Hello,
First, thank you to Mark for adding the access logs in case of SSL handshake
failures
(https://github.com/apache/tomcat/commit/acf6076d7118571ebc881984b96792f861b72bb2#).
Really useful enhancement.
On a related note, I am trying to understand if we can log the SSL handshake
failure at
The Tomcat 8.5 documentation states for the Memory Realm:
MemoryRealm operates according to the following rules:
. When Tomcat first starts up, it loads all defined users and their
associated information from the users file. Changes to the data in this file
will not be recognized until
Thank you, Mark!
-Original Message-
From: Mark Thomas
Sent: Thursday, May 26, 2022 6:10 AM
To: users@tomcat.apache.org
Subject: Re: [External] Re: Maximum header size in Tomcat 9
On 25/05/2022 16:21, Amit Pande wrote:
> Hello Mark,
>
> Could we slightly update the description - to say
Jon,
If you want to secure the httpd <-> Tomcat link with mutually
authenticated TLS then I believe it is possible based on reading the
docs but a) haven't tested it and b) you are going to need to be careful
to ensure Tomcat doesn't get confused about whether it is the actual
client or the
On 03/06/2022 15:33, Amit Pande wrote:
Hello,
First, thank you to Mark for adding the access logs in case of SSL handshake
failures
(https://github.com/apache/tomcat/commit/acf6076d7118571ebc881984b96792f861b72bb2#).
Really useful enhancement.
On a related note, I am trying to understand
On 03/06/2022 16:31, Mark Wick wrote:
The Tomcat 8.5 documentation states for the Memory Realm:
MemoryRealm operates according to the following rules:
. When Tomcat first starts up, it loads all defined users and their
associated information from the users file. Changes to the data in this
Thank you as always Mark and all!
Dream * Excel * Explore * Inspire
Jon McAlexander
Senior Infrastructure Engineer
Asst. Vice President
He/His
Middleware Product Engineering
Enterprise CIO | EAS | Middleware | Infrastructure Solutions
8080 Cobblestone Rd | Urbandale, IA 50322
MAC: F4469-010
Tel
Thank you, Mark.
I agree changing the log level to error could cause problems you mentioned.
But option like logHandshakeFailuresAtError will be useful to
troubleshooting/debugging assuming DoS attacks are handled differently.
Thinking if this could be a connector level attribute or attribute