with tomcat
> config?
> >>> is there any config i need to do with tomcat? any certification to
> setup?
> >>
> >>
> >>>
> >>
> >> Read up using the How-to:
> >>
> >> https://tomcat.apache.org/tomcat-8.0-doc/web-socket-howto.html
> >>
> >>
> >>  http://tomcat-configure.blogspot.com/2014/05/tomcat-websock
> >> et-example.html
> >>
> >
>
> Two things to try:
>
> 1. Have you tried to connect without using NGINX as a front end proxy?
>
> 2. Have you configured your NGINX server appropriately?
>
> See the following for configuring NGINX to act as a websocket proxy:
>
> http://nginx.org/en/docs/http/websocket.html
> https://www.nginx.com/blog/websocket-nginx/
>
> Also, see the following:
>
> http://tomcat.apache.org/tomcat-9.0-doc/web-socket-howto.html
>
> and follow the links to look at both the server and client side code.
>
> Please note that I've not done any of this, since I have Tomcat sitting
> behind Apache HTTPD 2.2. I have not ported the proxy_wstunnel module
> from Apache HTTPD 2.4 to 2.2.
>
> . . . just my two cents
> /mde/
>
> Please note that I've not done any of this.
>
>
>

Re: need help with websocket

2017-03-29 Thread Mark Eggers 
Sharat,

On 3/29/2017 9:23 AM, Sharat Jagannath wrote:
> I get a 404 error when I call my server endpoint with wss.
> I'm using tomcat 9 which sits behind ngnix. Does that make a difference?
> here's how my server.xml looks like-
> 
> 
> 
> 
> 
> 
>   
>   
>   
>SSLEngine="on" />
>   
>className="org.apache.catalina.core.JreMemoryLeakPreventionListener" />
>className="org.apache.catalina.mbeans.GlobalResourcesLifecycleListener" />
>className="org.apache.catalina.core.ThreadLocalLeakPreventionListener" />
> 
> 
>   
>   
> 
>type="org.apache.catalina.UserDatabase"
>   description="User database that can be updated and saved"
>   factory="org.apache.catalina.users.MemoryUserDatabaseFactory"
>   pathname="conf/tomcat-users.xml" />
>   
> 
>   
>   
> 
> 
> 
> 
> 
> 
> 
> 
> connectionTimeout="2"
>redirectPort="8443" URIEncoding="UTF-8"
> useBodyEncodingForURI="true" compression="on" compressionMinSize="2048"
> noCompressionUserAgents="gozilla, traviata"
> compressableMimeType="text/html,text/xml,text/plain,text/css,text/javascript"
> />
> 
> 
> 
> 
> 
> 
> 
> 
> 
> 
> 
> 
> 
> 
> 
> 
> 
> 
> 
>   
>   
> 
>   
>   
> 
> resourceName="UserDatabase"/>
>   
> 
>unpackWARs="true" autoDeploy="true">
> 
> 
> 
> 
> 
>  directory="logs"
>prefix="localHost_access_log" suffix=".txt"
>pattern="%h %l %u %t "%r" %s %b" />
> 
>   
> 
>   
> 
> 
> 
> 
> On Mar 29, 2017 6:24 AM, "calder"  wrote:
> 
>> On Tuesday, March 28, 2017, Sharat Jagannath  wrote:
>>
>>> how do i setup websocket on server side for using wss with tomcat config?
>>> is there any config i need to do with tomcat? any certification to setup?
>>
>>
>>>
>>
>> Read up using the How-to:
>>
>> https://tomcat.apache.org/tomcat-8.0-doc/web-socket-howto.html
>>
>>
>>  http://tomcat-configure.blogspot.com/2014/05/tomcat-websock
>> et-example.html
>>
> 

Two things to try:

1. Have you tried to connect without using NGINX as a front end proxy?

2. Have you configured your NGINX server appropriately?

See the following for configuring NGINX to act as a websocket proxy:

http://nginx.org/en/docs/http/websocket.html
https://www.nginx.com/blog/websocket-nginx/

Also, see the following:

http://tomcat.apache.org/tomcat-9.0-doc/web-socket-howto.html

and follow the links to look at both the server and client side code.

Please note that I've not done any of this, since I have Tomcat sitting
behind Apache HTTPD 2.2. I have not ported the proxy_wstunnel module
from Apache HTTPD 2.4 to 2.2.

. . . just my two cents
/mde/

Please note that I've not done any of this.




signature.asc
Description: OpenPGP digital signature

Re: need help with websocket

2017-03-29 Thread Sharat Jagannath 
I get a 404 error when I call my server endpoint with wss.
I'm using tomcat 9 which sits behind ngnix. Does that make a difference?
here's how my server.xml looks like-






  
  
  
  
  
  
  
  


  
  


  

  
  




























  
  

  
  


  

  







  

  




On Mar 29, 2017 6:24 AM, "calder"  wrote:

> On Tuesday, March 28, 2017, Sharat Jagannath  wrote:
>
> > how do i setup websocket on server side for using wss with tomcat config?
> > is there any config i need to do with tomcat? any certification to setup?
>
>
> >
>
> Read up using the How-to:
>
> https://tomcat.apache.org/tomcat-8.0-doc/web-socket-howto.html
>
>
>  http://tomcat-configure.blogspot.com/2014/05/tomcat-websock
> et-example.html
>

Re: need help with websocket

2017-03-29 Thread calder 
On Tuesday, March 28, 2017, Sharat Jagannath  wrote:

> how do i setup websocket on server side for using wss with tomcat config?
> is there any config i need to do with tomcat? any certification to setup?


>

Read up using the How-to:

https://tomcat.apache.org/tomcat-8.0-doc/web-socket-howto.html


 http://tomcat-configure.blogspot.com/2014/05/tomcat-websocket-example.html

need help with websocket

2017-03-28 Thread Sharat Jagannath 
how do i setup websocket on server side for using wss with tomcat config?
is there any config i need to do with tomcat? any certification to setup?

Thanks


-- 
Sharat Jagannath

RE: Need Help on Tomcat 8.0.14.0 SSL Public Facing URL !!

2016-11-17 Thread ramagopala.chaturvedula 
Hi Violeta,

Currently the existing configuration is as follows :

1)
Server version: Apache Tomcat/8.0.14
Server built:   Sep 24 2014 09:01:51
Server number:  8.0.14.0
OS Name:Linux
OS Version: 3.10.0-229.el7.x86_64
JVM Version:1.8.0_51-b16

2)Tomcat is enabled with SSL and able to access with HTTP and HTTPS with the IP 
Address in the internal network
3)Public IP address is assigned where this tomcat installed
4)Firewall rules are relaxed for both HTTP and HTTPS ports
5)Tomcat server.xml is modified (Host Element) with the public facing host name 
instead of localhost

But still Tomcat is not getting accessed in the internet either with Http or 
Https. Could you please throw some light where I am missing here ?

I appreciate your quick help on this.

Thanks & Regs,
Ram.
The information contained in this electronic message and any attachments to 
this message are intended for the exclusive use of the addressee(s) and may 
contain proprietary, confidential or privileged information. If you are not the 
intended recipient, you should not disseminate, distribute or copy this e-mail. 
Please notify the sender immediately and destroy all copies of this message and 
any attachments. WARNING: Computer viruses can be transmitted via email. The 
recipient should check this email and any attachments for the presence of 
viruses. The company accepts no liability for any damage caused by any virus 
transmitted by this email. www.wipro.com

Re: Need Help on Tomcat 8.1.1 SSL Public Facing URL !!

2016-11-17 Thread Christopher Schultz 
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256

Ramagopala,

On 11/17/16 12:51 AM, ramagopala.chaturved...@wipro.com wrote:
> Please help in resolving the issue with Public Facing URL of
> Tomcat server.  Currently the existing configuration is as follows
> :
> 
> 
> 1)  Tomcat 8.1.1 is installed on Red-Hat Linux OS along with 
> Jdk1.7
> 
> 2)  Tomcat is enabled with SSL and able to access with https
> with the IP Address in the internal network
> 
> 3)  Public IP address is assigned where this tomcat installed
> 
> 4)  Firewall rules are relaxed for both Http and Https ports
> 
> 5)  Tomcat server.xml is modified (Host Element) with the
> public facing host name instead of localhost
> 
> But still Tomcat is not getting accessed in the internet either
> with Http or Https. Could you please throw some light where I am
> missing here ?

So you cannot access Tomcat using the server's public IP address from
out on the internet?

If your client is within the internal network and you use the internal
IP address, does that work?

- -chris
-BEGIN PGP SIGNATURE-
Comment: GPGTools - http://gpgtools.org
Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/

iQIcBAEBCAAGBQJYLcipAAoJEBzwKT+lPKRYDKEQAMGQZIY71uLKsYbsMOZxILL+
hyqTX8f/KfTnO+KK24kcOyXIwIXUP6X0QoMlodHN6fu9rKSbfCOd3JURZjc+5dML
cy9zVu2AOWnthx9W16vkNI7dtvfU5H4NHheSsIa+iM3BzM9HyVd1LqoUQm21dDvV
PxFrgJD2Fdv7PKN74+I5f00D6QwQNdNLX8unXKUphB5kknSGkkxXLhkCPf2N/Ty4
osPtSK38ZCkWTrLX02OSN8F9qgK0h5v5m0qRJtbWujgpZVwX4B1MAbukITl4/Ujl
RBaNXNAly4ZXBpn2bgEAWLCwEGt9EB0nvvFh74TM6onr9yi4c2mtYd3b7Lf3WICx
T2b0sRhVHcDcaYSfhfA5lslWHR2UBUQbAhnKCUKB94cwnsiE41AnFbRCURTw7ewq
b+Uzxu73Mjn3mrBkSnmelyLbPfwxM+cbBVMa6qPDI9/iVgGufUT5LmdMXMmoGqIb
lROqaZ2P0KlRAVFzfr/lVGyicixf2TJzDLNIjpoQ1vJ4jJYOQw3KUTi4UGfjcTsY
RqtRBKIji4NoL/gsrHNViOwkaA+QJrIplNVc54/jd4AyMoGROIqlehsutnA/j6Nx
i1hRA2n4JQY56TwatyFW3SZZICAeDu2Y9Y2xE2KHl1TwNo4FEIeRTa8j5DGz+bnk
mFH2QtmLzCS3ZIG5fobn
=lVYd
-END PGP SIGNATURE-

-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org

Re: Need Help on Tomcat 8.1.1 SSL Public Facing URL !!

2016-11-17 Thread Violeta Georgieva 
Hi,

2016-11-17 7:51 GMT+02:00 :
>
> Hi Group,
>
> Please help in resolving the issue with Public Facing URL of Tomcat
server.  Currently the existing configuration is as follows :
>
>
> 1)  Tomcat 8.1.1 is installed on Red-Hat Linux OS along with Jdk1.7

There isn't a version Tomcat 8.1.1
Please verify your Tomcat version.
More information about Tomcat versions can be found here
http://tomcat.apache.org/whichversion.html

Regards,
Violeta

> 2)  Tomcat is enabled with SSL and able to access with https with the
IP Address in the internal network
>
> 3)  Public IP address is assigned where this tomcat installed
>
> 4)  Firewall rules are relaxed for both Http and Https ports
>
> 5)  Tomcat server.xml is modified (Host Element) with the public
facing host name instead of localhost
>
> But still Tomcat is not getting accessed in the internet either with Http
or Https. Could you please throw some light where I am missing here ?
>
> I appreciate your quick help on this.
>
> Thanks & Regs,
> Ramagopala Chaturvedula (Ram)
>
> The information contained in this electronic message and any attachments
to this message are intended for the exclusive use of the addressee(s) and
may contain proprietary, confidential or privileged information. If you are
not the intended recipient, you should not disseminate, distribute or copy
this e-mail. Please notify the sender immediately and destroy all copies of
this message and any attachments. WARNING: Computer viruses can be
transmitted via email. The recipient should check this email and any
attachments for the presence of viruses. The company accepts no liability
for any damage caused by any virus transmitted by this email. www.wipro.com

Need Help on Tomcat 8.1.1 SSL Public Facing URL !!

2016-11-16 Thread ramagopala.chaturvedula 
Hi Group,

Please help in resolving the issue with Public Facing URL of Tomcat server.  
Currently the existing configuration is as follows :


1)  Tomcat 8.1.1 is installed on Red-Hat Linux OS along with Jdk1.7

2)  Tomcat is enabled with SSL and able to access with https with the IP 
Address in the internal network

3)  Public IP address is assigned where this tomcat installed

4)  Firewall rules are relaxed for both Http and Https ports

5)  Tomcat server.xml is modified (Host Element) with the public facing 
host name instead of localhost

But still Tomcat is not getting accessed in the internet either with Http or 
Https. Could you please throw some light where I am missing here ?

I appreciate your quick help on this.

Thanks & Regs,
Ramagopala Chaturvedula (Ram)

The information contained in this electronic message and any attachments to 
this message are intended for the exclusive use of the addressee(s) and may 
contain proprietary, confidential or privileged information. If you are not the 
intended recipient, you should not disseminate, distribute or copy this e-mail. 
Please notify the sender immediately and destroy all copies of this message and 
any attachments. WARNING: Computer viruses can be transmitted via email. The 
recipient should check this email and any attachments for the presence of 
viruses. The company accepts no liability for any damage caused by any virus 
transmitted by this email. www.wipro.com

Re: Need help setting up SSL on Tomcat 8

2016-07-18 Thread Sean Son 
On Mon, Jul 18, 2016 at 10:47 AM, André Warnier (tomcat) 
wrote:

> On 18.07.2016 16:33, Sean Son wrote:
>
>> On Thu, Jul 14, 2016 at 8:15 AM, Ognjen Blagojevic <
>> ognjen.d.blagoje...@gmail.com> wrote:
>>
>> Sean,
>>>
>>> On 13.7.2016 21:56, Sean Son wrote:
>>>
>>> Thank you for your answer guys. Is there anywhere in the Tomcat config
 files that I would need to specify the DNS name?  Like in Apache we
 would specify the DNS name in a Virtualhost.


>>> Take a look at context xml, attribute "name" in Host element [1], and
>>> attribute "defaultHost" in Engine element [2].
>>>
>>> -Ognjen
>>>
>>> ps. Please, write your answers below the quotes, that is standard on
>>> Tomcat mailing lists.
>>>
>>> [1] http://tomcat.apache.org/tomcat-8.0-doc/config/host.html
>>> [2] http://tomcat.apache.org/tomcat-8.0-doc/config/engine.html
>>>
>>>
>>> -
>>> To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
>>> For additional commands, e-mail: users-h...@tomcat.apache.org
>>>
>>>
>>> Unfortunately I was not able to make any sense of those two links. In
>> which
>> file, would the Host element or Engine element appear in? I do not see
>> anything of the sort in context.xml ?
>>
>> Why is tomcat so confusing?
>>
>>
> Maybe less confusing if you start here :
> http://tomcat.apache.org/tomcat-8.0-doc/config/index.html
> and then work you way down to the 2 links above.
>
>
>
> -
> To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
> For additional commands, e-mail: users-h...@tomcat.apache.org
>
>
Thank you Andre! I will do that.

Re: Need help setting up SSL on Tomcat 8

2016-07-18 Thread tomcat 

On 18.07.2016 16:33, Sean Son wrote:

On Thu, Jul 14, 2016 at 8:15 AM, Ognjen Blagojevic <
ognjen.d.blagoje...@gmail.com> wrote:


Sean,

On 13.7.2016 21:56, Sean Son wrote:


Thank you for your answer guys. Is there anywhere in the Tomcat config
files that I would need to specify the DNS name?  Like in Apache we
would specify the DNS name in a Virtualhost.



Take a look at context xml, attribute "name" in Host element [1], and
attribute "defaultHost" in Engine element [2].

-Ognjen

ps. Please, write your answers below the quotes, that is standard on
Tomcat mailing lists.

[1] http://tomcat.apache.org/tomcat-8.0-doc/config/host.html
[2] http://tomcat.apache.org/tomcat-8.0-doc/config/engine.html


-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org



Unfortunately I was not able to make any sense of those two links. In which
file, would the Host element or Engine element appear in? I do not see
anything of the sort in context.xml ?

Why is tomcat so confusing?



Maybe less confusing if you start here :
http://tomcat.apache.org/tomcat-8.0-doc/config/index.html
and then work you way down to the 2 links above.


-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org

Re: Need help setting up SSL on Tomcat 8

2016-07-18 Thread Sean Son 
On Thu, Jul 14, 2016 at 8:15 AM, Ognjen Blagojevic <
ognjen.d.blagoje...@gmail.com> wrote:

> Sean,
>
> On 13.7.2016 21:56, Sean Son wrote:
>
>> Thank you for your answer guys. Is there anywhere in the Tomcat config
>> files that I would need to specify the DNS name?  Like in Apache we
>> would specify the DNS name in a Virtualhost.
>>
>
> Take a look at context xml, attribute "name" in Host element [1], and
> attribute "defaultHost" in Engine element [2].
>
> -Ognjen
>
> ps. Please, write your answers below the quotes, that is standard on
> Tomcat mailing lists.
>
> [1] http://tomcat.apache.org/tomcat-8.0-doc/config/host.html
> [2] http://tomcat.apache.org/tomcat-8.0-doc/config/engine.html
>
>
> -
> To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
> For additional commands, e-mail: users-h...@tomcat.apache.org
>
>
Unfortunately I was not able to make any sense of those two links. In which
file, would the Host element or Engine element appear in? I do not see
anything of the sort in context.xml ?

Why is tomcat so confusing?

Re: Need help setting up SSL on Tomcat 8

2016-07-14 Thread Sean Son 
On Thu, Jul 14, 2016 at 8:15 AM, Ognjen Blagojevic <
ognjen.d.blagoje...@gmail.com> wrote:

> Sean,
>
> On 13.7.2016 21:56, Sean Son wrote:
>
>> Thank you for your answer guys. Is there anywhere in the Tomcat config
>> files that I would need to specify the DNS name?  Like in Apache we
>> would specify the DNS name in a Virtualhost.
>>
>
> Take a look at context xml, attribute "name" in Host element [1], and
> attribute "defaultHost" in Engine element [2].
>
> -Ognjen
>
> ps. Please, write your answers below the quotes, that is standard on
> Tomcat mailing lists.
>
> [1] http://tomcat.apache.org/tomcat-8.0-doc/config/host.html
> [2] http://tomcat.apache.org/tomcat-8.0-doc/config/engine.html
>
>
> -
> To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
> For additional commands, e-mail: users-h...@tomcat.apache.org
>
>
Thanks for the links and sorry bad habit of mine Lol   Today i will set up
a DNS record for the server and test out the SSL. I will let you all know
what I see.

Thanks!

Re: Need help setting up SSL on Tomcat 8

2016-07-14 Thread Ognjen Blagojevic 

Sean,

On 13.7.2016 21:56, Sean Son wrote:

Thank you for your answer guys. Is there anywhere in the Tomcat config
files that I would need to specify the DNS name?  Like in Apache we
would specify the DNS name in a Virtualhost.


Take a look at context xml, attribute "name" in Host element [1], and 
attribute "defaultHost" in Engine element [2].


-Ognjen

ps. Please, write your answers below the quotes, that is standard on 
Tomcat mailing lists.


[1] http://tomcat.apache.org/tomcat-8.0-doc/config/host.html
[2] http://tomcat.apache.org/tomcat-8.0-doc/config/engine.html

-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org

Re: Need help setting up SSL on Tomcat 8

2016-07-13 Thread Daniel Savard 
2016-07-13 15:56 GMT-04:00 Sean Son :

> Thank you for your answer guys. Is there anywhere in the Tomcat config
> files that I would need to specify the DNS name?  Like in Apache we would
> specify the DNS name in a Virtualhost.
>
>
No.

-
Daniel Savard

Re: Need help setting up SSL on Tomcat 8

2016-07-13 Thread Sean Son 
Thank you for your answer guys. Is there anywhere in the Tomcat config
files that I would need to specify the DNS name?  Like in Apache we would
specify the DNS name in a Virtualhost.

On Wed, Jul 13, 2016 at 7:56 AM, Ognjen Blagojevic <
ognjen.d.blagoje...@gmail.com> wrote:

> Sean,
>
> On 12.7.2016 14:49, Sean Son wrote:
>
>> Hello thank you for your response. I am currently only accessing the
>> server using IP address only. We do not have a DNS record set up for the
>> server as of yet. It will be something like webapp.example.com
>>
>
> Once there is a DNS record in place, and you access your server using
> FQDN, your error will be gone.
>
> If you are the only one who access the server, and you find that warning
> particularly annoying, you may enter FQDN and IP address in hosts file, and
> access server using FQDN, before your DNS admins do their job.
>
> -Ognjen
>
>

Re: Need help setting up SSL on Tomcat 8

2016-07-13 Thread Ognjen Blagojevic 

Sean,

On 12.7.2016 14:49, Sean Son wrote:

Hello thank you for your response. I am currently only accessing the
server using IP address only. We do not have a DNS record set up for the
server as of yet. It will be something like webapp.example.com


Once there is a DNS record in place, and you access your server using 
FQDN, your error will be gone.


If you are the only one who access the server, and you find that warning 
particularly annoying, you may enter FQDN and IP address in hosts file, 
and access server using FQDN, before your DNS admins do their job.


-Ognjen


-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org

Re: Need help setting up SSL on Tomcat 8

2016-07-12 Thread Daniel Savard 
2016-07-12 14:34 GMT-04:00 Sean Son :

> Are there any logs on the tomcat server that I should check in order to fix
> this SSL issue? or is this strictly a certificate related issue?
>

At my opinion, it is a DNS issue. Your certificate specify the
SubjectAlternativeName field with two DNS entries. If none of these can be
resolved for your server, the certificate is considered invalid.

-
Daniel Savard

Re: Need help setting up SSL on Tomcat 8

2016-07-12 Thread Sean Son 
On Tue, Jul 12, 2016 at 8:49 AM, Sean Son 
wrote:

>
>
> On Mon, Jul 11, 2016 at 6:25 PM, Ognjen Blagojevic <
> ognjen.d.blagoje...@gmail.com> wrote:
>
>> On 11.7.2016 16:29, Sean Son wrote:
>>
>>> Here is the certificate path:
>>>
>>> - Go Daddy Root Certificate Authority - G2
>>>- Go Daddy Secure Certificate Authority - G2
>>>   - *.example.com 
>>>
>>>
>> That looks Ok.
>>
>> Did you, perhaps, tried to access server on subdomain of example.com?
>> Wildcard certificate "*.example.com" is valid for "www.example.com", but
>> not for "www.department.example.com".
>>
>> -Ognjen
>>
>>
>>
> Hello thank you for your response. I am currently only accessing the
> server using IP address only. We do not have a DNS record set up for the
> server as of yet. It will be something like webapp.example.com
>
>
> Thanks
>
>
>

Are there any logs on the tomcat server that I should check in order to fix
this SSL issue? or is this strictly a certificate related issue?

Re: Need help setting up SSL on Tomcat 8

2016-07-12 Thread Sean Son 
On Mon, Jul 11, 2016 at 6:25 PM, Ognjen Blagojevic <
ognjen.d.blagoje...@gmail.com> wrote:

> On 11.7.2016 16:29, Sean Son wrote:
>
>> Here is the certificate path:
>>
>> - Go Daddy Root Certificate Authority - G2
>>- Go Daddy Secure Certificate Authority - G2
>>   - *.example.com 
>>
>>
> That looks Ok.
>
> Did you, perhaps, tried to access server on subdomain of example.com?
> Wildcard certificate "*.example.com" is valid for "www.example.com", but
> not for "www.department.example.com".
>
> -Ognjen
>
>
>
Hello thank you for your response. I am currently only accessing the server
using IP address only. We do not have a DNS record set up for the server as
of yet. It will be something like webapp.example.com


Thanks

Re: Need help setting up SSL on Tomcat 8

2016-07-11 Thread Ognjen Blagojevic 

On 11.7.2016 16:29, Sean Son wrote:

Here is the certificate path:

- Go Daddy Root Certificate Authority - G2
   - Go Daddy Secure Certificate Authority - G2
  - *.example.com 



That looks Ok.

Did you, perhaps, tried to access server on subdomain of example.com? 
Wildcard certificate "*.example.com" is valid for "www.example.com", but 
not for "www.department.example.com".


-Ognjen



-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org

Re: Need help setting up SSL on Tomcat 8

2016-07-11 Thread Sean Son 
Here is the certificate path:

- Go Daddy Root Certificate Authority - G2
   - Go Daddy Secure Certificate Authority - G2
  - *.example.com


Thanks

On Fri, Jul 8, 2016 at 6:23 PM, Ognjen Blagojevic <
ognjen.d.blagoje...@gmail.com> wrote:

> On 7.7.2016 23:17, Daniel Savard wrote:
>
>> Certificate Error
> There are issues with the site's certificate chain
> (net::ERR_CERT_COMMON_NAME_INVALID).
>
> Looks like adding the keyAlias to the connector did not fix anything
> unfortunately.
>
>

>>> Did you examined the received certificate in the browser. Usually this
>> help
>> to identify why it failed. In this case, the chain of certification seems
>> to be the problem.
>>
>
> +1
>
> What is your certification path / certificate hierarchy?
>
> In Firefox: click on padlock icon, click on arrow, More information, View
> Certificate, Details, Certificate Hierarchy
>
> In Chrome: click on padlock icon, Details, View Certificate, Certification
> path.
>
>
> -Ognjen
>
>
>
> -
> To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
> For additional commands, e-mail: users-h...@tomcat.apache.org
>
>

Re: Need help setting up SSL on Tomcat 8

2016-07-08 Thread Ognjen Blagojevic 

On 7.7.2016 23:17, Daniel Savard wrote:

Certificate Error
There are issues with the site's certificate chain
(net::ERR_CERT_COMMON_NAME_INVALID).

Looks like adding the keyAlias to the connector did not fix anything
unfortunately.






Did you examined the received certificate in the browser. Usually this help
to identify why it failed. In this case, the chain of certification seems
to be the problem.


+1

What is your certification path / certificate hierarchy?

In Firefox: click on padlock icon, click on arrow, More information, 
View Certificate, Details, Certificate Hierarchy


In Chrome: click on padlock icon, Details, View Certificate, 
Certification path.


-Ognjen



-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org

Re: Need help setting up SSL on Tomcat 8

2016-07-07 Thread Daniel Savard 
2016-07-07 14:53 GMT-04:00 Sean Son :

>
>
> On Thu, Jul 7, 2016 at 12:24 PM, Sean Son <
> linuxmailinglistsem...@gmail.com> wrote:
>
>> Copying Daniel and Ognjen on this
>>
>> On Thu, Jul 7, 2016 at 12:02 PM, Sean Son <
>> linuxmailinglistsem...@gmail.com> wrote:
>>
>>> Hello
>>>
>>>  I tried adding the keyAlias to the connector and when i restarted
>>> Tomcat, and i browsed to the sever page, I got this error:
>>>
>>> Certificate Error
>>> There are issues with the site's certificate chain
>>> (net::ERR_CERT_COMMON_NAME_INVALID).
>>>
>>> Looks like adding the keyAlias to the connector did not fix anything
>>> unfortunately.
>>>
>>
>
Did you examined the received certificate in the browser. Usually this help
to identify why it failed. In this case, the chain of certification seems
to be the problem.

-
Daniel Savard

Re: Need help setting up SSL on Tomcat 8

2016-07-07 Thread Sean Son 
On Thu, Jul 7, 2016 at 12:24 PM, Sean Son 
wrote:

> Copying Daniel and Ognjen on this
>
> On Thu, Jul 7, 2016 at 12:02 PM, Sean Son <
> linuxmailinglistsem...@gmail.com> wrote:
>
>> Hello
>>
>>  I tried adding the keyAlias to the connector and when i restarted
>> Tomcat, and i browsed to the sever page, I got this error:
>>
>> Certificate Error
>> There are issues with the site's certificate chain
>> (net::ERR_CERT_COMMON_NAME_INVALID).
>>
>> Looks like adding the keyAlias to the connector did not fix anything
>> unfortunately.
>>
>>
>>
>>
>>
>>
>>
>> On Thu, Jul 7, 2016 at 10:55 AM, Daniel Savard 
>> wrote:
>>
>>> 2016-07-07 10:52 GMT-04:00 Sean Son :
>>>
>>> > So I should modify my  connector to look like this?
>>> >
>>> > >> > protocol="org.apache.coyote.http11.Http11NioProtocol"
>>> >maxThreads="150" keystoreFile="conf/tomcat.jks"
>>> > keystorePass="password"
>>> keyAlias="{b81d8607-57e9-4c35-a058-cd46099e7797}"
>>> > SSLEnabled="true" scheme="https" secure="true"
>>> >clientAuth="false" sslProtocol="TLS" />
>>> >
>>> >
>>> Yes.
>>>
>>> -
>>> Daniel Savard
>>>
>>
>>
>
Sorry I noticed that this is the connector configuration in my server.xml
file:



I updated it with the keyAlias information.  This connector was provided to
me by someone.  Unfortunately I am still getting the same error message.

Re: Need help setting up SSL on Tomcat 8

2016-07-07 Thread Sean Son 
Copying Daniel and Ognjen on this

On Thu, Jul 7, 2016 at 12:02 PM, Sean Son 
wrote:

> Hello
>
>  I tried adding the keyAlias to the connector and when i restarted Tomcat,
> and i browsed to the sever page, I got this error:
>
> Certificate Error
> There are issues with the site's certificate chain
> (net::ERR_CERT_COMMON_NAME_INVALID).
>
> Looks like adding the keyAlias to the connector did not fix anything
> unfortunately.
>
>
>
>
>
>
>
> On Thu, Jul 7, 2016 at 10:55 AM, Daniel Savard 
> wrote:
>
>> 2016-07-07 10:52 GMT-04:00 Sean Son :
>>
>> > So I should modify my  connector to look like this?
>> >
>> > > > protocol="org.apache.coyote.http11.Http11NioProtocol"
>> >maxThreads="150" keystoreFile="conf/tomcat.jks"
>> > keystorePass="password"
>> keyAlias="{b81d8607-57e9-4c35-a058-cd46099e7797}"
>> > SSLEnabled="true" scheme="https" secure="true"
>> >clientAuth="false" sslProtocol="TLS" />
>> >
>> >
>> Yes.
>>
>> -
>> Daniel Savard
>>
>
>

Re: Need help setting up SSL on Tomcat 8

2016-07-07 Thread Sean Son 
Hello

 I tried adding the keyAlias to the connector and when i restarted Tomcat,
and i browsed to the sever page, I got this error:

Certificate Error
There are issues with the site's certificate chain
(net::ERR_CERT_COMMON_NAME_INVALID).

Looks like adding the keyAlias to the connector did not fix anything
unfortunately.







On Thu, Jul 7, 2016 at 10:55 AM, Daniel Savard 
wrote:

> 2016-07-07 10:52 GMT-04:00 Sean Son :
>
> > So I should modify my  connector to look like this?
> >
> >  > protocol="org.apache.coyote.http11.Http11NioProtocol"
> >maxThreads="150" keystoreFile="conf/tomcat.jks"
> > keystorePass="password" keyAlias="{b81d8607-57e9-4c35-a058-cd46099e7797}"
> > SSLEnabled="true" scheme="https" secure="true"
> >clientAuth="false" sslProtocol="TLS" />
> >
> >
> Yes.
>
> -
> Daniel Savard
>

Re: Need help setting up SSL on Tomcat 8

2016-07-07 Thread Daniel Savard 
2016-07-07 10:52 GMT-04:00 Sean Son :

> So I should modify my  connector to look like this?
>
>  protocol="org.apache.coyote.http11.Http11NioProtocol"
>maxThreads="150" keystoreFile="conf/tomcat.jks"
> keystorePass="password" keyAlias="{b81d8607-57e9-4c35-a058-cd46099e7797}"
> SSLEnabled="true" scheme="https" secure="true"
>clientAuth="false" sslProtocol="TLS" />
>
>
Yes.

-
Daniel Savard

Re: Need help setting up SSL on Tomcat 8

2016-07-07 Thread Sean Son 
So I should modify my  connector to look like this?



On Wed, Jul 6, 2016 at 6:50 AM, Ognjen Blagojevic <
ognjen.d.blagoje...@gmail.com> wrote:

> Sean,
>
> On 5.7.2016 17:14, Sean Son wrote:
>
>> Hello Daniel and all
>>
>> Here is the output.. the full output
>>
>> http://pastebin.com/AQckw6ig
>>
>
> Keytool output indicates that there are two entries in keystore:
>
> 1. Entry with alias "root", created Jun 16, 2016, which is intermediate
> certificate for Go Daddy:
>
> Owner: CN=Go Daddy Secure Certificate Authority - G2 ...
> Issuer: CN=Go Daddy Root Certificate Authority - G2 ...
>
> This is "trustedCertEntry", which means that it does not contain a private
> key, and therefore may not be used for encryption necessary for TLS / HTTPS
> communication.
>
>
> 2. Entry with alias "{b81d8607-57e9-4c35-a058-cd46099e7797}", created Jun
> 16, 2016. This is certificate for domain example.com, signed by Go Daddy:
>
> Owner: CN=*.example.com, OU=Domain Control Validated
> Issuer: CN=Go Daddy Secure Certificate Authority - G2, ...
>
> This is PrivateKeyEntry which means that it contains private and public
> key pair, and since owner is different from issuer it means it also
> contains associated certificate. This entry may be used to encrypt data for
> TLS / HTTPS communication.
>
>
> Therefore, you must point Tomcat to use second entry from your keystore.
> Try adding keyAlias="{b81d8607-57e9-4c35-a058-cd46099e7797}" to your
> connector configuration.
>
> -Ognjen
>
>
>
>
> -
> To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
> For additional commands, e-mail: users-h...@tomcat.apache.org
>
>

Re: Need help setting up SSL on Tomcat 8

2016-07-06 Thread Ognjen Blagojevic 

Sean,

On 5.7.2016 17:14, Sean Son wrote:

Hello Daniel and all

Here is the output.. the full output

http://pastebin.com/AQckw6ig


Keytool output indicates that there are two entries in keystore:

1. Entry with alias "root", created Jun 16, 2016, which is intermediate 
certificate for Go Daddy:


Owner: CN=Go Daddy Secure Certificate Authority - G2 ...
Issuer: CN=Go Daddy Root Certificate Authority - G2 ...

This is "trustedCertEntry", which means that it does not contain a 
private key, and therefore may not be used for encryption necessary for 
TLS / HTTPS communication.



2. Entry with alias "{b81d8607-57e9-4c35-a058-cd46099e7797}", created 
Jun 16, 2016. This is certificate for domain example.com, signed by Go 
Daddy:


Owner: CN=*.example.com, OU=Domain Control Validated
Issuer: CN=Go Daddy Secure Certificate Authority - G2, ...

This is PrivateKeyEntry which means that it contains private and public 
key pair, and since owner is different from issuer it means it also 
contains associated certificate. This entry may be used to encrypt data 
for TLS / HTTPS communication.



Therefore, you must point Tomcat to use second entry from your keystore. 
Try adding keyAlias="{b81d8607-57e9-4c35-a058-cd46099e7797}" to your 
connector configuration.


-Ognjen



-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org

Re: Need help setting up SSL on Tomcat 8

2016-07-05 Thread Sean Son 
On Fri, Jul 1, 2016 at 6:14 PM, Daniel Savard 
wrote:

> 2016-07-01 16:08 GMT-04:00 Christopher Schultz <
> ch...@christopherschultz.net
> >:
>
> >
> > >
> > > Thank you for the reply.  How would I go about specifying the alias
> > > of the certificate?
> >
> > You may have to re-import it, but I've had bad experiences with Java
> > keystores so ALWAYS keep a backup in case you host something.
> >
> > The first item in your keystore certainly looks like a certificate to
> > me. It's the *second* item that is a private key.
> >
> > What if you add these attributes to your connector:
> >
> > keyAlias="root"
> >
> > ?
> >
> > If that doesn't work, try using a tool like Portecle to try to adjust
> > some things (like the "aliases"). It's much better and safer than
> > using keytool IMO. Remember ALWAYS KEEP A BACKUP!
> >
> >
> Chris,
>
> in a keystore, the entry with the certificate created using the private key
> from that keystore is a single entry identified as PrivateKey. If you have
> a single certificate created from a private key in that keystore you will
> have only one entry, not two and it will be labeled as private key.
>
> In fact, it can be checked using the -v option to print details about each
> entry. This should be enough to identify without ambiguity which entry is
> what. This is what I recommend to do in order to understand what really is
> in the keystore. I doubt the alias root with the first entry in the
> keystore is actually the certificate needed here.
>
> Sean,
>
> print the details and you will have the alias and Common Name clearly
> identified on the output in a verbose format. Use the -v option to the
> keytool command for this. No need to post everything here if you are
> unsure.
>
> -
> Daniel Savard
>



Hello Daniel and all

Here is the output.. the full output

http://pastebin.com/AQckw6ig

Re: Need help setting up SSL on Tomcat 8

2016-07-01 Thread Daniel Savard 
2016-07-01 16:08 GMT-04:00 Christopher Schultz :

>
> >
> > Thank you for the reply.  How would I go about specifying the alias
> > of the certificate?
>
> You may have to re-import it, but I've had bad experiences with Java
> keystores so ALWAYS keep a backup in case you host something.
>
> The first item in your keystore certainly looks like a certificate to
> me. It's the *second* item that is a private key.
>
> What if you add these attributes to your connector:
>
> keyAlias="root"
>
> ?
>
> If that doesn't work, try using a tool like Portecle to try to adjust
> some things (like the "aliases"). It's much better and safer than
> using keytool IMO. Remember ALWAYS KEEP A BACKUP!
>
>
Chris,

in a keystore, the entry with the certificate created using the private key
from that keystore is a single entry identified as PrivateKey. If you have
a single certificate created from a private key in that keystore you will
have only one entry, not two and it will be labeled as private key.

In fact, it can be checked using the -v option to print details about each
entry. This should be enough to identify without ambiguity which entry is
what. This is what I recommend to do in order to understand what really is
in the keystore. I doubt the alias root with the first entry in the
keystore is actually the certificate needed here.

Sean,

print the details and you will have the alias and Common Name clearly
identified on the output in a verbose format. Use the -v option to the
keytool command for this. No need to post everything here if you are unsure.

-
Daniel Savard

Re: Need help setting up SSL on Tomcat 8

2016-07-01 Thread Christopher Schultz 
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256

Sean,

On 7/1/16 11:11 AM, Sean Son wrote:
> On Fri, Jul 1, 2016 at 2:57 AM, Daniel Savard
>  wrote:
> 
>> 2016-06-29 9:08 GMT-04:00 Sean Son
>> :
>> 
>>> Hello Daniel
>>> 
>>> Thank you for the information. Here is the output of the
>>> keytool command:
>>> 
>>> Keystore type: JKS Keystore provider: SUN
>>> 
>>> Your keystore contains 2 entries
>>> 
>>> root, Jun 16, 2016, trustedCertEntry, Certificate fingerprint
>>> (SHA1): 
>>> 27:AC:93:69:FA:F2:52:07:BB:26:27:CE:FA:CC:BE:4E:F9:C3:19:B8 
>>> {b81d8607-57e9-4c35-a058-cd46099e7797}, Jun 16, 2016,
>>> PrivateKeyEntry, Certificate fingerprint (SHA1): 
>>> 6C:67:52:63:6B:EF:A2:3D:CD:A7:CB:64:99:99:4F:9C:3E:85:B9:AA
>>> 
>>> 
>>> Is it possible that the error that I am seeing, is related to
>>> the fact that I am using a wildcard certificate?
>>> 
>> 
>> So, the first entry in the keystore isn't your certificate. As I
>> told you before, if you do not specify explicitely the alias of
>> the certificate so send, the first entry in the keystore is sent.
>> In this case, root.
>> 
>> The attribute to tell the connector which certificate to send, is
>> keyAlias, however it seems your certificate has no alias in the
>> keystore.
>> 
>> - Daniel Savard
>> 
> 
> 
> Thank you for the reply.  How would I go about specifying the alias
> of the certificate?

You may have to re-import it, but I've had bad experiences with Java
keystores so ALWAYS keep a backup in case you host something.

The first item in your keystore certainly looks like a certificate to
me. It's the *second* item that is a private key.

What if you add these attributes to your connector:

keyAlias="root"

?

If that doesn't work, try using a tool like Portecle to try to adjust
some things (like the "aliases"). It's much better and safer than
using keytool IMO. Remember ALWAYS KEEP A BACKUP!

- -chris
-BEGIN PGP SIGNATURE-
Comment: GPGTools - http://gpgtools.org
Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/

iQIcBAEBCAAGBQJXds3aAAoJEBzwKT+lPKRYioQQAIJXjzniDRnW2U9+W0d/x7M5
/6nBHRw42COjvmHMUC5fY0lQR0rESHYC3yDhkmuutpeYNJyLO/TWLYZUGnEHf7US
7S+2IcYM19AEbDnp8qvE4pMOshJwf7eRic7lBr1OfJ50CKjdzvv2EiSFwO8tdY+6
eYODI+ZBvC7/lUFZ/H9cGlxx2kQHcuzWoE2+9I5DRxzIPP04nN8sfKXHoEiPH97j
d4dQMBpbNC87P6HlcGxpoxcoCfYPpHLMae5PXdSLHnyvU6YKGCUkm5bRE4ieC9F1
ZjFIH+rJZW61wJw64PXOvMm9k6zFL2R5CIsEg3OdZa6Injh951nH3H5GEF7xvJHy
Z1heq6NmuwzHkYT0/vI4S141tscEziNqsTw2kMyV9+QFEHp1u3zin62gIoDXFaHf
jG33c1cWfl4zkWhzWeZcmEN/n6Z+N0x/RZpRugoRy0heero8VF5lgKnjn/7kHuLm
BCZgA5KrsNSYcnQCeDPqTVeKoUXmF0e92xsCAKRjYjBsSUo8Uc0rlu2GaJhYYQma
rIMKli4f5KVAd3vzj4DE8EdmLxNDfgHvftGVMbTViCMlhwwZqI8NA6wGhA+JCVeH
H29sXNh5D5txBfwz10UvEC9iGFRBWZ1jZfrSdEbb4Ra8acrrC+Er6bwgjB8MMAnX
QpMck2thv/QiUCIr7gIb
=LOtb
-END PGP SIGNATURE-

-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org

Re: Need help setting up SSL on Tomcat 8

2016-07-01 Thread Sean Son 
On Fri, Jul 1, 2016 at 2:57 AM, Daniel Savard 
wrote:

> 2016-06-29 9:08 GMT-04:00 Sean Son :
>
> > Hello Daniel
> >
> > Thank you for the information. Here is the output of the keytool command:
> >
> > Keystore type: JKS
> > Keystore provider: SUN
> >
> > Your keystore contains 2 entries
> >
> > root, Jun 16, 2016, trustedCertEntry,
> > Certificate fingerprint (SHA1):
> > 27:AC:93:69:FA:F2:52:07:BB:26:27:CE:FA:CC:BE:4E:F9:C3:19:B8
> > {b81d8607-57e9-4c35-a058-cd46099e7797}, Jun 16, 2016, PrivateKeyEntry,
> > Certificate fingerprint (SHA1):
> > 6C:67:52:63:6B:EF:A2:3D:CD:A7:CB:64:99:99:4F:9C:3E:85:B9:AA
> >
> >
> > Is it possible that the error that I am seeing, is related to the fact
> > that I am using a wildcard certificate?
> >
>
> So, the first entry in the keystore isn't your certificate. As I told you
> before, if you do not specify explicitely the alias of the certificate so
> send, the first entry in the keystore is sent. In this case, root.
>
> The attribute to tell the connector which certificate to send, is keyAlias,
> however it seems your certificate has no alias in the keystore.
>
> -
> Daniel Savard
>


Thank you for the reply.  How would I go about specifying the alias of the
certificate?

Re: Need help setting up SSL on Tomcat 8

2016-06-30 Thread Daniel Savard 
2016-06-29 9:08 GMT-04:00 Sean Son :

> Hello Daniel
>
> Thank you for the information. Here is the output of the keytool command:
>
> Keystore type: JKS
> Keystore provider: SUN
>
> Your keystore contains 2 entries
>
> root, Jun 16, 2016, trustedCertEntry,
> Certificate fingerprint (SHA1):
> 27:AC:93:69:FA:F2:52:07:BB:26:27:CE:FA:CC:BE:4E:F9:C3:19:B8
> {b81d8607-57e9-4c35-a058-cd46099e7797}, Jun 16, 2016, PrivateKeyEntry,
> Certificate fingerprint (SHA1):
> 6C:67:52:63:6B:EF:A2:3D:CD:A7:CB:64:99:99:4F:9C:3E:85:B9:AA
>
>
> Is it possible that the error that I am seeing, is related to the fact
> that I am using a wildcard certificate?
>

So, the first entry in the keystore isn't your certificate. As I told you
before, if you do not specify explicitely the alias of the certificate so
send, the first entry in the keystore is sent. In this case, root.

The attribute to tell the connector which certificate to send, is keyAlias,
however it seems your certificate has no alias in the keystore.

-
Daniel Savard

Re: Need help setting up SSL on Tomcat 8

2016-06-30 Thread Philip Hachey 



On 16-06-29 09:08 AM, Sean Son wrote:

Hello Daniel

Thank you for the information. Here is the output of the keytool command:

Keystore type: JKS
Keystore provider: SUN

Your keystore contains 2 entries

root, Jun 16, 2016, trustedCertEntry,
Certificate fingerprint (SHA1):
27:AC:93:69:FA:F2:52:07:BB:26:27:CE:FA:CC:BE:4E:F9:C3:19:B8
{b81d8607-57e9-4c35-a058-cd46099e7797}, Jun 16, 2016, PrivateKeyEntry,
Certificate fingerprint (SHA1):
6C:67:52:63:6B:EF:A2:3D:CD:A7:CB:64:99:99:4F:9C:3E:85:B9:AA


Is it possible that the error that I am seeing, is related to the fact that
I am using a wildcard certificate?


Thanks

I'm not familiar with this configuration.  My keystore -list generates this:
***
Keystore type: JKS
Keystore provider: SUN

Your keystore contains 1 entry

tomcat, 11-Apr-2016, PrivateKeyEntry,
Certificate fingerprint (SHA1): ...
***

That's what you should have too if you're simply following the quick 
start rules here 
[https://tomcat.apache.org/tomcat-8.0-doc/ssl-howto.html].  Point your 
browser to "https://localhost:8443/";


I also get a browser warning when using this keystore, but it's 
net::ERR_CERT_AUTHORITY_INVALID which I would expect because I haven't 
registered with a root authority (i.e. it's a self-signed certificate).  
I would start with that.  If you then need to use an authority-signed 
certificate, I personally don't have any immediate knowledge when it 
comes to Tomcat, but I imagine it should be only slightly more complex.




-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org

  1   2   3   4   5   6   7   >