subject:"SSL Setup"

Mark I don't see where you wrote anything in this reply?

John Ellis

405.285.2500 office




http://biz-e.io


-Original Message-
From: Mark Thomas [mailto:ma...@apache.org] 
Sent: Tuesday, September 26, 2017 5:49 PM
To: Tomcat Users List <users@tomcat.apache.org>
Subject: RE: tomcat ssl setup

On 26 September 2017 20:26:58 BST, John Ellis <john.el...@lsgsolutions.com> 
wrote:
>Yesterday my boss suggested setting up Tomcat vers. 8 as he thought 
>this is what Jira and/or Confluence would use so I did that and it 
>worked fine on http port of 8080. I then edited the server.xml file 
>again for the SSL port and got the same result as before; never gets to 
>a webpage login using the secure port of 8443 but I can still get the 
>webpage on port 8080. When I look at the Tomcat 8 Catalina log file I 
>see several lines where it says- "java.security.KeyStoreException:
>Cannot store non-PrivateKeys". I have been googling that error and 
>found a couple of posts saying to change from JKS to JCEKS but when I 
>ran the commands I didn't have JKS in the command; only RSA for the 
>algorithm. Can someone provide me with the proper keytool commands that
>I need to use to create an SSL certificate for Tomcat?   
>
>John Ellis
>
>405.285.2500 office
>
>
>
>
>http://biz-e.io
>
>-Original Message-
>From: Mark Thomas [mailto:ma...@apache.org]
>Sent: Friday, September 22, 2017 2:20 PM
>To: Tomcat Users List <users@tomcat.apache.org>
>Subject: Re: tomcat ssl setup
>
>On 22/09/17 16:44, John Ellis wrote:
>> I have installed Tomcat 9.0.0.M27 on this test server but I still get
>the same result; when I try to connect to Tomcat on the secure port of
>8443 it just sits there and has a spinner up at the top of the browser 
>window but if I try to connect to it back on the non-secure port of
>8080 it works fine. Here is a Dropbox link to the server.xml file that 
>I edited-
>> 
>> https://www.dropbox.com/s/rdjjjxn6lzrucs0/server.xml?dl=0
>> 
>> Here is a Dropbox link to the Catalina log file-
>> 
>>
>https://www.dropbox.com/s/c0x8svk4neqp5xo/catalina.2017-09-22.log?dl=0
>> 
>> Thanks,
>> 
>> John Ellis
>
>How did you generate the key and certificate files?
>
>Mark
>
>-
>To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
>For additional commands, e-mail: users-h...@tomcat.apache.org
>
>
>
>-
>To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
>For additional commands, e-mail: users-h...@tomcat.apache.org

https://youtu.be/I6TbMqH9WFg

Mark


-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org



-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org

RE: tomcat ssl setup

2017-09-26 Thread Mark Thomas

On 26 September 2017 20:26:58 BST, John Ellis <john.el...@lsgsolutions.com> 
wrote:
>Yesterday my boss suggested setting up Tomcat vers. 8 as he thought
>this is what Jira and/or Confluence would use so I did that and it
>worked fine on http port of 8080. I then edited the server.xml file
>again for the SSL port and got the same result as before; never gets to
>a webpage login using the secure port of 8443 but I can still get the
>webpage on port 8080. When I look at the Tomcat 8 Catalina log file I
>see several lines where it says- "java.security.KeyStoreException:
>Cannot store non-PrivateKeys". I have been googling that error and
>found a couple of posts saying to change from JKS to JCEKS but when I
>ran the commands I didn't have JKS in the command; only RSA for the
>algorithm. Can someone provide me with the proper keytool commands that
>I need to use to create an SSL certificate for Tomcat?   
>
>John Ellis
>
>405.285.2500 office
>
>
>
>
>http://biz-e.io
>
>-Original Message-
>From: Mark Thomas [mailto:ma...@apache.org] 
>Sent: Friday, September 22, 2017 2:20 PM
>To: Tomcat Users List <users@tomcat.apache.org>
>Subject: Re: tomcat ssl setup
>
>On 22/09/17 16:44, John Ellis wrote:
>> I have installed Tomcat 9.0.0.M27 on this test server but I still get
>the same result; when I try to connect to Tomcat on the secure port of
>8443 it just sits there and has a spinner up at the top of the browser
>window but if I try to connect to it back on the non-secure port of
>8080 it works fine. Here is a Dropbox link to the server.xml file that
>I edited-
>> 
>> https://www.dropbox.com/s/rdjjjxn6lzrucs0/server.xml?dl=0
>> 
>> Here is a Dropbox link to the Catalina log file-
>> 
>>
>https://www.dropbox.com/s/c0x8svk4neqp5xo/catalina.2017-09-22.log?dl=0
>> 
>> Thanks,
>> 
>> John Ellis
>
>How did you generate the key and certificate files?
>
>Mark
>
>-
>To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
>For additional commands, e-mail: users-h...@tomcat.apache.org
>
>
>
>-
>To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
>For additional commands, e-mail: users-h...@tomcat.apache.org

https://youtu.be/I6TbMqH9WFg

Mark


-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org

RE: tomcat ssl setup

Yes I have run into that. I'm using an xml editor to check my work.

John Ellis

405.285.2500 office




http://biz-e.io


-Original Message-
From: l...@kreuser.name [mailto:l...@kreuser.name] 
Sent: Tuesday, September 26, 2017 3:32 PM
To: Tomcat Users List <users@tomcat.apache.org>
Subject: Re: tomcat ssl setup

G, I hate formatting in Mails...

Beware of “ when copying source code!

> Am 26.09.2017 um 22:25 schrieb l...@kreuser.name:
> 
> John,
> 
> 
> 
>> Am 26.09.2017 um 21:26 schrieb John Ellis <john.el...@lsgsolutions.com>:
>> 
>> Yesterday my boss suggested setting up Tomcat vers. 8 as he thought this is 
>> what Jira and/or Confluence would use so I did that and it worked fine on 
>> http port of 8080. I then edited the server.xml file again for the SSL port 
>> and got the same result as before; never gets to a webpage login using the 
>> secure port of 8443 but I can still get the webpage on port 8080. When I 
>> look at the Tomcat 8 Catalina log file I see several lines where it says- 
>> "java.security.KeyStoreException: Cannot store non-PrivateKeys". I have been 
>> googling that error and found a couple of posts saying to change from JKS to 
>> JCEKS but when I ran the commands I didn't have JKS in the command; only RSA 
>> for the algorithm. Can someone provide me with the proper keytool commands 
>> that I need to use to create an SSL certificate for Tomcat?   
>> 
>> John Ellis
>> 
>> 405.285.2500 office
>> 
>> 
> 
> 
> We’re talking about Tomcat 8.5, 8.0 is EOLed so it may not make sense to ride 
> a dead horse, also SSL setup has changed quite a bit in 8.5/9.0.
> 
> So my setup is as follows:
> 
> server.xml:
> 
> protocol="org.apache.coyote.http11.Http11Nio2Protocol"
>
> sslImplementationName="org.apache.tomcat.util.net.jsse.JSSEImplementation"
>allowTrace="false"
>maxThreads="150"
>SSLEnabled="true"
>compression="off"
>scheme="https"
>server="Apache Tomcat"
>secure="true"
   defaultSSLHostConfigName=“localhost” > 
> 
>hostName="localhost"
>honorCipherOrder="true"
>certificateVerification="none"
>protocols="TLSv1.2"
>
> ciphers="ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA:ECDHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-RSA-AES256-SHA256:DHE-RSA-AES256-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:!DSS">
>  certificateKeystoreFile="${catalina.base}/conf/ssl/jssecacerts"
>  certificateKeystorePassword="changeit"
>  certificateKeyAlias="tomcat"
>  type="RSA" />
>
>  
> 
> https://stackoverflow.com/questions/10175812/how-to-create-a-self-sign
> ed-certificate-with-openssl 
> <https://stackoverflow.com/questions/10175812/how-to-create-a-self-sig
> ned-certificate-with-openssl>
> 
> I use openssl to create the certs (as let’s encrypt for an official cert will 
> generate the same structure) and then convert to JKS:
> 
> openssl genrsa -aes256 -out server.key 4096 -subj 
> "/C=XX/ST=XX/L=XX/O=XX/CN=localhost"
> openssl req -new -key server.key -out server.csr -sha512  -subj 
> "/C=XX/ST=XX/L=XX/O=XX/CN=localhost/emailAddress=x...@xx.com"
> #there is more to it to get SAN extensions, but that’s not necessary 
> to get it running
> 
> openssl x509 -req -sha256 -days 365 -in server.csr -signkey server.key 
> -out server.crt # you may need your own ca and a signing-process to 
> make this work in all browsers
> 
> #Verify Server Cert
> openssl x509 -in server.crt -text -noout
> 
> openssl pkcs12 -export -in server.crt -inkey server.key -out 
> jssecacerts -name tomcat keytool -list -v -keystore jssecacerts 
> -storepass changeit
> 
> 
> Hope this helps for a start.
> 
> Regards
> 
> Peter
> 
> 
> 
> 
> 
> 
> 
> 
> 
> 



-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org

Re: tomcat ssl setup

2017-09-26 Thread logo

G, I hate formatting in Mails...

Beware of “ when copying source code!

> Am 26.09.2017 um 22:25 schrieb l...@kreuser.name:
> 
> John,
> 
> 
> 
>> Am 26.09.2017 um 21:26 schrieb John Ellis <john.el...@lsgsolutions.com>:
>> 
>> Yesterday my boss suggested setting up Tomcat vers. 8 as he thought this is 
>> what Jira and/or Confluence would use so I did that and it worked fine on 
>> http port of 8080. I then edited the server.xml file again for the SSL port 
>> and got the same result as before; never gets to a webpage login using the 
>> secure port of 8443 but I can still get the webpage on port 8080. When I 
>> look at the Tomcat 8 Catalina log file I see several lines where it says- 
>> "java.security.KeyStoreException: Cannot store non-PrivateKeys". I have been 
>> googling that error and found a couple of posts saying to change from JKS to 
>> JCEKS but when I ran the commands I didn't have JKS in the command; only RSA 
>> for the algorithm. Can someone provide me with the proper keytool commands 
>> that I need to use to create an SSL certificate for Tomcat?   
>> 
>> John Ellis
>> 
>> 405.285.2500 office
>> 
>> 
> 
> 
> We’re talking about Tomcat 8.5, 8.0 is EOLed so it may not make sense to ride 
> a dead horse, also SSL setup has changed quite a bit in 8.5/9.0.
> 
> So my setup is as follows:
> 
> server.xml:
> 
> protocol="org.apache.coyote.http11.Http11Nio2Protocol"
>
> sslImplementationName="org.apache.tomcat.util.net.jsse.JSSEImplementation"
>allowTrace="false"
>maxThreads="150"
>SSLEnabled="true"
>compression="off"
>scheme="https"
>server="Apache Tomcat"
>secure="true"
   defaultSSLHostConfigName=“localhost” > 
> 
>hostName="localhost"
>honorCipherOrder="true"
>certificateVerification="none"
>protocols="TLSv1.2"
>
> ciphers="ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA:ECDHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-RSA-AES256-SHA256:DHE-RSA-AES256-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:!DSS">
>  certificateKeystoreFile="${catalina.base}/conf/ssl/jssecacerts"
>  certificateKeystorePassword="changeit"
>  certificateKeyAlias="tomcat"
>  type="RSA" />
>
>  
> 
> https://stackoverflow.com/questions/10175812/how-to-create-a-self-signed-certificate-with-openssl
>  
> <https://stackoverflow.com/questions/10175812/how-to-create-a-self-signed-certificate-with-openssl>
> 
> I use openssl to create the certs (as let’s encrypt for an official cert will 
> generate the same structure) and then convert to JKS:
> 
> openssl genrsa -aes256 -out server.key 4096 -subj 
> "/C=XX/ST=XX/L=XX/O=XX/CN=localhost"
> openssl req -new -key server.key -out server.csr -sha512  -subj 
> "/C=XX/ST=XX/L=XX/O=XX/CN=localhost/emailAddress=x...@xx.com"
> #there is more to it to get SAN extensions, but that’s not necessary to get 
> it running
> 
> openssl x509 -req -sha256 -days 365 -in server.csr -signkey server.key -out 
> server.crt
> # you may need your own ca and a signing-process to make this work in all 
> browsers
> 
> #Verify Server Cert
> openssl x509 -in server.crt -text -noout
> 
> openssl pkcs12 -export -in server.crt -inkey server.key -out jssecacerts 
> -name tomcat
> keytool -list -v -keystore jssecacerts -storepass changeit
> 
> 
> Hope this helps for a start.
> 
> Regards
> 
> Peter
> 
> 
> 
> 
> 
> 
> 
> 
> 
>

RE: tomcat ssl setup

Yes version 8.5 is what I downloaded & tried but I had already tried both 
versions (M26 and M27) of 9.0.0. I think this is just something that I am 
overlooking here; I am not a programmer and have just had to learn all of this 
to work with Jira and Confluence, that we use here in our office. I will try 
this tomorrow.
Thanks so much for the info! 

John Ellis

405.285.2500 office




http://biz-e.io


-Original Message-
From: l...@kreuser.name [mailto:l...@kreuser.name] 
Sent: Tuesday, September 26, 2017 3:26 PM
To: Tomcat Users List <users@tomcat.apache.org>
Subject: Re: tomcat ssl setup

John,



> Am 26.09.2017 um 21:26 schrieb John Ellis <john.el...@lsgsolutions.com>:
> 
> Yesterday my boss suggested setting up Tomcat vers. 8 as he thought this is 
> what Jira and/or Confluence would use so I did that and it worked fine on 
> http port of 8080. I then edited the server.xml file again for the SSL port 
> and got the same result as before; never gets to a webpage login using the 
> secure port of 8443 but I can still get the webpage on port 8080. When I look 
> at the Tomcat 8 Catalina log file I see several lines where it says- 
> "java.security.KeyStoreException: Cannot store non-PrivateKeys". I have been 
> googling that error and found a couple of posts saying to change from JKS to 
> JCEKS but when I ran the commands I didn't have JKS in the command; only RSA 
> for the algorithm. Can someone provide me with the proper keytool commands 
> that I need to use to create an SSL certificate for Tomcat?   
> 
> John Ellis
> 
> 405.285.2500 office
> 
> 


We’re talking about Tomcat 8.5, 8.0 is EOLed so it may not make sense to ride a 
dead horse, also SSL setup has changed quite a bit in 8.5/9.0.

So my setup is as follows:

server.xml:

 

 

  

https://stackoverflow.com/questions/10175812/how-to-create-a-self-signed-certificate-with-openssl
 
<https://stackoverflow.com/questions/10175812/how-to-create-a-self-signed-certificate-with-openssl>

I use openssl to create the certs (as let’s encrypt for an official cert will 
generate the same structure) and then convert to JKS:

openssl genrsa -aes256 -out server.key 4096 -subj 
"/C=XX/ST=XX/L=XX/O=XX/CN=localhost"
openssl req -new -key server.key -out server.csr -sha512  -subj 
"/C=XX/ST=XX/L=XX/O=XX/CN=localhost/emailAddress=x...@xx.com"
#there is more to it to get SAN extensions, but that’s not necessary to get it 
running

openssl x509 -req -sha256 -days 365 -in server.csr -signkey server.key -out 
server.crt # you may need your own ca and a signing-process to make this work 
in all browsers

#Verify Server Cert
openssl x509 -in server.crt -text -noout

openssl pkcs12 -export -in server.crt -inkey server.key -out jssecacerts -name 
tomcat keytool -list -v -keystore jssecacerts -storepass changeit


Hope this helps for a start.

Regards

Peter












-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org

Re: tomcat ssl setup

2017-09-26 Thread logo

John,



> Am 26.09.2017 um 21:26 schrieb John Ellis <john.el...@lsgsolutions.com>:
> 
> Yesterday my boss suggested setting up Tomcat vers. 8 as he thought this is 
> what Jira and/or Confluence would use so I did that and it worked fine on 
> http port of 8080. I then edited the server.xml file again for the SSL port 
> and got the same result as before; never gets to a webpage login using the 
> secure port of 8443 but I can still get the webpage on port 8080. When I look 
> at the Tomcat 8 Catalina log file I see several lines where it says- 
> "java.security.KeyStoreException: Cannot store non-PrivateKeys". I have been 
> googling that error and found a couple of posts saying to change from JKS to 
> JCEKS but when I ran the commands I didn't have JKS in the command; only RSA 
> for the algorithm. Can someone provide me with the proper keytool commands 
> that I need to use to create an SSL certificate for Tomcat?   
> 
> John Ellis
> 
> 405.285.2500 office
> 
> 


We’re talking about Tomcat 8.5, 8.0 is EOLed so it may not make sense to ride a 
dead horse, also SSL setup has changed quite a bit in 8.5/9.0.

So my setup is as follows:

server.xml:

 

 

  

https://stackoverflow.com/questions/10175812/how-to-create-a-self-signed-certificate-with-openssl
 
<https://stackoverflow.com/questions/10175812/how-to-create-a-self-signed-certificate-with-openssl>

I use openssl to create the certs (as let’s encrypt for an official cert will 
generate the same structure) and then convert to JKS:

openssl genrsa -aes256 -out server.key 4096 -subj 
"/C=XX/ST=XX/L=XX/O=XX/CN=localhost"
openssl req -new -key server.key -out server.csr -sha512  -subj 
"/C=XX/ST=XX/L=XX/O=XX/CN=localhost/emailAddress=x...@xx.com"
#there is more to it to get SAN extensions, but that’s not necessary to get it 
running

openssl x509 -req -sha256 -days 365 -in server.csr -signkey server.key -out 
server.crt
# you may need your own ca and a signing-process to make this work in all 
browsers

#Verify Server Cert
openssl x509 -in server.crt -text -noout

openssl pkcs12 -export -in server.crt -inkey server.key -out jssecacerts -name 
tomcat
keytool -list -v -keystore jssecacerts -storepass changeit


Hope this helps for a start.

Regards

Peter

RE: tomcat ssl setup

Yesterday my boss suggested setting up Tomcat vers. 8 as he thought this is 
what Jira and/or Confluence would use so I did that and it worked fine on http 
port of 8080. I then edited the server.xml file again for the SSL port and got 
the same result as before; never gets to a webpage login using the secure port 
of 8443 but I can still get the webpage on port 8080. When I look at the Tomcat 
8 Catalina log file I see several lines where it says- 
"java.security.KeyStoreException: Cannot store non-PrivateKeys". I have been 
googling that error and found a couple of posts saying to change from JKS to 
JCEKS but when I ran the commands I didn't have JKS in the command; only RSA 
for the algorithm. Can someone provide me with the proper keytool commands that 
I need to use to create an SSL certificate for Tomcat?   

John Ellis

405.285.2500 office

http://biz-e.io

-Original Message-
From: Mark Thomas [mailto:ma...@apache.org] 
Sent: Friday, September 22, 2017 2:20 PM
To: Tomcat Users List <users@tomcat.apache.org>
Subject: Re: tomcat ssl setup

On 22/09/17 16:44, John Ellis wrote:
> I have installed Tomcat 9.0.0.M27 on this test server but I still get the 
> same result; when I try to connect to Tomcat on the secure port of 8443 it 
> just sits there and has a spinner up at the top of the browser window but if 
> I try to connect to it back on the non-secure port of 8080 it works fine. 
> Here is a Dropbox link to the server.xml file that I edited-
> 
> https://www.dropbox.com/s/rdjjjxn6lzrucs0/server.xml?dl=0
> 
> Here is a Dropbox link to the Catalina log file-
> 
> https://www.dropbox.com/s/c0x8svk4neqp5xo/catalina.2017-09-22.log?dl=0
> 
> Thanks,
> 
> John Ellis

How did you generate the key and certificate files?

Mark

-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org

-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org

RE: tomcat ssl setup

2017-09-25 Thread John Ellis

Ok please disregard my last question re using keytool. I DID use it on the 
server we are trying to get the ssl certificate to work on. It's just that it 
was awhile back and I wasn't seeing the commands when I went by through the 
command history.
My Bad 

John Ellis

405.285.2500 office




http://biz-e.io


-Original Message-
From: Mark Thomas [mailto:ma...@apache.org] 
Sent: Friday, September 22, 2017 2:20 PM
To: Tomcat Users List <users@tomcat.apache.org>
Subject: Re: tomcat ssl setup

On 22/09/17 16:44, John Ellis wrote:
> I have installed Tomcat 9.0.0.M27 on this test server but I still get the 
> same result; when I try to connect to Tomcat on the secure port of 8443 it 
> just sits there and has a spinner up at the top of the browser window but if 
> I try to connect to it back on the non-secure port of 8080 it works fine. 
> Here is a Dropbox link to the server.xml file that I edited-
> 
> https://www.dropbox.com/s/rdjjjxn6lzrucs0/server.xml?dl=0
> 
> Here is a Dropbox link to the Catalina log file-
> 
> https://www.dropbox.com/s/c0x8svk4neqp5xo/catalina.2017-09-22.log?dl=0
> 
> Thanks,
> 
> John Ellis

How did you generate the key and certificate files?

Mark

-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org



-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org

RE: tomcat ssl setup

2017-09-25 Thread John Ellis

I have another question. In visiting with my boss just now he brought up this 
question. Do we have to run something like the keytool command and go through 
all of those steps to get a certificate just in order to try to connect to 
Tomcat on a secure port, like 8443? I thought we could connect try to connect 
to it 1st and THEN setup the certificate. Maybe I missed this. As I said in the 
past when I first started posting my questions for the SSL issue I am not a 
programmer; my background is in computer hardware. I have only learned what I 
know about Jira and Confluence from OJT here with this position, in the last 
few years.   

John Ellis

405.285.2500 office

http://biz-e.io

-Original Message-
From: Mark Thomas [mailto:ma...@apache.org] 
Sent: Friday, September 22, 2017 2:20 PM
To: Tomcat Users List <users@tomcat.apache.org>
Subject: Re: tomcat ssl setup

On 22/09/17 16:44, John Ellis wrote:
> I have installed Tomcat 9.0.0.M27 on this test server but I still get the 
> same result; when I try to connect to Tomcat on the secure port of 8443 it 
> just sits there and has a spinner up at the top of the browser window but if 
> I try to connect to it back on the non-secure port of 8080 it works fine. 
> Here is a Dropbox link to the server.xml file that I edited-
> 
> https://www.dropbox.com/s/rdjjjxn6lzrucs0/server.xml?dl=0
> 
> Here is a Dropbox link to the Catalina log file-
> 
> https://www.dropbox.com/s/c0x8svk4neqp5xo/catalina.2017-09-22.log?dl=0
> 
> Thanks,
> 
> John Ellis

How did you generate the key and certificate files?

Mark

-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org

-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org

RE: tomcat ssl setup

2017-09-25 Thread John Ellis

Mark although I am not finding it now I'm pretty sure that I sent out a reply 
to this last week saying I am getting the same exact result with ver. M27 as I 
was with M26; can't get a webpage login when I try the secure port of 8443. It 
just churns on the screen but never connects. However if I plug in the 
non-secure port of 8080 it goes to the 9.0.0.M27 webpage immediately. 
Also my boss suggested that I try using "Let's Encrypt so I tried that on 
Friday. It instructed me to run several updates first but when I tried to run 
the actual command of-
./certbot-auto --apache I got a messages below-

/opt/eff.org/certbot/venv/lib/python2.6/site-packages/cryptography/__init__.py:26:
 DeprecationWarning: Python 2.6 is no longer supported by the Python core team, 
please upgrade your Python. A future version of cryptography will drop support 
for Python 2.6
  DeprecationWarning
Saving debug log to /var/log/letsencrypt/letsencrypt.log
Failed to find executable apache2ctl in PATH: 
/usr/lib64/qt-3.3/bin:/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin:/usr/bin:/usr/bin:/root/bin
The apache plugin is not working; there may be problems with your existing 
configuration.
The error was: NoInstallationError('Cannot find Apache control command 
apache2ctl',)

I went to the cert.bot website and it suggested running the command 
./certbot-auto --apache certonly but it gave the same error.

John Ellis

405.285.2500 office

http://biz-e.io

-Original Message-
From: Mark Thomas [mailto:ma...@apache.org] 
Sent: Friday, September 22, 2017 9:17 AM
To: Tomcat Users List <users@tomcat.apache.org>
Subject: Re: tomcat ssl setup

On 22/09/17 15:05, John Ellis wrote:
> Andre I saw where you asked Mark Thomas, on another thread, if the 
> issue on that thread might be causing the SSL issue that I am having. 
> On the server that I have been using for the testing of Tomcat 9 
> version 8 was already installed on it. It's just that my boss said to 
> download, install and work with version 9. I wonder if it might work on with 
> version 8?

Try with 9.0.0.M27. You'll need to follow the browse link on the download page 
and then up a directory to find it. (It has been released but CVE-2017-12617 
happened and we decided not to announce it as the next 9.0.x release will be 
following shortly.)

Note there is still a regression in the keystore handling but it affects fewer 
configurations (just FIPS as far as I know).

Mark

> 
> John Ellis
> 
> 405.285.2500 office
> 
> 
> 
> 
> http://biz-e.io
> 
> 
> -Original Message-
> From: André Warnier (tomcat) [mailto:a...@ice-sa.com]
> Sent: Thursday, September 21, 2017 4:40 PM
> To: users@tomcat.apache.org
> Subject: Re: tomcat ssl setup
> 
> Hi.
> 
> I just downloaded tomcat 9 myself (the windows zip version, but it 
> should be the same), to look at the standard server.xml.
> 
> There is something which does not quite fit in all of this.
> I can also not see, in the snippets of server.xml that you pasted, any 
> obvious XML errors or imbricated comments.
> Yet the logfile points to these lines..
> Somehow the logfile which you uploaded to drop-box, does not seem to 
> match the server.xml lines that you pasted here.
> 
> Ooooh, wait.
> I know why it did not fit.
> 
> After looking again, more carefully, at the logfile that you posted, I 
> see what was confusing : that logfile shows several starts and stops of 
> tomcat.
> It just accumulates. I was looking just at the beginning, the first 
> error that I found.
> You have for example this :
> 
> 08-Sep-2017 11:10:32.131 INFO [main]
> org.apache.coyote.AbstractProtocol.start Starting ProtocolHandler 
> ["http-nio-8080"]
> 08-Sep-2017 11:10:32.136 INFO [main]
> org.apache.coyote.AbstractProtocol.start Starting ProtocolHandler 
> ["ajp-nio-8009"]
> 08-Sep-2017 11:10:32.137 INFO [main]
> org.apache.catalina.startup.Catalina.start Server startup in 18916 ms
> 
> Just before the error message that I was mentioning, which was :
> 08-Sep-2017 11:31:21.952 SEVERE [main] 
> org.apache.tomcat.util.digester.Digester.fatalError
> Parse Fatal Error at line 87 column 6: The content of elements must 
> consist of well-formed character data or markup.
>   org.xml.sax.SAXParseException; systemId: 
> file:/home/tomcat9/apache-tomcat-9.0.0.M26/conf/server.xml; 
> lineNumber: 87;
> columnNumber: 
> 6; The content of elements must consist of well-formed character data 
> or markup.
> 
> But that was like 21 minutes later, after tomcat had been running for 
> 21 minutes.
> 
> Then after that there are a few more starts and stops, and a the 
> lastest attempt, the problem is different :
> 
> 08-Sep-2017 15:24:35.920 INFO [main] 
> org.apa

RE: tomcat ssl setup

I used the keytool command, then submitted the CSR to the cacert.org site, then 
put root and main certificates in place and referenced them in the server.xml 
file.

John Ellis

405.285.2500 office




http://biz-e.io


-Original Message-
From: Mark Thomas [mailto:ma...@apache.org] 
Sent: Friday, September 22, 2017 2:20 PM
To: Tomcat Users List <users@tomcat.apache.org>
Subject: Re: tomcat ssl setup

On 22/09/17 16:44, John Ellis wrote:
> I have installed Tomcat 9.0.0.M27 on this test server but I still get the 
> same result; when I try to connect to Tomcat on the secure port of 8443 it 
> just sits there and has a spinner up at the top of the browser window but if 
> I try to connect to it back on the non-secure port of 8080 it works fine. 
> Here is a Dropbox link to the server.xml file that I edited-
> 
> https://www.dropbox.com/s/rdjjjxn6lzrucs0/server.xml?dl=0
> 
> Here is a Dropbox link to the Catalina log file-
> 
> https://www.dropbox.com/s/c0x8svk4neqp5xo/catalina.2017-09-22.log?dl=0
> 
> Thanks,
> 
> John Ellis

How did you generate the key and certificate files?

Mark

-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org



-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org

Re: tomcat ssl setup

2017-09-22 Thread Mark Thomas

On 22/09/17 16:44, John Ellis wrote:
> I have installed Tomcat 9.0.0.M27 on this test server but I still get the 
> same result; when I try to connect to Tomcat on the secure port of 8443 it 
> just sits there and has a spinner up at the top of the browser window but if 
> I try to connect to it back on the non-secure port of 8080 it works fine. 
> Here is a Dropbox link to the server.xml file that I edited-
> 
> https://www.dropbox.com/s/rdjjjxn6lzrucs0/server.xml?dl=0
> 
> Here is a Dropbox link to the Catalina log file-
> 
> https://www.dropbox.com/s/c0x8svk4neqp5xo/catalina.2017-09-22.log?dl=0
> 
> Thanks,
> 
> John Ellis

How did you generate the key and certificate files?

Mark

-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org

RE: tomcat ssl setup

I have installed Tomcat 9.0.0.M27 on this test server but I still get the same 
result; when I try to connect to Tomcat on the secure port of 8443 it just sits 
there and has a spinner up at the top of the browser window but if I try to 
connect to it back on the non-secure port of 8080 it works fine. Here is a 
Dropbox link to the server.xml file that I edited-

https://www.dropbox.com/s/rdjjjxn6lzrucs0/server.xml?dl=0

Here is a Dropbox link to the Catalina log file-

https://www.dropbox.com/s/c0x8svk4neqp5xo/catalina.2017-09-22.log?dl=0

Thanks,

John Ellis

405.285.2500 office




http://biz-e.io

-Original Message-
From: Mark Thomas [mailto:ma...@apache.org] 
Sent: Friday, September 22, 2017 9:17 AM
To: Tomcat Users List <users@tomcat.apache.org>
Subject: Re: tomcat ssl setup

On 22/09/17 15:05, John Ellis wrote:
> Andre I saw where you asked Mark Thomas, on another thread, if the 
> issue on that thread might be causing the SSL issue that I am having. 
> On the server that I have been using for the testing of Tomcat 9 
> version 8 was already installed on it. It's just that my boss said to 
> download, install and work with version 9. I wonder if it might work on with 
> version 8?

Try with 9.0.0.M27. You'll need to follow the browse link on the download page 
and then up a directory to find it. (It has been released but CVE-2017-12617 
happened and we decided not to announce it as the next 9.0.x release will be 
following shortly.)

Note there is still a regression in the keystore handling but it affects fewer 
configurations (just FIPS as far as I know).

Mark


> 
> John Ellis
> 
> 405.285.2500 office
> 
> 
> 
> 
> http://biz-e.io
> 
> 
> -Original Message-
> From: André Warnier (tomcat) [mailto:a...@ice-sa.com]
> Sent: Thursday, September 21, 2017 4:40 PM
> To: users@tomcat.apache.org
> Subject: Re: tomcat ssl setup
> 
> Hi.
> 
> I just downloaded tomcat 9 myself (the windows zip version, but it 
> should be the same), to look at the standard server.xml.
> 
> There is something which does not quite fit in all of this.
> I can also not see, in the snippets of server.xml that you pasted, any 
> obvious XML errors or imbricated comments.
> Yet the logfile points to these lines..
> Somehow the logfile which you uploaded to drop-box, does not seem to 
> match the server.xml lines that you pasted here.
> 
> Ooooh, wait.
> I know why it did not fit.
> 
> After looking again, more carefully, at the logfile that you posted, I 
> see what was confusing : that logfile shows several starts and stops of 
> tomcat.
> It just accumulates. I was looking just at the beginning, the first 
> error that I found.
> You have for example this :
> 
> 08-Sep-2017 11:10:32.131 INFO [main]
> org.apache.coyote.AbstractProtocol.start Starting ProtocolHandler 
> ["http-nio-8080"]
> 08-Sep-2017 11:10:32.136 INFO [main]
> org.apache.coyote.AbstractProtocol.start Starting ProtocolHandler 
> ["ajp-nio-8009"]
> 08-Sep-2017 11:10:32.137 INFO [main]
> org.apache.catalina.startup.Catalina.start Server startup in 18916 ms
> 
> Just before the error message that I was mentioning, which was :
> 08-Sep-2017 11:31:21.952 SEVERE [main] 
> org.apache.tomcat.util.digester.Digester.fatalError
> Parse Fatal Error at line 87 column 6: The content of elements must 
> consist of well-formed character data or markup.
>   org.xml.sax.SAXParseException; systemId: 
> file:/home/tomcat9/apache-tomcat-9.0.0.M26/conf/server.xml; 
> lineNumber: 87;
> columnNumber: 
> 6; The content of elements must consist of well-formed character data 
> or markup.
> 
> But that was like 21 minutes later, after tomcat had been running for 
> 21 minutes.
> 
> Then after that there are a few more starts and stops, and a the 
> lastest attempt, the problem is different :
> 
> 08-Sep-2017 15:24:35.920 INFO [main] 
> org.apache.coyote.AbstractProtocol.init
> Initializing ProtocolHandler ["https-jsse-nio-8443"]
> 08-Sep-2017 15:24:36.300 SEVERE [main] 
> org.apache.catalina.util.LifecycleBase.handleSubClassException Failed 
> to initialize component [Connector[HTTP/1.1-8443]]
>   org.apache.catalina.LifecycleException: Protocol handler 
> initialization failed ...
> Caused by: java.lang.IllegalArgumentException:
> java.security.KeyStoreException: Cannot store non-PrivateKeys
>   at
> org.apache.tomcat.util.net.AbstractJsseEndpoint.createSSLContext(Abstr
> actJss
> eEndpoint.java:113)
> 
> 
> So, here is what happened :
> 
> - when you first started tomcat (timestamp 08-Sep-2017 10:05:02.807), 
> it started fine, ending in the line
> 08-Sep-2017 10:05:03.371 INFO [main]
> org.apache.catalina.startup.Catalina.start Server startup in 48

RE: tomcat ssl setup

OK I will try to find, download and try that version.
Thanks!

John Ellis

405.285.2500 office




http://biz-e.io


-Original Message-
From: Mark Thomas [mailto:ma...@apache.org] 
Sent: Friday, September 22, 2017 9:17 AM
To: Tomcat Users List <users@tomcat.apache.org>
Subject: Re: tomcat ssl setup

On 22/09/17 15:05, John Ellis wrote:
> Andre I saw where you asked Mark Thomas, on another thread, if the 
> issue on that thread might be causing the SSL issue that I am having. 
> On the server that I have been using for the testing of Tomcat 9 
> version 8 was already installed on it. It's just that my boss said to 
> download, install and work with version 9. I wonder if it might work on with 
> version 8?

Try with 9.0.0.M27. You'll need to follow the browse link on the download page 
and then up a directory to find it. (It has been released but CVE-2017-12617 
happened and we decided not to announce it as the next 9.0.x release will be 
following shortly.)

Note there is still a regression in the keystore handling but it affects fewer 
configurations (just FIPS as far as I know).

Mark


> 
> John Ellis
> 
> 405.285.2500 office
> 
> 
> 
> 
> http://biz-e.io
> 
> 
> -Original Message-
> From: André Warnier (tomcat) [mailto:a...@ice-sa.com]
> Sent: Thursday, September 21, 2017 4:40 PM
> To: users@tomcat.apache.org
> Subject: Re: tomcat ssl setup
> 
> Hi.
> 
> I just downloaded tomcat 9 myself (the windows zip version, but it 
> should be the same), to look at the standard server.xml.
> 
> There is something which does not quite fit in all of this.
> I can also not see, in the snippets of server.xml that you pasted, any 
> obvious XML errors or imbricated comments.
> Yet the logfile points to these lines..
> Somehow the logfile which you uploaded to drop-box, does not seem to 
> match the server.xml lines that you pasted here.
> 
> Ooooh, wait.
> I know why it did not fit.
> 
> After looking again, more carefully, at the logfile that you posted, I 
> see what was confusing : that logfile shows several starts and stops of 
> tomcat.
> It just accumulates. I was looking just at the beginning, the first 
> error that I found.
> You have for example this :
> 
> 08-Sep-2017 11:10:32.131 INFO [main]
> org.apache.coyote.AbstractProtocol.start Starting ProtocolHandler 
> ["http-nio-8080"]
> 08-Sep-2017 11:10:32.136 INFO [main]
> org.apache.coyote.AbstractProtocol.start Starting ProtocolHandler 
> ["ajp-nio-8009"]
> 08-Sep-2017 11:10:32.137 INFO [main]
> org.apache.catalina.startup.Catalina.start Server startup in 18916 ms
> 
> Just before the error message that I was mentioning, which was :
> 08-Sep-2017 11:31:21.952 SEVERE [main] 
> org.apache.tomcat.util.digester.Digester.fatalError
> Parse Fatal Error at line 87 column 6: The content of elements must 
> consist of well-formed character data or markup.
>   org.xml.sax.SAXParseException; systemId: 
> file:/home/tomcat9/apache-tomcat-9.0.0.M26/conf/server.xml; 
> lineNumber: 87;
> columnNumber: 
> 6; The content of elements must consist of well-formed character data 
> or markup.
> 
> But that was like 21 minutes later, after tomcat had been running for 
> 21 minutes.
> 
> Then after that there are a few more starts and stops, and a the 
> lastest attempt, the problem is different :
> 
> 08-Sep-2017 15:24:35.920 INFO [main] 
> org.apache.coyote.AbstractProtocol.init
> Initializing ProtocolHandler ["https-jsse-nio-8443"]
> 08-Sep-2017 15:24:36.300 SEVERE [main] 
> org.apache.catalina.util.LifecycleBase.handleSubClassException Failed 
> to initialize component [Connector[HTTP/1.1-8443]]
>   org.apache.catalina.LifecycleException: Protocol handler 
> initialization failed ...
> Caused by: java.lang.IllegalArgumentException:
> java.security.KeyStoreException: Cannot store non-PrivateKeys
>   at
> org.apache.tomcat.util.net.AbstractJsseEndpoint.createSSLContext(Abstr
> actJss
> eEndpoint.java:113)
> 
> 
> So, here is what happened :
> 
> - when you first started tomcat (timestamp 08-Sep-2017 10:05:02.807), 
> it started fine, ending in the line
> 08-Sep-2017 10:05:03.371 INFO [main]
> org.apache.catalina.startup.Catalina.start Server startup in 482 ms
> 
> but then, you did not have the connector for port 8443 enabled yet.
> 
> - then you stopped tomcat, and you started it again at
> 08-Sep-2017 11:10:13.141 INFO [main]
> org.apache.catalina.startup.VersionLoggerListener.log 
> Server version:Apache Tomcat/9.0.0.M26
> 
> - and then you had this :
> 08-Sep-2017 11:31:21.952 SEVERE [main] 
> org.apache.tomcat.util.digester.Digester.fatalError
> Parse Fatal Error at line 87 column 6: The co

Re: tomcat ssl setup

2017-09-22 Thread Mark Thomas

On 22/09/17 15:05, John Ellis wrote:
> Andre I saw where you asked Mark Thomas, on another thread, if the issue on
> that thread might be causing the SSL issue that I am having. On the server
> that I have been using for the testing of Tomcat 9 version 8 was already
> installed on it. It's just that my boss said to download, install and work
> with version 9. I wonder if it might work on with version 8?

Try with 9.0.0.M27. You'll need to follow the browse link on the
download page and then up a directory to find it. (It has been released
but CVE-2017-12617 happened and we decided not to announce it as the
next 9.0.x release will be following shortly.)

Note there is still a regression in the keystore handling but it affects
fewer configurations (just FIPS as far as I know).

Mark


> 
> John Ellis
> 
> 405.285.2500 office
> 
> 
>     
> 
> http://biz-e.io
> 
> 
> -Original Message-
> From: André Warnier (tomcat) [mailto:a...@ice-sa.com] 
> Sent: Thursday, September 21, 2017 4:40 PM
> To: users@tomcat.apache.org
> Subject: Re: tomcat ssl setup
> 
> Hi.
> 
> I just downloaded tomcat 9 myself (the windows zip version, but it should be
> the same), to look at the standard server.xml.
> 
> There is something which does not quite fit in all of this.
> I can also not see, in the snippets of server.xml that you pasted, any
> obvious XML errors or imbricated comments.
> Yet the logfile points to these lines..
> Somehow the logfile which you uploaded to drop-box, does not seem to match
> the server.xml lines that you pasted here.
> 
> Ooooh, wait.
> I know why it did not fit.
> 
> After looking again, more carefully, at the logfile that you posted, I see
> what was confusing : that logfile shows several starts and stops of tomcat.
> It just accumulates. I was looking just at the beginning, the first error
> that I found.
> You have for example this :
> 
> 08-Sep-2017 11:10:32.131 INFO [main]
> org.apache.coyote.AbstractProtocol.start Starting ProtocolHandler
> ["http-nio-8080"]
> 08-Sep-2017 11:10:32.136 INFO [main]
> org.apache.coyote.AbstractProtocol.start Starting ProtocolHandler
> ["ajp-nio-8009"]
> 08-Sep-2017 11:10:32.137 INFO [main]
> org.apache.catalina.startup.Catalina.start Server startup in 18916 ms
> 
> Just before the error message that I was mentioning, which was :
> 08-Sep-2017 11:31:21.952 SEVERE [main]
> org.apache.tomcat.util.digester.Digester.fatalError
> Parse Fatal Error at line 87 column 6: The content of elements must consist
> of well-formed character data or markup.
>   org.xml.sax.SAXParseException; systemId: 
> file:/home/tomcat9/apache-tomcat-9.0.0.M26/conf/server.xml; lineNumber: 87;
> columnNumber: 
> 6; The content of elements must consist of well-formed character data or
> markup.
> 
> But that was like 21 minutes later, after tomcat had been running for 21
> minutes.
> 
> Then after that there are a few more starts and stops, and a the lastest
> attempt, the problem is different :
> 
> 08-Sep-2017 15:24:35.920 INFO [main] org.apache.coyote.AbstractProtocol.init
> Initializing ProtocolHandler ["https-jsse-nio-8443"]
> 08-Sep-2017 15:24:36.300 SEVERE [main]
> org.apache.catalina.util.LifecycleBase.handleSubClassException Failed to
> initialize component [Connector[HTTP/1.1-8443]]
>   org.apache.catalina.LifecycleException: Protocol handler initialization
> failed ...
> Caused by: java.lang.IllegalArgumentException:
> java.security.KeyStoreException: Cannot store non-PrivateKeys
>   at
> org.apache.tomcat.util.net.AbstractJsseEndpoint.createSSLContext(AbstractJss
> eEndpoint.java:113)
> 
> 
> So, here is what happened :
> 
> - when you first started tomcat (timestamp 08-Sep-2017 10:05:02.807), it
> started fine, ending in the line
> 08-Sep-2017 10:05:03.371 INFO [main]
> org.apache.catalina.startup.Catalina.start Server startup in 482 ms
> 
> but then, you did not have the connector for port 8443 enabled yet.
> 
> - then you stopped tomcat, and you started it again at
> 08-Sep-2017 11:10:13.141 INFO [main]
> org.apache.catalina.startup.VersionLoggerListener.log 
> Server version:Apache Tomcat/9.0.0.M26
> 
> - and then you had this :
> 08-Sep-2017 11:31:21.952 SEVERE [main]
> org.apache.tomcat.util.digester.Digester.fatalError
> Parse Fatal Error at line 87 column 6: The content of elements must consist
> of well-formed character data or markup.
> 
> so my guess is that you modified the server.xml, while tomcat was still
> running, and then you did a "shutdown.sh", to prepare to restart tomcat.
> 
> - And then there was that parse error.
> 
> And the reason is that the shutdown command, in fac

RE: tomcat ssl setup

Andre I saw where you asked Mark Thomas, on another thread, if the issue on
that thread might be causing the SSL issue that I am having. On the server
that I have been using for the testing of Tomcat 9 version 8 was already
installed on it. It's just that my boss said to download, install and work
with version 9. I wonder if it might work on with version 8?

John Ellis

405.285.2500 office


    

http://biz-e.io


-Original Message-
From: André Warnier (tomcat) [mailto:a...@ice-sa.com] 
Sent: Thursday, September 21, 2017 4:40 PM
To: users@tomcat.apache.org
Subject: Re: tomcat ssl setup

Hi.

I just downloaded tomcat 9 myself (the windows zip version, but it should be
the same), to look at the standard server.xml.

There is something which does not quite fit in all of this.
I can also not see, in the snippets of server.xml that you pasted, any
obvious XML errors or imbricated comments.
Yet the logfile points to these lines..
Somehow the logfile which you uploaded to drop-box, does not seem to match
the server.xml lines that you pasted here.

Ooooh, wait.
I know why it did not fit.

After looking again, more carefully, at the logfile that you posted, I see
what was confusing : that logfile shows several starts and stops of tomcat.
It just accumulates. I was looking just at the beginning, the first error
that I found.
You have for example this :

08-Sep-2017 11:10:32.131 INFO [main]
org.apache.coyote.AbstractProtocol.start Starting ProtocolHandler
["http-nio-8080"]
08-Sep-2017 11:10:32.136 INFO [main]
org.apache.coyote.AbstractProtocol.start Starting ProtocolHandler
["ajp-nio-8009"]
08-Sep-2017 11:10:32.137 INFO [main]
org.apache.catalina.startup.Catalina.start Server startup in 18916 ms

Just before the error message that I was mentioning, which was :
08-Sep-2017 11:31:21.952 SEVERE [main]
org.apache.tomcat.util.digester.Digester.fatalError
Parse Fatal Error at line 87 column 6: The content of elements must consist
of well-formed character data or markup.
  org.xml.sax.SAXParseException; systemId: 
file:/home/tomcat9/apache-tomcat-9.0.0.M26/conf/server.xml; lineNumber: 87;
columnNumber: 
6; The content of elements must consist of well-formed character data or
markup.

But that was like 21 minutes later, after tomcat had been running for 21
minutes.

Then after that there are a few more starts and stops, and a the lastest
attempt, the problem is different :

08-Sep-2017 15:24:35.920 INFO [main] org.apache.coyote.AbstractProtocol.init
Initializing ProtocolHandler ["https-jsse-nio-8443"]
08-Sep-2017 15:24:36.300 SEVERE [main]
org.apache.catalina.util.LifecycleBase.handleSubClassException Failed to
initialize component [Connector[HTTP/1.1-8443]]
  org.apache.catalina.LifecycleException: Protocol handler initialization
failed ...
Caused by: java.lang.IllegalArgumentException:
java.security.KeyStoreException: Cannot store non-PrivateKeys
at
org.apache.tomcat.util.net.AbstractJsseEndpoint.createSSLContext(AbstractJss
eEndpoint.java:113)


So, here is what happened :

- when you first started tomcat (timestamp 08-Sep-2017 10:05:02.807), it
started fine, ending in the line
08-Sep-2017 10:05:03.371 INFO [main]
org.apache.catalina.startup.Catalina.start Server startup in 482 ms

but then, you did not have the connector for port 8443 enabled yet.

- then you stopped tomcat, and you started it again at
08-Sep-2017 11:10:13.141 INFO [main]
org.apache.catalina.startup.VersionLoggerListener.log 
Server version:Apache Tomcat/9.0.0.M26

- and then you had this :
08-Sep-2017 11:31:21.952 SEVERE [main]
org.apache.tomcat.util.digester.Digester.fatalError
Parse Fatal Error at line 87 column 6: The content of elements must consist
of well-formed character data or markup.

so my guess is that you modified the server.xml, while tomcat was still
running, and then you did a "shutdown.sh", to prepare to restart tomcat.

- And then there was that parse error.

And the reason is that the shutdown command, in fact starts another (small)
instance of tomcat, to issue the shutdown command to the running instance.
But that shutdown instance also reads server.xml, and at that time you /did/
have a syntax error in it. So that is where this syntax error came from.

Later you apparently corrected the syntax, and restarted tomcat :

08-Sep-2017 15:24:34.889 INFO [main]
org.apache.catalina.startup.VersionLoggerListener.log 
Server version:Apache Tomcat/9.0.0.M26

and this time, there was no syntax error anymore in server.xml, but then
there is this other problem :

08-Sep-2017 15:24:35.920 INFO [main] org.apache.coyote.AbstractProtocol.init
Initializing ProtocolHandler ["https-jsse-nio-8443"]
08-Sep-2017 15:24:36.300 SEVERE [main]
org.apache.catalina.util.LifecycleBase.handleSubClassException Failed to
initialize component [Connector[HTTP/1.1-8443]]
  org.apache.catalina.LifecycleException: Protocol handler initialization
failed ...
Caused by: java.lang.Illegal

Re: tomcat ssl setup

2017-09-21 Thread tomcat

haviour a bit 
questionable)(unless it is optional)

So anyway, your problem now is not the syntax of server.xml anymore, it is something to do 
with your SSL keystore.

And for that I am not competent to help, and I'll have to ask someone else to 
follow-up.

And now I've been top-posting myself all of this, contrary to the rules. 
Apologies.

But John, for the rest, I suggest that before you restart tomcat, delete or rename that 
old logfile, so that when you restart it will be "fresh" and contain only the result of 
the last attempt. It will be clearer for everyone.

On 21.09.2017 21:47, John Ellis wrote:

One more thing Andre. I don't know if it matters or not but when I try to
access Tomcat 9 on the secure port of 8443
  I see it saying down in the bottom left hand corner of my browser-
"Performing a TLS handshake to 10.22.8.70..." but it never
gives the webpage. However once I change the IP address to 10.22.8.70:8080
it immediately goes to the Tomcat 9 webpage.

John Ellis

405.285.2500 office

http://biz-e.io

-Original Message-
From: André Warnier (tomcat) [mailto:a...@ice-sa.com]
Sent: Thursday, September 21, 2017 11:34 AM
To: users@tomcat.apache.org
Subject: Re: tomcat ssl setup

On 21.09.2017 17:17, John Ellis wrote:

OK. As I said there is nothing on line 87 but here is line 114-

SSLCertificateChainFile="/usr/java/jdk1.8.0_45/jre/bin/root.pem"

I think you need to provide a bit more context then.

Can you paste here, say, that same line, but with 10 lines before and 10
lines after, and tell at which line number this starts in server.xml (so
that we can compare with the log) ?

The error messages in the log were apparently about comments (between ), so if these lines are (or contain) comments, copy them anyway.

John Ellis

405.285.2500 office

http://biz-e.io

-Original Message-
From: André Warnier (tomcat) [mailto:a...@ice-sa.com]
Sent: Thursday, September 21, 2017 10:15 AM
To: users@tomcat.apache.org
Subject: Re: tomcat ssl setup

On 21.09.2017 16:43, John Ellis wrote:

Thanks so much for the quick reply Andre. There doesn't appear to be
anything on line 87 but there is on line 114. See the screenshot I
took of the server.xml file below-

Unfortunately, this list strips most attachments, and in fact asks for
text-only messages.
(and to avoid top-posting)

See : http://tomcat.apache.org/lists.html#tomcat-users  --> Important

Please paste the corresponding lines directly, as text, in your next
message.

John Ellis

405.285.2500 office

http://biz-e.io

-Original Message-
From: André Warnier (tomcat) [mailto:a...@ice-sa.com]
Sent: Wednesday, September 20, 2017 10:41 AM
To: users@tomcat.apache.org
Subject: Re: tomcat ssl setup

On 20.09.2017 17:07, John Ellis wrote:

   > All of what I have done so far has been in Tomcat version 9, which
I

   > downloaded from the Apache Tomcat website. The way I start tomcat
is

   > by running the command ./startup.sh from within the

   > apache-tomcat-9.0.0.M26/bin directory. I stop it by running the

   > command ./shutdown.sh from the same directory.

   >

Ok, perfect. So there is only one tomcat9 we can be talking about, and
one server.xml file. And since this is a "standard tomcat", that
server.xml must be in .. let me look at the logfile again) ..

08-Sep-2017 10:05:02.911 INFO [main]

org.apache.catalina.startup.HostConfig.deployDirectory Deploying web
application directory
[/home/tomcat9/apache-tomcat-9.0.0.M26/webapps/ROOT]

so here : /home/tomcat9/apache-tomcat-9.0.0.M26/conf/server.xml

and considering this :

08-Sep-2017 11:31:21.952 SEVERE [main]
org.apache.tomcat.util.digester.Digester.fatalError

Parse Fatal Error at line 87 column 6: The content of elements must
consist of well-formed character data or markup.

 org.xml.sax.SAXParseException; systemId:

file:/home/tomcat9/apache-tomcat-9.0.0.M26/conf/server.xml; lineNumber:

87; columnNumber:

6; The content of elements must consist of well-formed character data or

markup.

there is something on line 87, position 6, that he does not like.

And further down also :

08-Sep-2017 13:17:36.947 SEVERE [main]
org.apache.tomcat.util.digester.Digester.fatalError

Parse Fatal Error at line 114 column 6: The string "--" is not permitted

within comments.

 org.xml.sax.SAXParseException; systemId:

file:/home/tomcat9/apache-tomcat-9.0.0.M26/conf/server.xml; lineNumber:

114; columnNumber:

6; The string "--" is not permitted within comments.

but maybe this is not in the server.xml file itself, but in something
else that the server.xml references there (like an external "XML entity"

or something).

Why don't you get those 2 lines from your server.xml and paste them here

:

...

   > John Ellis

   >

   > 405.285.2500 office

   >

   >

   >

   >

   > http://biz-e.io

   >

   >

   > -Original Message-

RE: tomcat ssl setup

One more thing Andre. I don't know if it matters or not but when I try to
access Tomcat 9 on the secure port of 8443
 I see it saying down in the bottom left hand corner of my browser-
"Performing a TLS handshake to 10.22.8.70..." but it never 
gives the webpage. However once I change the IP address to 10.22.8.70:8080
it immediately goes to the Tomcat 9 webpage. 

John Ellis

405.285.2500 office


    

http://biz-e.io


-Original Message-
From: André Warnier (tomcat) [mailto:a...@ice-sa.com] 
Sent: Thursday, September 21, 2017 11:34 AM
To: users@tomcat.apache.org
Subject: Re: tomcat ssl setup

On 21.09.2017 17:17, John Ellis wrote:
> OK. As I said there is nothing on line 87 but here is line 114-
>
> SSLCertificateChainFile="/usr/java/jdk1.8.0_45/jre/bin/root.pem"

I think you need to provide a bit more context then.

Can you paste here, say, that same line, but with 10 lines before and 10
lines after, and tell at which line number this starts in server.xml (so
that we can compare with the log) ?

The error messages in the log were apparently about comments (between ), so if these lines are (or contain) comments, copy them anyway.


>
>
>
> John Ellis
>
> 405.285.2500 office
>
>
>
>
> http://biz-e.io
>
> -Original Message-
> From: André Warnier (tomcat) [mailto:a...@ice-sa.com]
> Sent: Thursday, September 21, 2017 10:15 AM
> To: users@tomcat.apache.org
> Subject: Re: tomcat ssl setup
>
>
>
> On 21.09.2017 16:43, John Ellis wrote:
>> Thanks so much for the quick reply Andre. There doesn't appear to be
>> anything on line 87 but there is on line 114. See the screenshot I
>> took of the server.xml file below-
>>
>
> Unfortunately, this list strips most attachments, and in fact asks for
> text-only messages.
> (and to avoid top-posting)
>
> See : http://tomcat.apache.org/lists.html#tomcat-users  --> Important
>
> Please paste the corresponding lines directly, as text, in your next
> message.
>
>
>> John Ellis
>>
>> 405.285.2500 office
>>
>> http://biz-e.io
>>
>> -Original Message-
>> From: André Warnier (tomcat) [mailto:a...@ice-sa.com]
>> Sent: Wednesday, September 20, 2017 10:41 AM
>> To: users@tomcat.apache.org
>> Subject: Re: tomcat ssl setup
>>
>> On 20.09.2017 17:07, John Ellis wrote:
>>
>>   > All of what I have done so far has been in Tomcat version 9, which
>> I
>>
>>   > downloaded from the Apache Tomcat website. The way I start tomcat
>> is
>>
>>   > by running the command ./startup.sh from within the
>>
>>   > apache-tomcat-9.0.0.M26/bin directory. I stop it by running the
>>
>>   > command ./shutdown.sh from the same directory.
>>
>>   >
>>
>> Ok, perfect. So there is only one tomcat9 we can be talking about, and
>> one server.xml file. And since this is a "standard tomcat", that
>> server.xml must be in .. let me look at the logfile again) ..
>>
>> 08-Sep-2017 10:05:02.911 INFO [main]
>>
>> org.apache.catalina.startup.HostConfig.deployDirectory Deploying web
>> application directory
>> [/home/tomcat9/apache-tomcat-9.0.0.M26/webapps/ROOT]
>>
>> so here : /home/tomcat9/apache-tomcat-9.0.0.M26/conf/server.xml
>>
>> and considering this :
>>
>> 08-Sep-2017 11:31:21.952 SEVERE [main]
>> org.apache.tomcat.util.digester.Digester.fatalError
>>
>> Parse Fatal Error at line 87 column 6: The content of elements must
>> consist of well-formed character data or markup.
>>
>> org.xml.sax.SAXParseException; systemId:
>>
>> file:/home/tomcat9/apache-tomcat-9.0.0.M26/conf/server.xml; lineNumber:
> 87; columnNumber:
>>
>> 6; The content of elements must consist of well-formed character data or
> markup.
>>
>> there is something on line 87, position 6, that he does not like.
>>
>> And further down also :
>>
>> 08-Sep-2017 13:17:36.947 SEVERE [main]
>> org.apache.tomcat.util.digester.Digester.fatalError
>>
>> Parse Fatal Error at line 114 column 6: The string "--" is not permitted
> within comments.
>>
>> org.xml.sax.SAXParseException; systemId:
>>
>> file:/home/tomcat9/apache-tomcat-9.0.0.M26/conf/server.xml; lineNumber:
> 114; columnNumber:
>>
>> 6; The string "--" is not permitted within comments.
>>
>> but maybe this is not in the server.xml file itself, but in something
>> else that the server.xml references there (like an external "XML entity"
> or something).
>>
>> Why don't you get those 2 lines from your serve

RE: tomcat ssl setup

Andre I just realized that I forgot to do the same thing with line 114; here
are all the lines in the section that includes line 114- it starts at line
107 and ends at line 117.
Thanks again,

 

John Ellis

405.285.2500 office


    

http://biz-e.io


-Original Message-
From: André Warnier (tomcat) [mailto:a...@ice-sa.com] 
Sent: Thursday, September 21, 2017 11:34 AM
To: users@tomcat.apache.org
Subject: Re: tomcat ssl setup

On 21.09.2017 17:17, John Ellis wrote:
> OK. As I said there is nothing on line 87 but here is line 114-
>
> SSLCertificateChainFile="/usr/java/jdk1.8.0_45/jre/bin/root.pem"

I think you need to provide a bit more context then.

Can you paste here, say, that same line, but with 10 lines before and 10
lines after, and tell at which line number this starts in server.xml (so
that we can compare with the log) ?

The error messages in the log were apparently about comments (between ), so if these lines are (or contain) comments, copy them anyway.


>
>
>
> John Ellis
>
> 405.285.2500 office
>
>
>
>
> http://biz-e.io
>
> -Original Message-
> From: André Warnier (tomcat) [mailto:a...@ice-sa.com]
> Sent: Thursday, September 21, 2017 10:15 AM
> To: users@tomcat.apache.org
> Subject: Re: tomcat ssl setup
>
>
>
> On 21.09.2017 16:43, John Ellis wrote:
>> Thanks so much for the quick reply Andre. There doesn't appear to be
>> anything on line 87 but there is on line 114. See the screenshot I
>> took of the server.xml file below-
>>
>
> Unfortunately, this list strips most attachments, and in fact asks for
> text-only messages.
> (and to avoid top-posting)
>
> See : http://tomcat.apache.org/lists.html#tomcat-users  --> Important
>
> Please paste the corresponding lines directly, as text, in your next
> message.
>
>
>> John Ellis
>>
>> 405.285.2500 office
>>
>> http://biz-e.io
>>
>> -----Original Message-
>> From: André Warnier (tomcat) [mailto:a...@ice-sa.com]
>> Sent: Wednesday, September 20, 2017 10:41 AM
>> To: users@tomcat.apache.org
>> Subject: Re: tomcat ssl setup
>>
>> On 20.09.2017 17:07, John Ellis wrote:
>>
>>   > All of what I have done so far has been in Tomcat version 9, which
>> I
>>
>>   > downloaded from the Apache Tomcat website. The way I start tomcat
>> is
>>
>>   > by running the command ./startup.sh from within the
>>
>>   > apache-tomcat-9.0.0.M26/bin directory. I stop it by running the
>>
>>   > command ./shutdown.sh from the same directory.
>>
>>   >
>>
>> Ok, perfect. So there is only one tomcat9 we can be talking about, and
>> one server.xml file. And since this is a "standard tomcat", that
>> server.xml must be in .. let me look at the logfile again) ..
>>
>> 08-Sep-2017 10:05:02.911 INFO [main]
>>
>> org.apache.catalina.startup.HostConfig.deployDirectory Deploying web
>> application directory
>> [/home/tomcat9/apache-tomcat-9.0.0.M26/webapps/ROOT]
>>
>> so here : /home/tomcat9/apache-tomcat-9.0.0.M26/conf/server.xml
>>
>> and considering this :
>>
>> 08-Sep-2017 11:31:21.952 SEVERE [main]
>> org.apache.tomcat.util.digester.Digester.fatalError
>>
>> Parse Fatal Error at line 87 column 6: The content of elements must
>> consist of well-formed character data or markup.
>>
>> org.xml.sax.SAXParseException; systemId:
>>
>> file:/home/tomcat9/apache-tomcat-9.0.0.M26/conf/server.xml; lineNumber:
> 87; columnNumber:
>>
>> 6; The content of elements must consist of well-formed character data or
> markup.
>>
>> there is something on line 87, position 6, that he does not like.
>>
>> And further down also :
>>
>> 08-Sep-2017 13:17:36.947 SEVERE [main]
>> org.apache.tomcat.util.digester.Digester.fatalError
>>
>> Parse Fatal Error at line 114 column 6: The string "--" is not permitted
> within comments.
>>
>> org.xml.sax.SAXParseException; systemId:
>>
>> file:/home/tomcat9/apache-tomcat-9.0.0.M26/conf/server.xml; lineNumber:
> 114; columnNumber:
>>
>> 6; The string "--" is not permitted within comments.
>>
>> but maybe this is not in the server.xml file itself, but in something
>> else that the server.xml references there (like an external "XML entity"
> or something).
>>
>> Why don't you get those 2 lines from your server.xml and paste them here
:
>>
>> ...
>>
>>   > John Ellis
>>
>>   >
>>
>>   > 405.285.2500 office
>>
>>   >
>>
&g

RE: tomcat ssl setup

Sure this is starting with line number 73 thru line 101 so I could get the
entire sections-







John Ellis

405.285.2500 office


    

http://biz-e.io


-Original Message-
From: André Warnier (tomcat) [mailto:a...@ice-sa.com] 
Sent: Thursday, September 21, 2017 11:34 AM
To: users@tomcat.apache.org
Subject: Re: tomcat ssl setup

On 21.09.2017 17:17, John Ellis wrote:
> OK. As I said there is nothing on line 87 but here is line 114-
>
> SSLCertificateChainFile="/usr/java/jdk1.8.0_45/jre/bin/root.pem"

I think you need to provide a bit more context then.

Can you paste here, say, that same line, but with 10 lines before and 10
lines after, and tell at which line number this starts in server.xml (so
that we can compare with the log) ?

The error messages in the log were apparently about comments (between ), so if these lines are (or contain) comments, copy them anyway.


>
>
>
> John Ellis
>
> 405.285.2500 office
>
>
>
>
> http://biz-e.io
>
> -Original Message-
> From: André Warnier (tomcat) [mailto:a...@ice-sa.com]
> Sent: Thursday, September 21, 2017 10:15 AM
> To: users@tomcat.apache.org
> Subject: Re: tomcat ssl setup
>
>
>
> On 21.09.2017 16:43, John Ellis wrote:
>> Thanks so much for the quick reply Andre. There doesn't appear to be
>> anything on line 87 but there is on line 114. See the screenshot I
>> took of the server.xml file below-
>>
>
> Unfortunately, this list strips most attachments, and in fact asks for
> text-only messages.
> (and to avoid top-posting)
>
> See : http://tomcat.apache.org/lists.html#tomcat-users  --> Important
>
> Please paste the corresponding lines directly, as text, in your next
> message.
>
>
>> John Ellis
>>
>> 405.285.2500 office
>>
>> http://biz-e.io
>>
>> -----Original Message-
>> From: André Warnier (tomcat) [mailto:a...@ice-sa.com]
>> Sent: Wednesday, September 20, 2017 10:41 AM
>> To: users@tomcat.apache.org
>> Subject: Re: tomcat ssl setup
>>
>> On 20.09.2017 17:07, John Ellis wrote:
>>
>>   > All of what I have done so far has been in Tomcat version 9, which
>> I
>>
>>   > downloaded from the Apache Tomcat website. The way I start tomcat
>> is
>>
>>   > by running the command ./startup.sh from within the
>>
>>   > apache-tomcat-9.0.0.M26/bin directory. I stop it by running the
>>
>>   > command ./shutdown.sh from the same directory.
>>
>>   >
>>
>> Ok, perfect. So there is only one tomcat9 we can be talking about, and
>> one server.xml file. And since this is a "standard tomcat", that
>> server.xml must be in .. let me look at the logfile again) ..
>>
>> 08-Sep-2017 10:05:02.911 INFO [main]
>>
>> org.apache.catalina.startup.HostConfig.deployDirectory Deploying web
>> application directory
>> [/home/tomcat9/apache-tomcat-9.0.0.M26/webapps/ROOT]
>>
>> so here : /home/tomcat9/apache-tomcat-9.0.0.M26/conf/server.xml
>>
>> and considering this :
>>
>> 08-Sep-2017 11:31:21.952 SEVERE [main]
>> org.apache.tomcat.util.digester.Digester.fatalError
>>
>> Parse Fatal Error at line 87 column 6: The content of elements must
>> consist of well-formed character data or markup.
>>
>> org.xml.sax.SAXParseException; systemId:
>>
>> file:/home/tomcat9/apache-tomcat-9.0.0.M26/conf/server.xml; lineNumber:
> 87; columnNumber:
>>
>> 6; The content of elements must consist of well-formed character data or
> markup.
>>
>> there is something on line 87, position 6, that he does not like.
>>
>> And further down also :
>>
>> 08-Sep-2017 13:17:36.947 SEVERE [main]
>> org.apache.tomcat.util.digester.Digester.fatalError
>>
>> Parse Fatal Error at line 114 column 6: The string "--" is not permitted
> within comments.
>>
>> org.xml.sax.SAXParseException; systemId:
>>
>> file:/home/tomcat9/apache-tomcat-9.0.0.M26/conf/server.xml; lineNumber:
> 114; columnNumber:
>>
>> 6; The string "--" is not permitted within comments.
>>
>> but maybe this is not in the server.xml file itself, but in something
>> else that the server.xml references there (like an external "XML entity"
> or something).
>>
>> Why don't you get those 2 lines from your server.xml and paste them here
:
>>
>> ...
>>
>>   > John Ellis
>>
>>   >
>>
>>   > 405.285.2500 office
>>
>>   >
>>
>>   >
>>
>>   >
>>
>>   >
>>
>&g

Re: tomcat ssl setup

2017-09-21 Thread tomcat


On 21.09.2017 17:17, John Ellis wrote:

OK. As I said there is nothing on line 87 but here is line 114-

SSLCertificateChainFile="/usr/java/jdk1.8.0_45/jre/bin/root.pem"


I think you need to provide a bit more context then.

Can you paste here, say, that same line, but with 10 lines before and 10 lines after, and 
tell at which line number this starts in server.xml (so that we can compare with the log) ?


The error messages in the log were apparently about comments (between ), so if 
these lines are (or contain) comments, copy them anyway.







John Ellis

405.285.2500 office




http://biz-e.io

-Original Message-
From: André Warnier (tomcat) [mailto:a...@ice-sa.com]
Sent: Thursday, September 21, 2017 10:15 AM
To: users@tomcat.apache.org
Subject: Re: tomcat ssl setup



On 21.09.2017 16:43, John Ellis wrote:

Thanks so much for the quick reply Andre. There doesn't appear to be
anything on line 87 but there is on line 114. See the screenshot I
took of the server.xml file below-



Unfortunately, this list strips most attachments, and in fact asks for
text-only messages.
(and to avoid top-posting)

See : http://tomcat.apache.org/lists.html#tomcat-users  --> Important

Please paste the corresponding lines directly, as text, in your next
message.



John Ellis

405.285.2500 office

http://biz-e.io

-Original Message-
From: André Warnier (tomcat) [mailto:a...@ice-sa.com]
Sent: Wednesday, September 20, 2017 10:41 AM
To: users@tomcat.apache.org
Subject: Re: tomcat ssl setup

On 20.09.2017 17:07, John Ellis wrote:

  > All of what I have done so far has been in Tomcat version 9, which
I

  > downloaded from the Apache Tomcat website. The way I start tomcat
is

  > by running the command ./startup.sh from within the

  > apache-tomcat-9.0.0.M26/bin directory. I stop it by running the

  > command ./shutdown.sh from the same directory.

  >

Ok, perfect. So there is only one tomcat9 we can be talking about, and
one server.xml file. And since this is a "standard tomcat", that
server.xml must be in .. let me look at the logfile again) ..

08-Sep-2017 10:05:02.911 INFO [main]

org.apache.catalina.startup.HostConfig.deployDirectory Deploying web
application directory
[/home/tomcat9/apache-tomcat-9.0.0.M26/webapps/ROOT]

so here : /home/tomcat9/apache-tomcat-9.0.0.M26/conf/server.xml

and considering this :

08-Sep-2017 11:31:21.952 SEVERE [main]
org.apache.tomcat.util.digester.Digester.fatalError

Parse Fatal Error at line 87 column 6: The content of elements must
consist of well-formed character data or markup.

org.xml.sax.SAXParseException; systemId:

file:/home/tomcat9/apache-tomcat-9.0.0.M26/conf/server.xml; lineNumber:

87; columnNumber:


6; The content of elements must consist of well-formed character data or

markup.


there is something on line 87, position 6, that he does not like.

And further down also :

08-Sep-2017 13:17:36.947 SEVERE [main]
org.apache.tomcat.util.digester.Digester.fatalError

Parse Fatal Error at line 114 column 6: The string "--" is not permitted

within comments.


org.xml.sax.SAXParseException; systemId:

file:/home/tomcat9/apache-tomcat-9.0.0.M26/conf/server.xml; lineNumber:

114; columnNumber:


6; The string "--" is not permitted within comments.

but maybe this is not in the server.xml file itself, but in something
else that the server.xml references there (like an external "XML entity"

or something).


Why don't you get those 2 lines from your server.xml and paste them here :

...

  > John Ellis

  >

  > 405.285.2500 office

  >

  >

  >

  >

  > http://biz-e.io

  >

  >

  > -Original Message-

  > From: André Warnier (tomcat) [mailto:a...@ice-sa.com]

  > Sent: Wednesday, September 20, 2017 10:02 AM

  > To: users@tomcat.apache.org <mailto:users@tomcat.apache.org>

  > Subject: Re: tomcat ssl setup

  >

  > On 20.09.2017 15:20, John Ellis wrote:

  >> Andre can you tell me which log file you are saying tells where
the

  >> problem is?

  >

  > That's the one you uploaded to the dropbox :

  >   >>

  >
https://www.dropbox.com/s/hlcg3cycddteyaz/catalina.2017-09-08.log?dl=0

  >

  > I have of course no idea at this point, which tomcat or which

  > server.xml this was related to, but i suppose you do.

  >

  > I am not seeing it but I may not be even looking for the right thing.

  > I

  >> did open the server.xml file up in an XML file editor program and
it

  >> didn't give any errors.

  >

  > Then it must be that this tomcat who wrote the logfile, is not
looking

  > at the same server.xml file than the one you're looking at.

  > (Or else your XML file editor is not really good)

  >

  > How do you start this tomcat, on your server ?

  > And where did you get this tomcat from ? Is it the one from the
tomcat

  >

RE: tomcat ssl setup

OK. As I said there is nothing on line 87 but here is line 114-

SSLCertificateChainFile="/usr/java/jdk1.8.0_45/jre/bin/root.pem"



John Ellis

405.285.2500 office


    

http://biz-e.io

-Original Message-
From: André Warnier (tomcat) [mailto:a...@ice-sa.com] 
Sent: Thursday, September 21, 2017 10:15 AM
To: users@tomcat.apache.org
Subject: Re: tomcat ssl setup



On 21.09.2017 16:43, John Ellis wrote:
> Thanks so much for the quick reply Andre. There doesn't appear to be 
> anything on line 87 but there is on line 114. See the screenshot I 
> took of the server.xml file below-
>

Unfortunately, this list strips most attachments, and in fact asks for
text-only messages.
(and to avoid top-posting)

See : http://tomcat.apache.org/lists.html#tomcat-users  --> Important

Please paste the corresponding lines directly, as text, in your next
message.


> John Ellis
>
> 405.285.2500 office
>
> http://biz-e.io
>
> -Original Message-
> From: André Warnier (tomcat) [mailto:a...@ice-sa.com]
> Sent: Wednesday, September 20, 2017 10:41 AM
> To: users@tomcat.apache.org
> Subject: Re: tomcat ssl setup
>
> On 20.09.2017 17:07, John Ellis wrote:
>
>  > All of what I have done so far has been in Tomcat version 9, which 
> I
>
>  > downloaded from the Apache Tomcat website. The way I start tomcat 
> is
>
>  > by running the command ./startup.sh from within the
>
>  > apache-tomcat-9.0.0.M26/bin directory. I stop it by running the
>
>  > command ./shutdown.sh from the same directory.
>
>  >
>
> Ok, perfect. So there is only one tomcat9 we can be talking about, and 
> one server.xml file. And since this is a "standard tomcat", that 
> server.xml must be in .. let me look at the logfile again) ..
>
> 08-Sep-2017 10:05:02.911 INFO [main]
>
> org.apache.catalina.startup.HostConfig.deployDirectory Deploying web 
> application directory 
> [/home/tomcat9/apache-tomcat-9.0.0.M26/webapps/ROOT]
>
> so here : /home/tomcat9/apache-tomcat-9.0.0.M26/conf/server.xml
>
> and considering this :
>
> 08-Sep-2017 11:31:21.952 SEVERE [main] 
> org.apache.tomcat.util.digester.Digester.fatalError
>
> Parse Fatal Error at line 87 column 6: The content of elements must 
> consist of well-formed character data or markup.
>
>org.xml.sax.SAXParseException; systemId:
>
> file:/home/tomcat9/apache-tomcat-9.0.0.M26/conf/server.xml; lineNumber:
87; columnNumber:
>
> 6; The content of elements must consist of well-formed character data or
markup.
>
> there is something on line 87, position 6, that he does not like.
>
> And further down also :
>
> 08-Sep-2017 13:17:36.947 SEVERE [main] 
> org.apache.tomcat.util.digester.Digester.fatalError
>
> Parse Fatal Error at line 114 column 6: The string "--" is not permitted
within comments.
>
>org.xml.sax.SAXParseException; systemId:
>
> file:/home/tomcat9/apache-tomcat-9.0.0.M26/conf/server.xml; lineNumber:
114; columnNumber:
>
> 6; The string "--" is not permitted within comments.
>
> but maybe this is not in the server.xml file itself, but in something 
> else that the server.xml references there (like an external "XML entity"
or something).
>
> Why don't you get those 2 lines from your server.xml and paste them here :
>
> ...
>
>  > John Ellis
>
>  >
>
>  > 405.285.2500 office
>
>  >
>
>  >
>
>  >
>
>  >
>
>  > http://biz-e.io
>
>  >
>
>  >
>
>  > -Original Message-
>
>  > From: André Warnier (tomcat) [mailto:a...@ice-sa.com]
>
>  > Sent: Wednesday, September 20, 2017 10:02 AM
>
>  > To: users@tomcat.apache.org <mailto:users@tomcat.apache.org>
>
>  > Subject: Re: tomcat ssl setup
>
>  >
>
>  > On 20.09.2017 15:20, John Ellis wrote:
>
>  >> Andre can you tell me which log file you are saying tells where 
> the
>
>  >> problem is?
>
>  >
>
>  > That's the one you uploaded to the dropbox :
>
>  >   >>
>
>  > 
> https://www.dropbox.com/s/hlcg3cycddteyaz/catalina.2017-09-08.log?dl=0
>
>  >
>
>  > I have of course no idea at this point, which tomcat or which
>
>  > server.xml this was related to, but i suppose you do.
>
>  >
>
>  > I am not seeing it but I may not be even looking for the right thing.
>
>  > I
>
>  >> did open the server.xml file up in an XML file editor program and 
> it
>
>  >> didn't give any errors.
>
>  >
>
>  > Then it must be that this tomcat who wrote the logfile, is not 
> looking
>
>  > at the same server.xm

Re: tomcat ssl setup

2017-09-21 Thread tomcat




On 21.09.2017 16:43, John Ellis wrote:

Thanks so much for the quick reply Andre. There doesn't appear to be anything 
on line 87
but there is on line 114. See the screenshot I took of the server.xml file 
below-



Unfortunately, this list strips most attachments, and in fact asks for 
text-only messages.
(and to avoid top-posting)

See : http://tomcat.apache.org/lists.html#tomcat-users  --> Important

Please paste the corresponding lines directly, as text, in your next message.



John Ellis

405.285.2500 office

http://biz-e.io

-Original Message-
From: André Warnier (tomcat) [mailto:a...@ice-sa.com]
Sent: Wednesday, September 20, 2017 10:41 AM
To: users@tomcat.apache.org
Subject: Re: tomcat ssl setup

On 20.09.2017 17:07, John Ellis wrote:

 > All of what I have done so far has been in Tomcat version 9, which I

 > downloaded from the Apache Tomcat website. The way I start tomcat is

 > by running the command ./startup.sh from within the

 > apache-tomcat-9.0.0.M26/bin directory. I stop it by running the

 > command ./shutdown.sh from the same directory.

 >

Ok, perfect. So there is only one tomcat9 we can be talking about, and one 
server.xml
file. And since this is a "standard tomcat", that server.xml must be in .. let 
me look at
the logfile again) ..

08-Sep-2017 10:05:02.911 INFO [main]

org.apache.catalina.startup.HostConfig.deployDirectory Deploying web 
application directory
[/home/tomcat9/apache-tomcat-9.0.0.M26/webapps/ROOT]

so here : /home/tomcat9/apache-tomcat-9.0.0.M26/conf/server.xml

and considering this :

08-Sep-2017 11:31:21.952 SEVERE [main] 
org.apache.tomcat.util.digester.Digester.fatalError

Parse Fatal Error at line 87 column 6: The content of elements must consist of 
well-formed
character data or markup.

   org.xml.sax.SAXParseException; systemId:

file:/home/tomcat9/apache-tomcat-9.0.0.M26/conf/server.xml; lineNumber: 87; 
columnNumber:

6; The content of elements must consist of well-formed character data or markup.

there is something on line 87, position 6, that he does not like.

And further down also :

08-Sep-2017 13:17:36.947 SEVERE [main] 
org.apache.tomcat.util.digester.Digester.fatalError

Parse Fatal Error at line 114 column 6: The string "--" is not permitted within 
comments.

   org.xml.sax.SAXParseException; systemId:

file:/home/tomcat9/apache-tomcat-9.0.0.M26/conf/server.xml; lineNumber: 114; 
columnNumber:

6; The string "--" is not permitted within comments.

but maybe this is not in the server.xml file itself, but in something else that 
the
server.xml references there (like an external "XML entity" or something).

Why don't you get those 2 lines from your server.xml and paste them here :

...

 > John Ellis

 >

 > 405.285.2500 office

 >

 >

 >

 >

 > http://biz-e.io

 >

 >

 > -Original Message-

 > From: André Warnier (tomcat) [mailto:a...@ice-sa.com]

 > Sent: Wednesday, September 20, 2017 10:02 AM

 > To: users@tomcat.apache.org <mailto:users@tomcat.apache.org>

 > Subject: Re: tomcat ssl setup

 >

 > On 20.09.2017 15:20, John Ellis wrote:

 >> Andre can you tell me which log file you are saying tells where the

 >> problem is?

 >

 > That's the one you uploaded to the dropbox :

 >   >>

 > https://www.dropbox.com/s/hlcg3cycddteyaz/catalina.2017-09-08.log?dl=0

 >

 > I have of course no idea at this point, which tomcat or which

 > server.xml this was related to, but i suppose you do.

 >

 > I am not seeing it but I may not be even looking for the right thing.

 > I

 >> did open the server.xml file up in an XML file editor program and it

 >> didn't give any errors.

 >

 > Then it must be that this tomcat who wrote the logfile, is not looking

 > at the same server.xml file than the one you're looking at.

 > (Or else your XML file editor is not really good)

 >

 > How do you start this tomcat, on your server ?

 > And where did you get this tomcat from ? Is it the one from the tomcat

 > website ?

 >

 >>

 >> John Ellis

 >>

 >> 405.285.2500 office

 >>

 >>

 >>

 >>

 >> http://biz-e.io

 >>

 >>

 >> -Original Message-

 >> From: André Warnier (tomcat) [mailto:a...@ice-sa.com]

 >> Sent: Tuesday, September 19, 2017 3:47 PM

 >> To: users@tomcat.apache.org <mailto:users@tomcat.apache.org>

 >> Subject: Re: tomcat ssl setup

 >>

 >> On 19.09.2017 20:17, John Ellis wrote:

 >>> Here are the tomcat 9 log file DropBox links-

 >>>

 >>> https://www.dropbox.com/s/hlcg3cycddteyaz/catalina.2017-09-08.log?dl

 >>> =

 >>> 0

 >>

 >> Well, there you go. It tells you explicitly where you made the

 >> mistakes, up to the file and line

RE: tomcat ssl setup

Thanks so much for the quick reply Andre. There doesn't appear to be
anything on line 87 but there is on line 114. See the screenshot I took of
the server.xml file below-

 



 

John Ellis

 

405.285.2500 office

 

 



 

http://biz-e.io

 

 

-Original Message-
From: André Warnier (tomcat) [mailto:a...@ice-sa.com] 
Sent: Wednesday, September 20, 2017 10:41 AM
To: users@tomcat.apache.org
Subject: Re: tomcat ssl setup

 

On 20.09.2017 17:07, John Ellis wrote:

> All of what I have done so far has been in Tomcat version 9, which I 

> downloaded from the Apache Tomcat website. The way I start tomcat is 

> by running the command ./startup.sh from within the 

> apache-tomcat-9.0.0.M26/bin directory. I stop it by running the 

> command ./shutdown.sh from the same directory.

> 

 

Ok, perfect. So there is only one tomcat9 we can be talking about, and one
server.xml file. And since this is a "standard tomcat", that server.xml must
be in .. let me look at the logfile again) ..

 

08-Sep-2017 10:05:02.911 INFO [main]

org.apache.catalina.startup.HostConfig.deployDirectory Deploying web
application directory [/home/tomcat9/apache-tomcat-9.0.0.M26/webapps/ROOT]

 

so here : /home/tomcat9/apache-tomcat-9.0.0.M26/conf/server.xml

 

and considering this :

08-Sep-2017 11:31:21.952 SEVERE [main]
org.apache.tomcat.util.digester.Digester.fatalError

Parse Fatal Error at line 87 column 6: The content of elements must consist
of well-formed character data or markup.

  org.xml.sax.SAXParseException; systemId: 

file:/home/tomcat9/apache-tomcat-9.0.0.M26/conf/server.xml; lineNumber: 87;
columnNumber: 

6; The content of elements must consist of well-formed character data or
markup.

 

there is something on line 87, position 6, that he does not like.

 

And further down also :

08-Sep-2017 13:17:36.947 SEVERE [main]
org.apache.tomcat.util.digester.Digester.fatalError

Parse Fatal Error at line 114 column 6: The string "--" is not permitted
within comments.

  org.xml.sax.SAXParseException; systemId: 

file:/home/tomcat9/apache-tomcat-9.0.0.M26/conf/server.xml; lineNumber: 114;
columnNumber: 

6; The string "--" is not permitted within comments.

 

but maybe this is not in the server.xml file itself, but in something else
that the server.xml references there (like an external "XML entity" or
something).

 

Why don't you get those 2 lines from your server.xml and paste them here :

 

...

 

 

 

 

 

> John Ellis

> 

> 405.285.2500 office

> 

> 

> 

> 

>  <http://biz-e.io> http://biz-e.io

> 

> 

> -Original Message-

> From: André Warnier (tomcat) [ <mailto:a...@ice-sa.com>
mailto:a...@ice-sa.com]

> Sent: Wednesday, September 20, 2017 10:02 AM

> To:  <mailto:users@tomcat.apache.org> users@tomcat.apache.org

> Subject: Re: tomcat ssl setup

> 

> On 20.09.2017 15:20, John Ellis wrote:

>> Andre can you tell me which log file you are saying tells where the 

>> problem is?

> 

> That's the one you uploaded to the dropbox :

>   >> 

>  <https://www.dropbox.com/s/hlcg3cycddteyaz/catalina.2017-09-08.log?dl=0>
https://www.dropbox.com/s/hlcg3cycddteyaz/catalina.2017-09-08.log?dl=0

> 

> I have of course no idea at this point, which tomcat or which 

> server.xml this was related to, but i suppose you do.

> 

> I am not seeing it but I may not be even looking for the right thing. 

> I

>> did open the server.xml file up in an XML file editor program and it 

>> didn't give any errors.

> 

> Then it must be that this tomcat who wrote the logfile, is not looking 

> at the same server.xml file than the one you're looking at.

> (Or else your XML file editor is not really good)

> 

> How do you start this tomcat, on your server ?

> And where did you get this tomcat from ? Is it the one from the tomcat 

> website ?

> 

>> 

>> John Ellis

>> 

>> 405.285.2500 office

>> 

>> 

>> 

>> 

>>  <http://biz-e.io> http://biz-e.io

>> 

>> 

>> -Original Message-

>> From: André Warnier (tomcat) [ <mailto:a...@ice-sa.com>
mailto:a...@ice-sa.com]

>> Sent: Tuesday, September 19, 2017 3:47 PM

>> To:  <mailto:users@tomcat.apache.org> users@tomcat.apache.org

>> Subject: Re: tomcat ssl setup

>> 

>> On 19.09.2017 20:17, John Ellis wrote:

>>> Here are the tomcat 9 log file DropBox links-

>>> 

>>>  <https://www.dropbox.com/s/hlcg3cycddteyaz/catalina.2017-09-08.log?dl>
https://www.dropbox.com/s/hlcg3cycddteyaz/catalina.2017-09-08.log?dl

>>> =

>>> 0

>> 

>> Well, there you go. It tells you explicitly where you made the 

>> mistakes, up to the file and line  numbers

Re: tomcat ssl setup

2017-09-20 Thread tomcat


On 20.09.2017 17:07, John Ellis wrote:

All of what I have done so far has been in Tomcat version 9, which I
downloaded from the Apache Tomcat website. The way I start tomcat is by
running the command ./startup.sh from within the apache-tomcat-9.0.0.M26/bin
directory. I stop it by running the command ./shutdown.sh from the same
directory.



Ok, perfect. So there is only one tomcat9 we can be talking about, and one server.xml 
file. And since this is a "standard tomcat", that server.xml must be in .. let me look at 
the logfile again) ..


08-Sep-2017 10:05:02.911 INFO [main] 
org.apache.catalina.startup.HostConfig.deployDirectory Deploying web application directory 
[/home/tomcat9/apache-tomcat-9.0.0.M26/webapps/ROOT]


so here : /home/tomcat9/apache-tomcat-9.0.0.M26/conf/server.xml

and considering this :
08-Sep-2017 11:31:21.952 SEVERE [main] org.apache.tomcat.util.digester.Digester.fatalError 
Parse Fatal Error at line 87 column 6: The content of elements must consist of well-formed 
character data or markup.
 org.xml.sax.SAXParseException; systemId: 
file:/home/tomcat9/apache-tomcat-9.0.0.M26/conf/server.xml; lineNumber: 87; columnNumber: 
6; The content of elements must consist of well-formed character data or markup.


there is something on line 87, position 6, that he does not like.

And further down also :
08-Sep-2017 13:17:36.947 SEVERE [main] org.apache.tomcat.util.digester.Digester.fatalError 
Parse Fatal Error at line 114 column 6: The string "--" is not permitted within comments.
 org.xml.sax.SAXParseException; systemId: 
file:/home/tomcat9/apache-tomcat-9.0.0.M26/conf/server.xml; lineNumber: 114; columnNumber: 
6; The string "--" is not permitted within comments.


but maybe this is not in the server.xml file itself, but in something else that the 
server.xml references there (like an external "XML entity" or something).


Why don't you get those 2 lines from your server.xml and paste them here :

...






John Ellis

405.285.2500 office




http://biz-e.io


-Original Message-
From: André Warnier (tomcat) [mailto:a...@ice-sa.com]
Sent: Wednesday, September 20, 2017 10:02 AM
To: users@tomcat.apache.org
Subject: Re: tomcat ssl setup

On 20.09.2017 15:20, John Ellis wrote:

Andre can you tell me which log file you are saying tells where the
problem is?


That's the one you uploaded to the dropbox :
  >> https://www.dropbox.com/s/hlcg3cycddteyaz/catalina.2017-09-08.log?dl=0

I have of course no idea at this point, which tomcat or which server.xml
this was related to, but i suppose you do.

I am not seeing it but I may not be even looking for the right thing. I

did open the server.xml file up in an XML file editor program and it
didn't give any errors.


Then it must be that this tomcat who wrote the logfile, is not looking at
the same server.xml file than the one you're looking at.
(Or else your XML file editor is not really good)

How do you start this tomcat, on your server ?
And where did you get this tomcat from ? Is it the one from the tomcat
website ?



John Ellis

405.285.2500 office




http://biz-e.io


-Original Message-
From: André Warnier (tomcat) [mailto:a...@ice-sa.com]
Sent: Tuesday, September 19, 2017 3:47 PM
To: users@tomcat.apache.org
Subject: Re: tomcat ssl setup

On 19.09.2017 20:17, John Ellis wrote:

Here are the tomcat 9 log file DropBox links-

https://www.dropbox.com/s/hlcg3cycddteyaz/catalina.2017-09-08.log?dl=
0


Well, there you go. It tells you explicitly where you made the
mistakes, up to the file and line  numbers.
I can't see your server.xml, but I would bet that you have modified
it, by surrounding some XML comment sections by another comment pair
 That crashes because XML does not allow that.
You cannot have this kind of thing :

  -->




https://www.dropbox.com/s/yj93ub9woxdoie0/localhost_access_log.2017-0
9
-19.txt?dl=0

Thanks,

John Ellis

405.285.2500 office

United States

bize-logo-rgb-original_Ryan_Revised_portal
sizecid:image002.jpg@01CECFDA.65B42CD0

http://biz-e.io

*From:*Alejandro Vargas M. [mailto:alejandro.var...@kymsolutions.com]
*Sent:* Tuesday, September 19, 2017 11:10 AM
*To:* users@tomcat.apache.org
*Subject:* Re: tomcat ssl setup

Do you see what's on the log files, they can tell you what's the
problem in. Maybe you can share those files too.

I also saw on line 117 this "|  -->|"  Looks like there's left over.

On 09/19/2017 09:31 AM, John Ellis wrote:

  I have been trying to setup SSL for tomcat 9.00.M26 on a RHEL
(version

6.4) server for

  testing purposes. I downloaded & installed Tomcat9 fine and I
get a

proper webpage on

  port 8080 but when I used the keytool commands and created a

certificate from

  cacert.org and then edited the server.xml file to setup the ssl

configuration to run

  on port 8443 I cannot get a webpage on that port; it defaults
back to

port 8080. If I

  am not providing all the need

RE: tomcat ssl setup

2017-09-20 Thread John Ellis

All of what I have done so far has been in Tomcat version 9, which I
downloaded from the Apache Tomcat website. The way I start tomcat is by
running the command ./startup.sh from within the apache-tomcat-9.0.0.M26/bin
directory. I stop it by running the command ./shutdown.sh from the same
directory.

John Ellis

405.285.2500 office


    

http://biz-e.io


-Original Message-
From: André Warnier (tomcat) [mailto:a...@ice-sa.com] 
Sent: Wednesday, September 20, 2017 10:02 AM
To: users@tomcat.apache.org
Subject: Re: tomcat ssl setup

On 20.09.2017 15:20, John Ellis wrote:
> Andre can you tell me which log file you are saying tells where the 
> problem is?

That's the one you uploaded to the dropbox :
 >> https://www.dropbox.com/s/hlcg3cycddteyaz/catalina.2017-09-08.log?dl=0

I have of course no idea at this point, which tomcat or which server.xml
this was related to, but i suppose you do.

I am not seeing it but I may not be even looking for the right thing. I
> did open the server.xml file up in an XML file editor program and it 
> didn't give any errors.

Then it must be that this tomcat who wrote the logfile, is not looking at
the same server.xml file than the one you're looking at.
(Or else your XML file editor is not really good)

How do you start this tomcat, on your server ?
And where did you get this tomcat from ? Is it the one from the tomcat
website ?

>
> John Ellis
>
> 405.285.2500 office
>
>
>
>
> http://biz-e.io
>
>
> -Original Message-
> From: André Warnier (tomcat) [mailto:a...@ice-sa.com]
> Sent: Tuesday, September 19, 2017 3:47 PM
> To: users@tomcat.apache.org
> Subject: Re: tomcat ssl setup
>
> On 19.09.2017 20:17, John Ellis wrote:
>> Here are the tomcat 9 log file DropBox links-
>>
>> https://www.dropbox.com/s/hlcg3cycddteyaz/catalina.2017-09-08.log?dl=
>> 0
>
> Well, there you go. It tells you explicitly where you made the 
> mistakes, up to the file and line  numbers.
> I can't see your server.xml, but I would bet that you have modified 
> it, by surrounding some XML comment sections by another comment pair 
>  That crashes because XML does not allow that.
> You cannot have this kind of thing :
>
>   -->
>
>
>>
>> https://www.dropbox.com/s/yj93ub9woxdoie0/localhost_access_log.2017-0
>> 9
>> -19.txt?dl=0
>>
>> Thanks,
>>
>> John Ellis
>>
>> 405.285.2500 office
>>
>> United States
>>
>> bize-logo-rgb-original_Ryan_Revised_portal
>> sizecid:image002.jpg@01CECFDA.65B42CD0
>>
>> http://biz-e.io
>>
>> *From:*Alejandro Vargas M. [mailto:alejandro.var...@kymsolutions.com]
>> *Sent:* Tuesday, September 19, 2017 11:10 AM
>> *To:* users@tomcat.apache.org
>> *Subject:* Re: tomcat ssl setup
>>
>> Do you see what's on the log files, they can tell you what's the 
>> problem in. Maybe you can share those files too.
>>
>> I also saw on line 117 this "|  -->|"  Looks like there's left over.
>>
>> On 09/19/2017 09:31 AM, John Ellis wrote:
>>
>>  I have been trying to setup SSL for tomcat 9.00.M26 on a RHEL 
>> (version
> 6.4) server for
>>  testing purposes. I downloaded & installed Tomcat9 fine and I 
>> get a
> proper webpage on
>>  port 8080 but when I used the keytool commands and created a
> certificate from
>>  cacert.org and then edited the server.xml file to setup the ssl
> configuration to run
>>  on port 8443 I cannot get a webpage on that port; it defaults 
>> back to
> port 8080. If I
>>  am not providing all the needed info or asking a wrong question 
>> please
> forgive me. I
>>  am not a programmer. My background is in computer hardware. I 
>> have
> just been forced to
>>  learn this to support two products that we use here in our 
>> office;
> Jira and
>>  Confluence. I have actually been working on setting them up for 
>> an SSL
> connection on a
>>  different server. I got Confluence working on a secure port but 
>> not
> Jira so my boss
>>  suggested troubleshooting the issue by trying to first get SSL 
>> setup
> for Tomcat on
>>  this other server.
>>
>>  I am providing a copy of the Tomcat9 server.sml file here on a 
>> DropBox
> link-
>>  https://www.dropbox.com/s/k3l07w9p4n81fas/server.xml?dl=0
>>
>>  Thanks in advance!
>>
>>  John Ellis
>>
>>  405.285.2500 office
>>
>>  United States
>>
>>  bize-logo-rgb-original_Ryan_Revised_portal
>> sizecid:image002.jpg@01CECFDA.65B42CD0
>>
>>  http://biz-e.io
>

Re: tomcat ssl setup

2017-09-20 Thread tomcat


On 20.09.2017 15:20, John Ellis wrote:

Andre can you tell me which log file you are saying tells where the problem
is?


That's the one you uploaded to the dropbox :
>> https://www.dropbox.com/s/hlcg3cycddteyaz/catalina.2017-09-08.log?dl=0

I have of course no idea at this point, which tomcat or which server.xml this was related 
to, but i suppose you do.


I am not seeing it but I may not be even looking for the right thing. I

did open the server.xml file up in an XML file editor program and it didn't
give any errors.


Then it must be that this tomcat who wrote the logfile, is not looking at the same 
server.xml file than the one you're looking at.

(Or else your XML file editor is not really good)

How do you start this tomcat, on your server ?
And where did you get this tomcat from ? Is it the one from the tomcat website ?



John Ellis

405.285.2500 office




http://biz-e.io


-Original Message-
From: André Warnier (tomcat) [mailto:a...@ice-sa.com]
Sent: Tuesday, September 19, 2017 3:47 PM
To: users@tomcat.apache.org
Subject: Re: tomcat ssl setup

On 19.09.2017 20:17, John Ellis wrote:

Here are the tomcat 9 log file DropBox links-

https://www.dropbox.com/s/hlcg3cycddteyaz/catalina.2017-09-08.log?dl=0


Well, there you go. It tells you explicitly where you made the mistakes, up
to the file and line  numbers.
I can't see your server.xml, but I would bet that you have modified it, by
surrounding some XML comment sections by another comment pair 
That crashes because XML does not allow that.
You cannot have this kind of thing :

  -->




https://www.dropbox.com/s/yj93ub9woxdoie0/localhost_access_log.2017-09
-19.txt?dl=0

Thanks,

John Ellis

405.285.2500 office

United States

bize-logo-rgb-original_Ryan_Revised_portal
sizecid:image002.jpg@01CECFDA.65B42CD0

http://biz-e.io

*From:*Alejandro Vargas M. [mailto:alejandro.var...@kymsolutions.com]
*Sent:* Tuesday, September 19, 2017 11:10 AM
*To:* users@tomcat.apache.org
*Subject:* Re: tomcat ssl setup

Do you see what's on the log files, they can tell you what's the
problem in. Maybe you can share those files too.

I also saw on line 117 this "|  -->|"  Looks like there's left over.

On 09/19/2017 09:31 AM, John Ellis wrote:

 I have been trying to setup SSL for tomcat 9.00.M26 on a RHEL (version

6.4) server for

 testing purposes. I downloaded & installed Tomcat9 fine and I get a

proper webpage on

 port 8080 but when I used the keytool commands and created a

certificate from

 cacert.org and then edited the server.xml file to setup the ssl

configuration to run

 on port 8443 I cannot get a webpage on that port; it defaults back to

port 8080. If I

 am not providing all the needed info or asking a wrong question please

forgive me. I

 am not a programmer. My background is in computer hardware. I have

just been forced to

 learn this to support two products that we use here in our office;

Jira and

 Confluence. I have actually been working on setting them up for an SSL

connection on a

 different server. I got Confluence working on a secure port but not

Jira so my boss

 suggested troubleshooting the issue by trying to first get SSL setup

for Tomcat on

 this other server.

 I am providing a copy of the Tomcat9 server.sml file here on a DropBox

link-

 https://www.dropbox.com/s/k3l07w9p4n81fas/server.xml?dl=0

 Thanks in advance!

 John Ellis

 405.285.2500 office

 United States

 bize-logo-rgb-original_Ryan_Revised_portal
sizecid:image002.jpg@01CECFDA.65B42CD0

 http://biz-e.io

--



Alejandro Vargas Mayorga
*/Gerente Desarrollo C.A. & C./*
*Tel. 506- 7232-3366*
*Email:**alejandro.var...@kymsolutions.com*
<mailto:%20alejandro.var...@kymsolutions.com>*
**www.kymsolutions.com* <http://www.kymsolutions.com/>* Visite nuestra
aula virtual! *




-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org



-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org




-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org

RE: tomcat ssl setup

2017-09-20 Thread John Ellis

Andre can you tell me which log file you are saying tells where the problem
is? I am not seeing it but I may not be even looking for the right thing. I
did open the server.xml file up in an XML file editor program and it didn't
give any errors. 

John Ellis

405.285.2500 office


    

http://biz-e.io


-Original Message-
From: André Warnier (tomcat) [mailto:a...@ice-sa.com] 
Sent: Tuesday, September 19, 2017 3:47 PM
To: users@tomcat.apache.org
Subject: Re: tomcat ssl setup

On 19.09.2017 20:17, John Ellis wrote:
> Here are the tomcat 9 log file DropBox links-
>
> https://www.dropbox.com/s/hlcg3cycddteyaz/catalina.2017-09-08.log?dl=0

Well, there you go. It tells you explicitly where you made the mistakes, up
to the file and line  numbers.
I can't see your server.xml, but I would bet that you have modified it, by
surrounding some XML comment sections by another comment pair 
That crashes because XML does not allow that.
You cannot have this kind of thing :

  -->


>
> https://www.dropbox.com/s/yj93ub9woxdoie0/localhost_access_log.2017-09
> -19.txt?dl=0
>
> Thanks,
>
> John Ellis
>
> 405.285.2500 office
>
> United States
>
> bize-logo-rgb-original_Ryan_Revised_portal 
> sizecid:image002.jpg@01CECFDA.65B42CD0
>
> http://biz-e.io
>
> *From:*Alejandro Vargas M. [mailto:alejandro.var...@kymsolutions.com]
> *Sent:* Tuesday, September 19, 2017 11:10 AM
> *To:* users@tomcat.apache.org
> *Subject:* Re: tomcat ssl setup
>
> Do you see what's on the log files, they can tell you what's the 
> problem in. Maybe you can share those files too.
>
> I also saw on line 117 this "|  -->|"  Looks like there's left over.
>
> On 09/19/2017 09:31 AM, John Ellis wrote:
>
> I have been trying to setup SSL for tomcat 9.00.M26 on a RHEL (version
6.4) server for
> testing purposes. I downloaded & installed Tomcat9 fine and I get a
proper webpage on
> port 8080 but when I used the keytool commands and created a
certificate from
> cacert.org and then edited the server.xml file to setup the ssl
configuration to run
> on port 8443 I cannot get a webpage on that port; it defaults back to
port 8080. If I
> am not providing all the needed info or asking a wrong question please
forgive me. I
> am not a programmer. My background is in computer hardware. I have
just been forced to
> learn this to support two products that we use here in our office;
Jira and
> Confluence. I have actually been working on setting them up for an SSL
connection on a
> different server. I got Confluence working on a secure port but not
Jira so my boss
> suggested troubleshooting the issue by trying to first get SSL setup
for Tomcat on
> this other server.
>
> I am providing a copy of the Tomcat9 server.sml file here on a DropBox
link-
> https://www.dropbox.com/s/k3l07w9p4n81fas/server.xml?dl=0
>
> Thanks in advance!
>
> John Ellis
>
> 405.285.2500 office
>
> United States
>
> bize-logo-rgb-original_Ryan_Revised_portal 
> sizecid:image002.jpg@01CECFDA.65B42CD0
>
> http://biz-e.io
>
> --
>
>
>
> Alejandro Vargas Mayorga
> */Gerente Desarrollo C.A. & C./*
> *Tel. 506- 7232-3366*
> *Email:**alejandro.var...@kymsolutions.com* 
> <mailto:%20alejandro.var...@kymsolutions.com>*
> **www.kymsolutions.com* <http://www.kymsolutions.com/>* Visite nuestra 
> aula virtual! *
>


-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org



-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org

RE: tomcat ssl setup

2017-09-20 Thread John Ellis

The Dropbox link to the tomcat server.xml file is back in this email thread.

John Ellis

405.285.2500 office


    

http://biz-e.io


-Original Message-
From: André Warnier (tomcat) [mailto:a...@ice-sa.com] 
Sent: Tuesday, September 19, 2017 3:47 PM
To: users@tomcat.apache.org
Subject: Re: tomcat ssl setup

On 19.09.2017 20:17, John Ellis wrote:
> Here are the tomcat 9 log file DropBox links-
>
> https://www.dropbox.com/s/hlcg3cycddteyaz/catalina.2017-09-08.log?dl=0

Well, there you go. It tells you explicitly where you made the mistakes, up
to the file and line  numbers.
I can't see your server.xml, but I would bet that you have modified it, by
surrounding some XML comment sections by another comment pair 
That crashes because XML does not allow that.
You cannot have this kind of thing :

  -->


>
> https://www.dropbox.com/s/yj93ub9woxdoie0/localhost_access_log.2017-09
> -19.txt?dl=0
>
> Thanks,
>
> John Ellis
>
> 405.285.2500 office
>
> United States
>
> bize-logo-rgb-original_Ryan_Revised_portal 
> sizecid:image002.jpg@01CECFDA.65B42CD0
>
> http://biz-e.io
>
> *From:*Alejandro Vargas M. [mailto:alejandro.var...@kymsolutions.com]
> *Sent:* Tuesday, September 19, 2017 11:10 AM
> *To:* users@tomcat.apache.org
> *Subject:* Re: tomcat ssl setup
>
> Do you see what's on the log files, they can tell you what's the 
> problem in. Maybe you can share those files too.
>
> I also saw on line 117 this "|  -->|"  Looks like there's left over.
>
> On 09/19/2017 09:31 AM, John Ellis wrote:
>
> I have been trying to setup SSL for tomcat 9.00.M26 on a RHEL (version
6.4) server for
> testing purposes. I downloaded & installed Tomcat9 fine and I get a
proper webpage on
> port 8080 but when I used the keytool commands and created a
certificate from
> cacert.org and then edited the server.xml file to setup the ssl
configuration to run
> on port 8443 I cannot get a webpage on that port; it defaults back to
port 8080. If I
> am not providing all the needed info or asking a wrong question please
forgive me. I
> am not a programmer. My background is in computer hardware. I have
just been forced to
> learn this to support two products that we use here in our office;
Jira and
> Confluence. I have actually been working on setting them up for an SSL
connection on a
> different server. I got Confluence working on a secure port but not
Jira so my boss
> suggested troubleshooting the issue by trying to first get SSL setup
for Tomcat on
> this other server.
>
> I am providing a copy of the Tomcat9 server.sml file here on a DropBox
link-
> https://www.dropbox.com/s/k3l07w9p4n81fas/server.xml?dl=0
>
> Thanks in advance!
>
> John Ellis
>
> 405.285.2500 office
>
> United States
>
> bize-logo-rgb-original_Ryan_Revised_portal 
> sizecid:image002.jpg@01CECFDA.65B42CD0
>
> http://biz-e.io
>
> --
>
>
>
> Alejandro Vargas Mayorga
> */Gerente Desarrollo C.A. & C./*
> *Tel. 506- 7232-3366*
> *Email:**alejandro.var...@kymsolutions.com* 
> <mailto:%20alejandro.var...@kymsolutions.com>*
> **www.kymsolutions.com* <http://www.kymsolutions.com/>* Visite nuestra 
> aula virtual! *
>


-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org



-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org

Re: tomcat ssl setup

2017-09-19 Thread tomcat


On 19.09.2017 20:17, John Ellis wrote:

Here are the tomcat 9 log file DropBox links-

https://www.dropbox.com/s/hlcg3cycddteyaz/catalina.2017-09-08.log?dl=0


Well, there you go. It tells you explicitly where you made the mistakes, up to the file 
and line  numbers.
I can't see your server.xml, but I would bet that you have modified it, by surrounding 
some XML comment sections by another comment pair 

That crashes because XML does not allow that.
You cannot have this kind of thing :

  -->




https://www.dropbox.com/s/yj93ub9woxdoie0/localhost_access_log.2017-09-19.txt?dl=0

Thanks,

John Ellis

405.285.2500 office

United States

bize-logo-rgb-original_Ryan_Revised_portal 
sizecid:image002.jpg@01CECFDA.65B42CD0

http://biz-e.io

*From:*Alejandro Vargas M. [mailto:alejandro.var...@kymsolutions.com]
*Sent:* Tuesday, September 19, 2017 11:10 AM
*To:* users@tomcat.apache.org
*Subject:* Re: tomcat ssl setup

Do you see what's on the log files, they can tell you what's the problem in. 
Maybe you can
share those files too.

I also saw on line 117 this "|  -->|"  Looks like there's left over.

On 09/19/2017 09:31 AM, John Ellis wrote:

I have been trying to setup SSL for tomcat 9.00.M26 on a RHEL (version 6.4) 
server for
testing purposes. I downloaded & installed Tomcat9 fine and I get a proper 
webpage on
port 8080 but when I used the keytool commands and created a certificate 
from
cacert.org and then edited the server.xml file to setup the ssl 
configuration to run
on port 8443 I cannot get a webpage on that port; it defaults back to port 
8080. If I
am not providing all the needed info or asking a wrong question please 
forgive me. I
am not a programmer. My background is in computer hardware. I have just 
been forced to
learn this to support two products that we use here in our office; Jira and
Confluence. I have actually been working on setting them up for an SSL 
connection on a
different server. I got Confluence working on a secure port but not Jira so 
my boss
suggested troubleshooting the issue by trying to first get SSL setup for 
Tomcat on
this other server.

I am providing a copy of the Tomcat9 server.sml file here on a DropBox link-
https://www.dropbox.com/s/k3l07w9p4n81fas/server.xml?dl=0

Thanks in advance!

John Ellis

405.285.2500 office

United States

bize-logo-rgb-original_Ryan_Revised_portal 
sizecid:image002.jpg@01CECFDA.65B42CD0

http://biz-e.io

--



Alejandro Vargas Mayorga
*/Gerente Desarrollo C.A. & C./*
*Tel. 506- 7232-3366*
*Email:**alejandro.var...@kymsolutions.com* 
<mailto:%20alejandro.var...@kymsolutions.com>*
**www.kymsolutions.com* <http://www.kymsolutions.com/>*
Visite nuestra aula virtual! *




-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org

Re: tomcat ssl setup

2017-09-19 Thread tomcat

On 19.09.2017 20:19, John Ellis wrote:

Andre at this point Alan, my boss, only has had me setup Tomcat 9 on this
server; not jira or confluence. He thought it might be easier to get the SSL
port working just on Tomcat first and then work with Jira and Confluence on
this server.

Yes, and he is right. And at least this way, we have a reasonable picture of what files
and configuration to expect, to start with.
That is, provided we can figure out where the (RedHat ?) package-management of your
platform puts the files which normally constitute tomcat.

I have a suggestion for you (and I know that you have already posted your current tomcat
config files for people to look at, but do this in parallel).

If you really want to understand how tomcat works in its basic form, then do
this :
- go to the "official tomcat website" tomcat.apache.org, and download an "official tomcat
9" from that website.
- unpack it and install it, to some directory of your choice like "/opt/tomcat9" or
"/srv/tomcat9" (pick somewhere where there are not already a lot of things).

The difference with a packaged version, is mainly this :
- the whole tomcat software and standard configuration files will be installed under a
single directory of your choice (e.g. /opt/tomcat9), and will be in a simple layout, like

- /opt/tomcat9
- bin (the basic startup scripts, and the initial tomcat "bootstrap.jar" which loads
tomcat and starts it)

- conf (the configuration files)
- lib (the java libraries of tomcat and used by tomcat)
- logs (the logfiles that tomcat writes)
- temp (a writeable work directory for temporary files)
- webapps (top of all the application directories)
- ROOT (the "default" application - basically a basic "Hello" page)
- work (where tomcat expands some files when it starts)

(It will not put things anywhere else, nor interfere with any other software that is
already there, and it will be easy to delete when you do not want it anymore.)

This tomcat, you will not really run it at first. But it will give you an overview of the
pieces, and how they relate to one another, in a simple layout.
It will also make it a lot easier for you to get help here, and to find your way in the
on-line tomcat documentation, which often refers to such a standard layout.
(And you may even try to run it, following the detailed instructions that you will find in
the top directory, in the file "RUNNING.txt". It is really quite simple.).

The issue with per-platform packaged versions, is that they do re-arrange all these pieces
and files into other locations, to better fit the logic of other packages on that
platform. And then they put a series of links between these directories, files etc., to
make that packaged tomcat find these different pieces when it runs.
That is perfectly ok, and it makes it easier later, to run tomcat automatically as a
daemon, update it, manage its logfiles etc.
But makes it quite difficult to find things initially, unless you have that standard
layout to guide you. (Because then at least you know what you are looking for).

-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org

RE: tomcat ssl setup

Andre at this point Alan, my boss, only has had me setup Tomcat 9 on this
server; not jira or confluence. He thought it might be easier to get the SSL
port working just on Tomcat first and then work with Jira and Confluence on
this server. 

John Ellis

405.285.2500 office

http://biz-e.io

-Original Message-
From: André Warnier (tomcat) [mailto:a...@ice-sa.com] 
Sent: Tuesday, September 19, 2017 10:57 AM
To: users@tomcat.apache.org
Subject: Re: tomcat ssl setup

On 19.09.2017 17:31, John Ellis wrote:
> I have been trying to setup SSL for tomcat 9.00.M26 on a RHEL (version 
> 6.4) server for testing purposes. I downloaded & installed Tomcat9 
> fine and I get a proper webpage on port
> 8080 but when I used the keytool commands and created a certificate 
> from cacert.org and then edited the server.xml file to setup the ssl 
> configuration to run on port 8443 I cannot get a webpage on that port; 
> it defaults back to port 8080. If I am not providing all the needed info
or asking a wrong question please forgive me. I am not a programmer.
> My background is in computer hardware. I have just been forced to 
> learn this to support two products that we use here in our office; 
> Jira and Confluence. I have actually been working on setting them up 
> for an SSL connection on a different server. I got Confluence working 
> on a secure port but not Jira so my boss suggested troubleshooting the
issue by trying to first get SSL setup for Tomcat on this other server.
>
> I am providing a copy of the Tomcat9 server.sml file here on a DropBox 
> link-
> https://www.dropbox.com/s/k3l07w9p4n81fas/server.xml?dl=0
>
> Thanks in advance!
>

Hi. No problem, and no need to apologise, we try to help everyone here. (Any
tomcat user, at least).
No matter what tomcat you are running or where you instlled it, it should be
writing logfiles somewhere, in which it should tell you at start, what may
be wrong. Have you found and looked at these files yet ?
Maybe something else : I am no expert, but I believe that by default, each
of Confluence and Jira sets up its own "private" tomcat server. Are you sure
that you are looking at the right one ?

-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org

-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org

RE: tomcat ssl setup

Here are the tomcat 9 log file DropBox links-

 

https://www.dropbox.com/s/hlcg3cycddteyaz/catalina.2017-09-08.log?dl=0

 

https://www.dropbox.com/s/yj93ub9woxdoie0/localhost_access_log.2017-09-19.tx
t?dl=0

 

Thanks,

 

John Ellis

 

405.285.2500 office

 





 

http://biz-e.io

 

From: Alejandro Vargas M. [mailto:alejandro.var...@kymsolutions.com] 
Sent: Tuesday, September 19, 2017 11:10 AM
To: users@tomcat.apache.org
Subject: Re: tomcat ssl setup

 

Do you see what's on the log files, they can tell you what's the problem in.
Maybe you can share those files too.

I also saw on line 117 this "  -->"  Looks like there's left over.

 

 

On 09/19/2017 09:31 AM, John Ellis wrote:

I have been trying to setup SSL for tomcat 9.00.M26 on a RHEL (version 6.4)
server for testing purposes. I downloaded & installed Tomcat9 fine and I get
a proper webpage on port 8080 but when I used the keytool commands and
created a certificate from cacert.org and then edited the server.xml file to
setup the ssl configuration to run on port 8443 I cannot get a webpage on
that port; it defaults back to port 8080. If I am not providing all the
needed info or asking a wrong question please forgive me. I am not a
programmer. My background is in computer hardware. I have just been forced
to learn this to support two products that we use here in our office; Jira
and Confluence. I have actually been working on setting them up for an SSL
connection on a different server. I got Confluence working on a secure port
but not Jira so my boss suggested troubleshooting the issue by trying to
first get SSL setup for Tomcat on this other server. 

I am providing a copy of the Tomcat9 server.sml file here on a DropBox link-
https://www.dropbox.com/s/k3l07w9p4n81fas/server.xml?dl=0

 

Thanks in advance!  

 

John Ellis

 

405.285.2500 office

 





 

http://biz-e.io

 

 

-- 







Alejandro Vargas Mayorga
Gerente Desarrollo C.A. & C.
Tel. 506- 7232-3366
Email: <mailto:%20alejandro.var...@kymsolutions.com>
alejandro.var...@kymsolutions.com
 <http://www.kymsolutions.com/> www.kymsolutions.com
Visite nuestra aula virtual!

RE: tomcat ssl setup

Yes I will put the log files on DropBox as well when I get back from lunch.

Thanks,

 

John Ellis

 

405.285.2500 office

 





 

http://biz-e.io

 

From: Alejandro Vargas M. [mailto:alejandro.var...@kymsolutions.com] 
Sent: Tuesday, September 19, 2017 11:10 AM
To: users@tomcat.apache.org
Subject: Re: tomcat ssl setup

 

Do you see what's on the log files, they can tell you what's the problem in.
Maybe you can share those files too.

I also saw on line 117 this "  -->"  Looks like there's left over.

 

 

On 09/19/2017 09:31 AM, John Ellis wrote:

I have been trying to setup SSL for tomcat 9.00.M26 on a RHEL (version 6.4)
server for testing purposes. I downloaded & installed Tomcat9 fine and I get
a proper webpage on port 8080 but when I used the keytool commands and
created a certificate from cacert.org and then edited the server.xml file to
setup the ssl configuration to run on port 8443 I cannot get a webpage on
that port; it defaults back to port 8080. If I am not providing all the
needed info or asking a wrong question please forgive me. I am not a
programmer. My background is in computer hardware. I have just been forced
to learn this to support two products that we use here in our office; Jira
and Confluence. I have actually been working on setting them up for an SSL
connection on a different server. I got Confluence working on a secure port
but not Jira so my boss suggested troubleshooting the issue by trying to
first get SSL setup for Tomcat on this other server. 

I am providing a copy of the Tomcat9 server.sml file here on a DropBox link-
https://www.dropbox.com/s/k3l07w9p4n81fas/server.xml?dl=0

 

Thanks in advance!  

 

John Ellis

 

405.285.2500 office

 





 

http://biz-e.io

 

 

-- 







Alejandro Vargas Mayorga
Gerente Desarrollo C.A. & C.
Tel. 506- 7232-3366
Email: <mailto:%20alejandro.var...@kymsolutions.com>
alejandro.var...@kymsolutions.com
 <http://www.kymsolutions.com/> www.kymsolutions.com
Visite nuestra aula virtual!

Re: tomcat ssl setup

2017-09-19 Thread Alejandro Vargas M.

Do you see what's on the log files, they can tell you what's the problem 
in. Maybe you can share those files too.


I also saw on line 117 this "|||-->|" Looks like there's left over.



On 09/19/2017 09:31 AM, John Ellis wrote:


I have been trying to setup SSL for tomcat 9.00.M26 on a RHEL (version 
6.4) server for testing purposes. I downloaded & installed Tomcat9 
fine and I get a proper webpage on port 8080 but when I used the 
keytool commands and created a certificate from cacert.org and then 
edited the server.xml file to setup the ssl configuration to run on 
port 8443 I cannot get a webpage on that port; it defaults back to 
port 8080. If I am not providing all the needed info or asking a wrong 
question please forgive me. I am not a programmer. My background is in 
computer hardware. I have just been forced to learn this to support 
two products that we use here in our office; Jira and Confluence. I 
have actually been working on setting them up for an SSL connection on 
a different server. I got Confluence working on a secure port but not 
Jira so my boss suggested troubleshooting the issue by trying to first 
get SSL setup for Tomcat on this other server.


I am providing a copy of the Tomcat9 server.sml file here on a DropBox 
link- https://www.dropbox.com/s/k3l07w9p4n81fas/server.xml?dl=0


Thanks in advance!

John Ellis

405.285.2500 office

United States

bize-logo-rgb-original_Ryan_Revised_portal 
sizecid:image002.jpg@01CECFDA.65B42CD0


http://biz-e.io



--




Alejandro Vargas Mayorga
/*Gerente Desarrollo C.A. & C.*/
*Tel. 506- 7232-3366*
*Email:**alejandro.var...@kymsolutions.com* 
<mailto:%20alejandro.var...@kymsolutions.com>*

**www.kymsolutions.com* <http://www.kymsolutions.com/>*
Visite nuestra aula virtual! *

Re: tomcat ssl setup

2017-09-19 Thread tomcat

On 19.09.2017 17:31, John Ellis wrote:

I have been trying to setup SSL for tomcat 9.00.M26 on a RHEL (version 6.4)
server for
testing purposes. I downloaded & installed Tomcat9 fine and I get a proper
webpage on port
8080 but when I used the keytool commands and created a certificate from
cacert.org and
then edited the server.xml file to setup the ssl configuration to run on port
8443 I
cannot get a webpage on that port; it defaults back to port 8080. If I am not
providing
all the needed info or asking a wrong question please forgive me. I am not a
programmer.
My background is in computer hardware. I have just been forced to learn this to
support
two products that we use here in our office; Jira and Confluence. I have
actually been
working on setting them up for an SSL connection on a different server. I got
Confluence
working on a secure port but not Jira so my boss suggested troubleshooting the
issue by
trying to first get SSL setup for Tomcat on this other server.

I am providing a copy of the Tomcat9 server.sml file here on a DropBox link-
https://www.dropbox.com/s/k3l07w9p4n81fas/server.xml?dl=0

Thanks in advance!

Hi. No problem, and no need to apologise, we try to help everyone here. (Any tomcat user,
at least).
No matter what tomcat you are running or where you instlled it, it should be writing
logfiles somewhere, in which it should tell you at start, what may be wrong. Have you
found and looked at these files yet ?
Maybe something else : I am no expert, but I believe that by default, each of Confluence
and Jira sets up its own "private" tomcat server. Are you sure that you are looking at the
right one ?

-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org

tomcat ssl setup