subject:"SSL error"

RE: SSL error [EXTERNAL]

2020-06-26 Thread Beard, Shawn M.

I was able to resolve this. I used keytool to create a new keystore/trust 
store, then imported the previous truststore that had all the CA certs in it. 
That seemed to work. So even though the previous truststore had the certs in it 
and was not empty, it must have had some kind of linking problem maybe?

Shawn Beard
Sr. Systems Engineer
BTS
+1-515-564-2528

-Original Message-
From: john.e.gr...@wellsfargo.com.INVALID 
Sent: Friday, June 26, 2020 1:32 PM
To: users@tomcat.apache.org
Subject: RE: SSL error [EXTERNAL]

** CAUTION: External message

Shawn,

-Original Message-
From: Beard, Shawn M. 
Sent: Friday, June 26, 2020 11:57 AM
To: Tomcat Users List 
Subject: RE: SSL error [EXTERNAL]

The code is calling a new webservice. It has godaddy as its ca signer. It was 
getting the error before I added those java options. Those java options were my 
attempt to resolve it. Ive also tried adding the godaddy ca certs to java's 
cacert file without those java options. Same result.

Shawn Beard
Sr. Systems Engineer
BTS
+1-515-564-2528

-Original Message-
From: calder 
Sent: Friday, June 26, 2020 11:45 AM
To: Tomcat Users List 
Subject: Re: SSL error [EXTERNAL]

** CAUTION: External message

In Fri, Jun 26, 2020, 10:37 Beard, Shawn M. 
wrote:

> We are running tomcat-7.0.52(old I know) and java 1.7.0_80.
>

yea, BOTH are very old.

When the app makes calls to an external webservice. It keeps throwing this
> error:
>
> javax.net.ssl.SSLException : javax.net.ssl.SSLException:
> java.lang.RuntimeException: Unexpected error:
> java.security.InvalidAlgorithmParameterException: the trustAnchors
> parameter must be non-empty
>
[1]

> I have this in the java options and have confirmed the proper CA certs
> for this webservice is in the truststore. Any ideas?
>
-Djavax.net.ssl.trustStore=/path/to/truststore/tomcatTrustStore.jks
> -Djavax.net.ssl.trustStorePassword=
> -Djavax.net.ssl.trustStoreType=jks
>

Did this runtime EVER work?

If yes, "what" changed?

[1]
https://urldefense.com/v3/__https://stackoverflow.com/questions/6784463/error-trustanchors-parameter-must-be-non-empty__;!!Li8W9_Um1Taa!uk48yx6ZQNHjmcqPmjBlJDFCcCWu6HMZu3OI_Yau1oJ4CBGoaFzI0pfKTaIrqOGk$
CONFIDENTIALITY NOTICE: This e-mail and the transmitted documents contain 
private, privileged and confidential information belonging to the sender. The 
information therein is solely for the use of the addressee. If your receipt of 
this transmission has occurred as the result of an error, please immediately 
notify us so we can arrange for the return of the documents. In such 
circumstances, you are advised that you may not disclose, copy, distribute or 
take any other action in reliance on the information transmitted.
B CB  [  
X  ܚX KK[XZ[  \ \  ][  X  ܚX P X ]  \X K ܙ B  ܈Y][ۘ[  [X[  
K[XZ[  \ \  Z[ X ]  \X K ܙ B

That error message comes from PKIXParameters.setTrustAnchors().  I was able to 
reproduce the problem with an empty trust store.  I also tried a trust store 
with the wrong certs but got a different error.

With -Djavax.net.debug=ssl, you should see output like this:

trustStore is: /path/to/trust.jks
trustStore type is: jks
trustStore provider is:
the last modified time is: Fri Jun 26 13:27:52 CDT 2020 Reload the trust store 
Reload trust certs Reloaded 1 trust certs adding as trusted cert:

Followed by a list of certs found in the store.

Is that what's happening in your case?

John

Т ХF  V 
7V'67&  R   â W6W'2 V 7V'67&  F  6B 6 R  Фf "FF F    6    G2 
R   â W6W'2ֆV  F  6B 6 R  Р

RE: SSL error [EXTERNAL]

2020-06-26 Thread John.E.Gregg

Shawn,

-Original Message-
From: Beard, Shawn M.  
Sent: Friday, June 26, 2020 11:57 AM
To: Tomcat Users List 
Subject: RE: SSL error [EXTERNAL]

The code is calling a new webservice. It has godaddy as its ca signer. It was 
getting the error before I added those java options. Those java options were my 
attempt to resolve it. Ive also tried adding the godaddy ca certs to java's 
cacert file without those java options. Same result.

Shawn Beard
Sr. Systems Engineer
BTS
+1-515-564-2528

-Original Message-
From: calder 
Sent: Friday, June 26, 2020 11:45 AM
To: Tomcat Users List 
Subject: Re: SSL error [EXTERNAL]

** CAUTION: External message

In Fri, Jun 26, 2020, 10:37 Beard, Shawn M. 
wrote:

> We are running tomcat-7.0.52(old I know) and java 1.7.0_80.
>

yea, BOTH are very old.

When the app makes calls to an external webservice. It keeps throwing this
> error:
>
> javax.net.ssl.SSLException : javax.net.ssl.SSLException:
> java.lang.RuntimeException: Unexpected error:
> java.security.InvalidAlgorithmParameterException: the trustAnchors 
> parameter must be non-empty
>
[1]

> I have this in the java options and have confirmed the proper CA certs 
> for this webservice is in the truststore. Any ideas?
>
-Djavax.net.ssl.trustStore=/path/to/truststore/tomcatTrustStore.jks
> -Djavax.net.ssl.trustStorePassword=
> -Djavax.net.ssl.trustStoreType=jks
>

Did this runtime EVER work?

If yes, "what" changed?

[1]
https://urldefense.com/v3/__https://stackoverflow.com/questions/6784463/error-trustanchors-parameter-must-be-non-empty__;!!Li8W9_Um1Taa!uk48yx6ZQNHjmcqPmjBlJDFCcCWu6HMZu3OI_Yau1oJ4CBGoaFzI0pfKTaIrqOGk$
CONFIDENTIALITY NOTICE: This e-mail and the transmitted documents contain 
private, privileged and confidential information belonging to the sender. The 
information therein is solely for the use of the addressee. If your receipt of 
this transmission has occurred as the result of an error, please immediately 
notify us so we can arrange for the return of the documents. In such 
circumstances, you are advised that you may not disclose, copy, distribute or 
take any other action in reliance on the information transmitted.
B CB  [  
X  ܚX KK[XZ[
 \ \  ][  X  ܚX P X ]
 \X K ܙ B  ܈Y][ۘ[  [X[  K[XZ[
 \ \  Z[ X ]
 \X K ܙ B 

That error message comes from PKIXParameters.setTrustAnchors().  I was able to 
reproduce the problem with an empty trust store.  I also tried a trust store 
with the wrong certs but got a different error.

With -Djavax.net.debug=ssl, you should see output like this:

trustStore is: /path/to/trust.jks
trustStore type is: jks
trustStore provider is: 
the last modified time is: Fri Jun 26 13:27:52 CDT 2020
Reload the trust store
Reload trust certs
Reloaded 1 trust certs
adding as trusted cert:

Followed by a list of certs found in the store.

Is that what's happening in your case?

John

RE: SSL error [EXTERNAL]

2020-06-26 Thread Beard, Shawn M.

The code is calling a new webservice. It has godaddy as its ca signer. It was 
getting the error before I added those java options. Those java options were my 
attempt to resolve it. Ive also tried adding the godaddy ca certs to java's 
cacert file without those java options. Same result.

Shawn Beard
Sr. Systems Engineer
BTS
+1-515-564-2528

-Original Message-
From: calder 
Sent: Friday, June 26, 2020 11:45 AM
To: Tomcat Users List 
Subject: Re: SSL error [EXTERNAL]

** CAUTION: External message

In Fri, Jun 26, 2020, 10:37 Beard, Shawn M. 
wrote:

> We are running tomcat-7.0.52(old I know) and java 1.7.0_80.
>

yea, BOTH are very old.

When the app makes calls to an external webservice. It keeps throwing this
> error:
>
> javax.net.ssl.SSLException : javax.net.ssl.SSLException:
> java.lang.RuntimeException: Unexpected error:
> java.security.InvalidAlgorithmParameterException: the trustAnchors
> parameter must be non-empty
>
[1]

> I have this in the java options and have confirmed the proper CA certs
> for this webservice is in the truststore. Any ideas?
>
-Djavax.net.ssl.trustStore=/path/to/truststore/tomcatTrustStore.jks
> -Djavax.net.ssl.trustStorePassword=
> -Djavax.net.ssl.trustStoreType=jks
>

Did this runtime EVER work?

If yes, "what" changed?

[1]
https://urldefense.com/v3/__https://stackoverflow.com/questions/6784463/error-trustanchors-parameter-must-be-non-empty__;!!Li8W9_Um1Taa!uk48yx6ZQNHjmcqPmjBlJDFCcCWu6HMZu3OI_Yau1oJ4CBGoaFzI0pfKTaIrqOGk$
CONFIDENTIALITY NOTICE: This e-mail and the transmitted documents contain 
private, privileged and confidential information belonging to the sender. The 
information therein is solely for the use of the addressee. If your receipt of 
this transmission has occurred as the result of an error, please immediately 
notify us so we can arrange for the return of the documents. In such 
circumstances, you are advised that you may not disclose, copy, distribute or 
take any other action in reliance on the information transmitted.

Re: SSL error

2020-06-26 Thread calder

In Fri, Jun 26, 2020, 10:37 Beard, Shawn M. 
wrote:

> We are running tomcat-7.0.52(old I know) and java 1.7.0_80.
>

yea, BOTH are very old.

When the app makes calls to an external webservice. It keeps throwing this
> error:
>
> javax.net.ssl.SSLException : javax.net.ssl.SSLException:
> java.lang.RuntimeException: Unexpected error:
> java.security.InvalidAlgorithmParameterException: the trustAnchors
> parameter must be non-empty
>
[1]

> I have this in the java options and have confirmed the proper CA certs for
> this webservice is in the truststore. Any ideas?
>
-Djavax.net.ssl.trustStore=/path/to/truststore/tomcatTrustStore.jks
> -Djavax.net.ssl.trustStorePassword=
> -Djavax.net.ssl.trustStoreType=jks
>

Did this runtime EVER work?

If yes, "what" changed?



[1]
https://stackoverflow.com/questions/6784463/error-trustanchors-parameter-must-be-non-empty

SSL error

2020-06-26 Thread Beard, Shawn M.

We are running tomcat-7.0.52(old I know) and java 1.7.0_80.  When the app makes 
calls to an external webservice. It keeps throwing this error:

javax.net.ssl.SSLException : javax.net.ssl.SSLException: 
java.lang.RuntimeException: Unexpected error: 
java.security.InvalidAlgorithmParameterException: the trustAnchors parameter 
must be non-empty

I have this in the java options and have confirmed the proper CA certs for this 
webservice is in the truststore. Any ideas?

-Djavax.net.ssl.trustStore=/path/to/truststore/tomcatTrustStore.jks 
-Djavax.net.ssl.trustStorePassword= -Djavax.net.ssl.trustStoreType=jks





Shawn Beard • Sr. Systems Engineer
Middleware Engineering

[cid:image75dd5a.PNG@4f1b1b38.44a2aecd]


 3840 109th Street Urbandale, IA 50322
 Phone: +1-515-564-2528
 Email: sbe...@wrberkley.com
 Website: 
berkleytechnologyservices.com

Technology Leadership Unleashing Business Potential



CONFIDENTIALITY NOTICE: This e-mail and the transmitted documents contain 
private, privileged and confidential information belonging to the sender. The 
information therein is solely for the use of the addressee. If your receipt of 
this transmission has occurred as the result of an error, please immediately 
notify us so we can arrange for the return of the documents. In such 
circumstances, you are advised that you may not disclose, copy, distribute or 
take any other action in reliance on the information transmitted.

Re: APR SSL error: Socket bind failed: [98] Address already in use

2011-11-21 Thread Pid *

On 21 Nov 2011, at 02:44, Eric Kemp cruisingat90...@gmail.com wrote:

 Below is my entire server.xml (minus commented lines)

 ?xml version='1.0' encoding='utf-8'?
 Server port=8005 shutdown=SecretCommand

 Listener
 className=org.apache.catalina.core.AprLifecycleListener
 SSLEngine=on /

 Listener
 className=org.apache.catalina.core.JasperListener /

 Listener
 className=org.apache.catalina.core.JreMemoryLeakPreventionListener /

 Listener
 className=org.apache.catalina.mbeans.ServerLifecycleListener /

 Listener
 className=org.apache.catalina.mbeans.GlobalResourcesLifecycleListener /

 GlobalNamingResources

  Resource name=UserDatabase auth=Container
  type=org.apache.catalina.UserDatabase
  description=User database that can be updated and saved
  factory=org.apache.catalina.users.MemoryUserDatabaseFactory
  pathname=conf/tomcat-users.xml /

 /GlobalNamingResources

 Service name=Catalina

  Connector
  port=8080
  protocol=HTTP/1.1
  connectionTimeout=2
  URIEncoding=UTF-8
  redirectPort=8443 /

  !-- Adding the connector below causes the Socket bind failed: [98]
 Address already in use error to appear in catalina.out... and https
 does not work. --

What happens if you use 8444 instead?


p

  Connector
  port=8443
  protocol=org.apache.coyote.http11.Http11AprProtocol
  maxThreads=150
  scheme=https
  secure=true
  clientAuth=false
  sslProtocol=TLS
  SSLEnabled=true
  SSLCertificateKeyFile=/etc/apache2/ssl/myDomain.com.key
  SSLCACertificateFile=/etc/apache2/ssl/myDomain.com.ca.crt /

  Engine name=Catalina defaultHost=localhost

   Realm
   className=org.apache.catalina.realm.UserDatabaseRealm
   resourceName=UserDatabase/

   Host
   name=localhost
   appBase=webapps
   unpackWARs=true
   autoDeploy=true
   xmlValidation=false
   xmlNamespaceAware=false
   /Host

  /Engine
 /Service
 /Server


 Thanks



 On Sun, Nov 20, 2011 at 4:18 PM, Caldarale, Charles R
 chuck.caldar...@unisys.com wrote:
 From: Eric Kemp [mailto:cruisingat90...@gmail.com]
 Subject: Re: APR SSL error: Socket bind failed: [98] Address already in 
 use

 Any other ideas would still be appreciated.

 As others have noted, the conflict is likely on some port other than 8443.  
 Post your entire server.xml, preferably with comments removed, so we can see 
 all of the ports declared there.

  - Chuck


 THIS COMMUNICATION MAY CONTAIN CONFIDENTIAL AND/OR OTHERWISE PROPRIETARY 
 MATERIAL and is thus for use only by the intended recipient. If you received 
 this in error, please contact the sender and delete the e-mail and its 
 attachments from all computers.


 -
 To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
 For additional commands, e-mail: users-h...@tomcat.apache.org



 -
 To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
 For additional commands, e-mail: users-h...@tomcat.apache.org


-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org

Re: APR SSL error: Socket bind failed: [98] Address already in use

2011-11-21 Thread Konstantin Kolinko

2011/11/21 Eric Kemp cruisingat90...@gmail.com:
 Below is my entire server.xml (minus commented lines)


Good to know.

Can you post the logs? (catalina.date.log file). Clear them first
then try starting Tomcat.

Best regards,
Konstantin Kolinko

-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org

Re: APR SSL error: Socket bind failed: [98] Address already in use

2011-11-21 Thread Jeremy

I understand you want to use APR, but just for troubleshooting purposes,
try using the same server.xml but changing the SSL connector from

protocol=org.apache.coyote.http11.Http11AprProtocol

to

protocol=org.apache.coyote.http11.Http11NioProtocol

If that works, then your problem is with APR, most likely with the
installation rather than a bug in APR itself.  I'd try recompiling APR (and
installing the recompiled version).

=Jeremy=

On Sun, Nov 20, 2011 at 6:44 PM, Eric Kemp cruisingat90...@gmail.comwrote:

 Below is my entire server.xml (minus commented lines)

 ?xml version='1.0' encoding='utf-8'?
 Server port=8005 shutdown=SecretCommand

  Listener
  className=org.apache.catalina.core.AprLifecycleListener
  SSLEngine=on /


[snip]


  Service name=Catalina

  Connector
  port=8080
  protocol=HTTP/1.1
  connectionTimeout=2
  URIEncoding=UTF-8
  redirectPort=8443 /

  !-- Adding the connector below causes the Socket bind failed: [98]
 Address already in use error to appear in catalina.out... and https
 does not work. --
   Connector
  port=8443
  protocol=org.apache.coyote.http11.Http11AprProtocol
  maxThreads=150
  scheme=https
  secure=true
  clientAuth=false
  sslProtocol=TLS
  SSLEnabled=true
   SSLCertificateKeyFile=/etc/apache2/ssl/myDomain.com.key
  SSLCACertificateFile=/etc/apache2/ssl/myDomain.com.ca.crt /

  Engine name=Catalina defaultHost=localhost

   Realm
   className=org.apache.catalina.realm.UserDatabaseRealm
   resourceName=UserDatabase/

   Host
   name=localhost
   appBase=webapps
   unpackWARs=true
   autoDeploy=true
   xmlValidation=false
   xmlNamespaceAware=false
   /Host

  /Engine
  /Service
 /Server


 Thanks

Re: APR SSL error: Socket bind failed: [98] Address already in use

2011-11-21 Thread Eric Kemp

Problem resolved!  Thanks so much for all the helpful hints.  I had
been going to the end of the catalina.out file and seeing this error
message in the last ~60 lines of text, and thought it represented the
latest restart errors.  What I failed to notice, was that there WERE
previous errors above the clean looking lines.  They indicated
tomcat was unable to read the certificate files.  A quick chmod
fixed that, and now SSL works.  Clear them first was what got me to
see what I had been missing.  Thanks again.


On Mon, Nov 21, 2011 at 5:54 AM, Konstantin Kolinko
knst.koli...@gmail.com wrote:
 2011/11/21 Eric Kemp cruisingat90...@gmail.com:
 Below is my entire server.xml (minus commented lines)


 Good to know.

 Can you post the logs? (catalina.date.log file). Clear them first
 then try starting Tomcat.

 Best regards,
 Konstantin Kolinko

 -
 To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
 For additional commands, e-mail: users-h...@tomcat.apache.org



-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org

Re: APR SSL error: Socket bind failed: [98] Address already in use

2011-11-20 Thread Pid *

On 19 Nov 2011, at 18:44, Eric Kemp cruisingat90...@gmail.com wrote:

 Summary: I'm looking for ideas on how to resolve this Address already
 in use error when configuring SSL in Tomcat APR.

 Environment:
 Running Apache Tomcat/6.0.24
 on OS is Ubuntu 10.04.2 LTS
 with JVM 1.7.0_01-b08

 //
 // Prior to configuring SSL, and after starting Tomcat I run netstat
 -tulpn and see that port 8443 is not used:
 //
 Active Internet connections (only servers)
 Proto Recv-Q Send-Q Local Address   Foreign Address
 State   PID/Program name
 tcp0  0 127.0.0.1:3306  0.0.0.0:*
 LISTEN  29002/mysqld
 tcp0  0 0.0.0.0:22  0.0.0.0:*
 LISTEN  2136/sshd
 tcp6   0  0 127.0.0.1:8005  :::*
 LISTEN  12796/java
 tcp6   0  0 :::8080 :::*
 LISTEN  12796/java
 tcp6   0  0 :::22   :::*
 LISTEN  2136/sshd
 udp0  0 0.0.0.0:68  0.0.0.0:*
 2087/dhclient3

 //
 // I stop Tomcat, and add the following to my server.xml file:
 //
 Listener className=org.apache.catalina.core.AprLifecycleListener
 SSLEngine=on /
 Connector port=8443
   protocol=org.apache.coyote.http11.Http11AprProtocol
   maxThreads=150
   scheme=https
   secure=true
   clientAuth=false
   sslProtocol=TLS
   SSLEnabled=true
   SSLCertificateKeyFile=/etc/apache2/ssl/myUniqueDomain.com.key
   SSLCACertificateFile=/etc/apache2/ssl/myUniqueDomain.com.ca.crt /

 //
 // I restart Tomcat, and see the following in the catalina.out file:

How are you start/stop/restarting Tomcat - bin/script or service?

After calling stop, are you sure Tomcat has actually stopped?


p



 //
 SEVERE: Error starting endpoint
 java.lang.Exception: Socket bind failed: [98] Address already in use
at org.apache.tomcat.util.net.AprEndpoint.init(AprEndpoint.java:646)
at org.apache.tomcat.util.net.AprEndpoint.start(AprEndpoint.java:753)
at 
 org.apache.coyote.http11.Http11AprProtocol.start(Http11AprProtocol.java:137)
at org.apache.catalina.connector.Connector.start(Connector.java:1080)
at 
 org.apache.catalina.core.StandardService.start(StandardService.java:531)
at 
 org.apache.catalina.core.StandardServer.start(StandardServer.java:710)
at org.apache.catalina.startup.Catalina.start(Catalina.java:593)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at 
 sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:57)
at 
 sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
at java.lang.reflect.Method.invoke(Method.java:601)
at org.apache.catalina.startup.Bootstrap.start(Bootstrap.java:289)
at org.apache.catalina.startup.Bootstrap.main(Bootstrap.java:414)

 Nov 19, 2011 11:35:19 AM org.apache.catalina.startup.Catalina start
 SEVERE: Catalina.start:
 LifecycleException:  service.getName(): Catalina;  Protocol handler
 start failed: java.lang.Exception: Socket bind failed: [98] Address
 already in use
at org.apache.catalina.connector.Connector.start(Connector.java:1087)
at 
 org.apache.catalina.core.StandardService.start(StandardService.java:531)
at 
 org.apache.catalina.core.StandardServer.start(StandardServer.java:710)
at org.apache.catalina.startup.Catalina.start(Catalina.java:593)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at 
 sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:57)
at 
 sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
at java.lang.reflect.Method.invoke(Method.java:601)
at org.apache.catalina.startup.Bootstrap.start(Bootstrap.java:289)
at org.apache.catalina.startup.Bootstrap.main(Bootstrap.java:414)

 //
 // Running netstat -tulpn I see that port 8443 is now being used:
 //
 Active Internet connections (only servers)
 Proto Recv-Q Send-Q Local Address   Foreign Address
 State   PID/Program name
 tcp0  0 127.0.0.1:3306  0.0.0.0:*
 LISTEN  29002/mysqld
 tcp0  0 0.0.0.0:22  0.0.0.0:*
 LISTEN  2136/sshd
 tcp6   0  0 127.0.0.1:8005  :::*
 LISTEN  10696/java
 tcp6   0  0 :::8080 :::*
 LISTEN  10696/java
 tcp6   0  0 :::22   :::*
 LISTEN  2136/sshd
 tcp6   0  0 :::8443 :::*
 LISTEN  10696/java
 udp0  0 0.0.0.0:68  0.0.0.0:*
 2087/dhclient3

 If I change Connector port=8443 to Connector port=8445, I get
 the same error message, and netstat -tulpn shows:
 tcp6   0  0 :::8445 :::*
 LISTEN  10696/java

 I have also tried adding the following to my server.xml as an
 attribute to Connector  and still get the same error:

Re: APR SSL error: Socket bind failed: [98] Address already in use

2011-11-20 Thread Igor Cicimov

Isnt 8005 shutdown port for tomcat? I can see sshd bound to that port
already.
On Nov 20, 2011 6:33 PM, Konstantin Kolinko knst.koli...@gmail.com
wrote:

 2011/11/19 Eric Kemp cruisingat90...@gmail.com:
  Summary: I'm looking for ideas on how to resolve this Address already
  in use error when configuring SSL in Tomcat APR.
 
  Environment:
   Running Apache Tomcat/6.0.24

 That one is old. Maybe you can upgrade to 6.0.33?

   on OS is Ubuntu 10.04.2 LTS
   with JVM 1.7.0_01-b08

 There were severe issues with 1.7.0, such as Loop unroll optimization
 causes incorrect result. I do not know whether all of them are fixed
 in 7u1.
 http://tomcat.markmail.org/thread/oghpdg2whkrpnk7w

 Anyway, maybe you can try running with Java 6?

  //
  // I restart Tomcat, and see the following in the catalina.out file:
  //
  SEVERE: Error starting endpoint
  java.lang.Exception: Socket bind failed: [98] Address already in use
 at
 org.apache.tomcat.util.net.AprEndpoint.init(AprEndpoint.java:646)
 at
 org.apache.tomcat.util.net.AprEndpoint.start(AprEndpoint.java:753)
 at
 org.apache.coyote.http11.Http11AprProtocol.start(Http11AprProtocol.java:137)
 at
 org.apache.catalina.connector.Connector.start(Connector.java:1080)
 at
 org.apache.catalina.core.StandardService.start(StandardService.java:531)
 at
 org.apache.catalina.core.StandardServer.start(StandardServer.java:710)
 at org.apache.catalina.startup.Catalina.start(Catalina.java:593)
 at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
 at
 sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:57)
 at
 sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
 at java.lang.reflect.Method.invoke(Method.java:601)
 at org.apache.catalina.startup.Bootstrap.start(Bootstrap.java:289)
 at org.apache.catalina.startup.Bootstrap.main(Bootstrap.java:414)

 What INFO messages are before this one?
 Maybe you can post your entire server.xml (without comments and passwords)?


 Best regards,
 Konstantin Kolinko

 -
 To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
 For additional commands, e-mail: users-h...@tomcat.apache.org

Re: APR SSL error: Socket bind failed: [98] Address already in use

2011-11-20 Thread Pid *

On 20 Nov 2011, at 12:49, Igor Cicimov icici...@gmail.com wrote:

 Isnt 8005 shutdown port for tomcat? I can see sshd bound to that port
 already.

I think that's the line above...
There is a java process holding 8005


 On Nov 20, 2011 6:33 PM, Konstantin Kolinko knst.koli...@gmail.com
 wrote:

 2011/11/19 Eric Kemp cruisingat90...@gmail.com:
 Summary: I'm looking for ideas on how to resolve this Address already
 in use error when configuring SSL in Tomcat APR.

 Environment:
 Running Apache Tomcat/6.0.24

 That one is old. Maybe you can upgrade to 6.0.33?

 on OS is Ubuntu 10.04.2 LTS
 with JVM 1.7.0_01-b08

 There were severe issues with 1.7.0, such as Loop unroll optimization
 causes incorrect result. I do not know whether all of them are fixed
 in 7u1.
 http://tomcat.markmail.org/thread/oghpdg2whkrpnk7w

 Anyway, maybe you can try running with Java 6?

 //
 // I restart Tomcat, and see the following in the catalina.out file:
 //
 SEVERE: Error starting endpoint
 java.lang.Exception: Socket bind failed: [98] Address already in use
   at
 org.apache.tomcat.util.net.AprEndpoint.init(AprEndpoint.java:646)
   at
 org.apache.tomcat.util.net.AprEndpoint.start(AprEndpoint.java:753)
   at
 org.apache.coyote.http11.Http11AprProtocol.start(Http11AprProtocol.java:137)
   at
 org.apache.catalina.connector.Connector.start(Connector.java:1080)
   at
 org.apache.catalina.core.StandardService.start(StandardService.java:531)
   at
 org.apache.catalina.core.StandardServer.start(StandardServer.java:710)
   at org.apache.catalina.startup.Catalina.start(Catalina.java:593)
   at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
   at
 sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:57)
   at
 sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
   at java.lang.reflect.Method.invoke(Method.java:601)
   at org.apache.catalina.startup.Bootstrap.start(Bootstrap.java:289)
   at org.apache.catalina.startup.Bootstrap.main(Bootstrap.java:414)

 What INFO messages are before this one?
 Maybe you can post your entire server.xml (without comments and passwords)?


 Best regards,
 Konstantin Kolinko

 -
 To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
 For additional commands, e-mail: users-h...@tomcat.apache.org



-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org

Re: APR SSL error: Socket bind failed: [98] Address already in use

2011-11-20 Thread Eric Kemp

Changing from jdk1.7.0_01 to 1.6.0_20 still results in the same error.

I use the following commands to stop and start Tomcat:
sudo /etc/init.d/tomcat6 stop
sudo /etc/init.d/tomcat6 start

I have verified that the Tomcat process DOES shut down when initiating
a stop command via ps -ef | grep java only showing the current
grep command.

Ubuntu's apt-get put me at this current level (of Tomcat 6.0.24 and
APR from 1.1.19-1) which I assumed would be fine.  I'll see about
trying to upgrade to Tomcat 6.0.33 and possibly APR 1.1.20-1.

Any other ideas would still be appreciated.

Thanks


On Sun, Nov 20, 2011 at 5:09 AM, Pid * p...@pidster.com wrote:
 On 19 Nov 2011, at 18:44, Eric Kemp cruisingat90...@gmail.com wrote:

 Summary: I'm looking for ideas on how to resolve this Address already
 in use error when configuring SSL in Tomcat APR.

 Environment:
 Running Apache Tomcat/6.0.24
 on OS is Ubuntu 10.04.2 LTS
 with JVM 1.7.0_01-b08

 //
 // Prior to configuring SSL, and after starting Tomcat I run netstat
 -tulpn and see that port 8443 is not used:
 //
 Active Internet connections (only servers)
 Proto Recv-Q Send-Q Local Address           Foreign Address
 State       PID/Program name
 tcp        0      0 127.0.0.1:3306          0.0.0.0:*
 LISTEN      29002/mysqld
 tcp        0      0 0.0.0.0:22              0.0.0.0:*
 LISTEN      2136/sshd
 tcp6       0      0 127.0.0.1:8005          :::*
 LISTEN      12796/java
 tcp6       0      0 :::8080                 :::*
 LISTEN      12796/java
 tcp6       0      0 :::22                   :::*
 LISTEN      2136/sshd
 udp        0      0 0.0.0.0:68              0.0.0.0:*
         2087/dhclient3

 //
 // I stop Tomcat, and add the following to my server.xml file:
 //
 Listener className=org.apache.catalina.core.AprLifecycleListener
 SSLEngine=on /
 Connector port=8443
           protocol=org.apache.coyote.http11.Http11AprProtocol
           maxThreads=150
           scheme=https
           secure=true
           clientAuth=false
           sslProtocol=TLS
           SSLEnabled=true
           SSLCertificateKeyFile=/etc/apache2/ssl/myUniqueDomain.com.key
           SSLCACertificateFile=/etc/apache2/ssl/myUniqueDomain.com.ca.crt 
 /

 //
 // I restart Tomcat, and see the following in the catalina.out file:

 How are you start/stop/restarting Tomcat - bin/script or service?

 After calling stop, are you sure Tomcat has actually stopped?


 p



 //
 SEVERE: Error starting endpoint
 java.lang.Exception: Socket bind failed: [98] Address already in use
        at org.apache.tomcat.util.net.AprEndpoint.init(AprEndpoint.java:646)
        at org.apache.tomcat.util.net.AprEndpoint.start(AprEndpoint.java:753)
        at 
 org.apache.coyote.http11.Http11AprProtocol.start(Http11AprProtocol.java:137)
        at org.apache.catalina.connector.Connector.start(Connector.java:1080)
        at 
 org.apache.catalina.core.StandardService.start(StandardService.java:531)
        at 
 org.apache.catalina.core.StandardServer.start(StandardServer.java:710)
        at org.apache.catalina.startup.Catalina.start(Catalina.java:593)
        at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
        at 
 sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:57)
        at 
 sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
        at java.lang.reflect.Method.invoke(Method.java:601)
        at org.apache.catalina.startup.Bootstrap.start(Bootstrap.java:289)
        at org.apache.catalina.startup.Bootstrap.main(Bootstrap.java:414)

 Nov 19, 2011 11:35:19 AM org.apache.catalina.startup.Catalina start
 SEVERE: Catalina.start:
 LifecycleException:  service.getName(): Catalina;  Protocol handler
 start failed: java.lang.Exception: Socket bind failed: [98] Address
 already in use
        at org.apache.catalina.connector.Connector.start(Connector.java:1087)
        at 
 org.apache.catalina.core.StandardService.start(StandardService.java:531)
        at 
 org.apache.catalina.core.StandardServer.start(StandardServer.java:710)
        at org.apache.catalina.startup.Catalina.start(Catalina.java:593)
        at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
        at 
 sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:57)
        at 
 sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
        at java.lang.reflect.Method.invoke(Method.java:601)
        at org.apache.catalina.startup.Bootstrap.start(Bootstrap.java:289)
        at org.apache.catalina.startup.Bootstrap.main(Bootstrap.java:414)

 //
 // Running netstat -tulpn I see that port 8443 is now being used:
 //
 Active Internet connections (only servers)
 Proto Recv-Q Send-Q Local Address           Foreign Address
 State       PID/Program name
 tcp        0      0 127.0.0.1:3306          0.0.0.0:*
 LISTEN      29002/mysqld
 tcp        0      0 0.0.0.0:22              0.0.0.0:*
 LISTEN      2136/sshd
 tcp6       0      0

RE: APR SSL error: Socket bind failed: [98] Address already in use

2011-11-20 Thread Caldarale, Charles R

 From: Eric Kemp [mailto:cruisingat90...@gmail.com] 
 Subject: Re: APR SSL error: Socket bind failed: [98] Address already in use

 Any other ideas would still be appreciated.

As others have noted, the conflict is likely on some port other than 8443.  
Post your entire server.xml, preferably with comments removed, so we can see 
all of the ports declared there.

 - Chuck

THIS COMMUNICATION MAY CONTAIN CONFIDENTIAL AND/OR OTHERWISE PROPRIETARY 
MATERIAL and is thus for use only by the intended recipient. If you received 
this in error, please contact the sender and delete the e-mail and its 
attachments from all computers.

-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org

Re: APR SSL error: Socket bind failed: [98] Address already in use

2011-11-20 Thread Eric Kemp

Below is my entire server.xml (minus commented lines)

?xml version='1.0' encoding='utf-8'?
Server port=8005 shutdown=SecretCommand

 Listener
 className=org.apache.catalina.core.AprLifecycleListener
 SSLEngine=on /

 Listener
 className=org.apache.catalina.core.JasperListener /

 Listener
 className=org.apache.catalina.core.JreMemoryLeakPreventionListener /

 Listener
 className=org.apache.catalina.mbeans.ServerLifecycleListener /

 Listener
 className=org.apache.catalina.mbeans.GlobalResourcesLifecycleListener /

 GlobalNamingResources

  Resource name=UserDatabase auth=Container
  type=org.apache.catalina.UserDatabase
  description=User database that can be updated and saved
  factory=org.apache.catalina.users.MemoryUserDatabaseFactory
  pathname=conf/tomcat-users.xml /

 /GlobalNamingResources

 Service name=Catalina

  Connector
  port=8080
  protocol=HTTP/1.1
  connectionTimeout=2
  URIEncoding=UTF-8
  redirectPort=8443 /

  !-- Adding the connector below causes the Socket bind failed: [98]
Address already in use error to appear in catalina.out... and https
does not work. --
  Connector
  port=8443
  protocol=org.apache.coyote.http11.Http11AprProtocol
  maxThreads=150
  scheme=https
  secure=true
  clientAuth=false
  sslProtocol=TLS
  SSLEnabled=true
  SSLCertificateKeyFile=/etc/apache2/ssl/myDomain.com.key
  SSLCACertificateFile=/etc/apache2/ssl/myDomain.com.ca.crt /

  Engine name=Catalina defaultHost=localhost

   Realm
   className=org.apache.catalina.realm.UserDatabaseRealm
   resourceName=UserDatabase/

   Host
   name=localhost
   appBase=webapps
   unpackWARs=true
   autoDeploy=true
   xmlValidation=false
   xmlNamespaceAware=false
   /Host

  /Engine
 /Service
/Server


Thanks



On Sun, Nov 20, 2011 at 4:18 PM, Caldarale, Charles R
chuck.caldar...@unisys.com wrote:
 From: Eric Kemp [mailto:cruisingat90...@gmail.com]
 Subject: Re: APR SSL error: Socket bind failed: [98] Address already in use

 Any other ideas would still be appreciated.

 As others have noted, the conflict is likely on some port other than 8443.  
 Post your entire server.xml, preferably with comments removed, so we can see 
 all of the ports declared there.

  - Chuck


 THIS COMMUNICATION MAY CONTAIN CONFIDENTIAL AND/OR OTHERWISE PROPRIETARY 
 MATERIAL and is thus for use only by the intended recipient. If you received 
 this in error, please contact the sender and delete the e-mail and its 
 attachments from all computers.


 -
 To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
 For additional commands, e-mail: users-h...@tomcat.apache.org



-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org

APR SSL error: Socket bind failed: [98] Address already in use

2011-11-19 Thread Eric Kemp

Summary: I'm looking for ideas on how to resolve this Address already
in use error when configuring SSL in Tomcat APR.

Environment:
 Running Apache Tomcat/6.0.24
 on OS is Ubuntu 10.04.2 LTS
 with JVM 1.7.0_01-b08

//
// Prior to configuring SSL, and after starting Tomcat I run netstat
-tulpn and see that port 8443 is not used:
//
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address   Foreign Address
State   PID/Program name
tcp0  0 127.0.0.1:3306  0.0.0.0:*
LISTEN  29002/mysqld
tcp0  0 0.0.0.0:22  0.0.0.0:*
LISTEN  2136/sshd
tcp6   0  0 127.0.0.1:8005  :::*
LISTEN  12796/java
tcp6   0  0 :::8080 :::*
LISTEN  12796/java
tcp6   0  0 :::22   :::*
LISTEN  2136/sshd
udp0  0 0.0.0.0:68  0.0.0.0:*
 2087/dhclient3

//
// I stop Tomcat, and add the following to my server.xml file:
//
Listener className=org.apache.catalina.core.AprLifecycleListener
SSLEngine=on /
Connector port=8443
   protocol=org.apache.coyote.http11.Http11AprProtocol
   maxThreads=150
   scheme=https
   secure=true
   clientAuth=false
   sslProtocol=TLS
   SSLEnabled=true
   SSLCertificateKeyFile=/etc/apache2/ssl/myUniqueDomain.com.key
   SSLCACertificateFile=/etc/apache2/ssl/myUniqueDomain.com.ca.crt /

//
// I restart Tomcat, and see the following in the catalina.out file:
//
SEVERE: Error starting endpoint
java.lang.Exception: Socket bind failed: [98] Address already in use
at org.apache.tomcat.util.net.AprEndpoint.init(AprEndpoint.java:646)
at org.apache.tomcat.util.net.AprEndpoint.start(AprEndpoint.java:753)
at 
org.apache.coyote.http11.Http11AprProtocol.start(Http11AprProtocol.java:137)
at org.apache.catalina.connector.Connector.start(Connector.java:1080)
at 
org.apache.catalina.core.StandardService.start(StandardService.java:531)
at 
org.apache.catalina.core.StandardServer.start(StandardServer.java:710)
at org.apache.catalina.startup.Catalina.start(Catalina.java:593)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at 
sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:57)
at 
sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
at java.lang.reflect.Method.invoke(Method.java:601)
at org.apache.catalina.startup.Bootstrap.start(Bootstrap.java:289)
at org.apache.catalina.startup.Bootstrap.main(Bootstrap.java:414)

Nov 19, 2011 11:35:19 AM org.apache.catalina.startup.Catalina start
SEVERE: Catalina.start:
LifecycleException:  service.getName(): Catalina;  Protocol handler
start failed: java.lang.Exception: Socket bind failed: [98] Address
already in use
at org.apache.catalina.connector.Connector.start(Connector.java:1087)
at 
org.apache.catalina.core.StandardService.start(StandardService.java:531)
at 
org.apache.catalina.core.StandardServer.start(StandardServer.java:710)
at org.apache.catalina.startup.Catalina.start(Catalina.java:593)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at 
sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:57)
at 
sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
at java.lang.reflect.Method.invoke(Method.java:601)
at org.apache.catalina.startup.Bootstrap.start(Bootstrap.java:289)
at org.apache.catalina.startup.Bootstrap.main(Bootstrap.java:414)

//
// Running netstat -tulpn I see that port 8443 is now being used:
//
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address   Foreign Address
State   PID/Program name
tcp0  0 127.0.0.1:3306  0.0.0.0:*
LISTEN  29002/mysqld
tcp0  0 0.0.0.0:22  0.0.0.0:*
LISTEN  2136/sshd
tcp6   0  0 127.0.0.1:8005  :::*
LISTEN  10696/java
tcp6   0  0 :::8080 :::*
LISTEN  10696/java
tcp6   0  0 :::22   :::*
LISTEN  2136/sshd
tcp6   0  0 :::8443 :::*
LISTEN  10696/java
udp0  0 0.0.0.0:68  0.0.0.0:*
 2087/dhclient3

If I change Connector port=8443 to Connector port=8445, I get
the same error message, and netstat -tulpn shows:
tcp6   0  0 :::8445 :::*
LISTEN  10696/java

I have also tried adding the following to my server.xml as an
attribute to Connector  and still get the same error:
SSLCertificateFile=/etc/apache2/ssl/domain.com.crt

It appears as if adding a single connector for port 8443 in server.xml
is causing two to attempt to load, thus resulting in a conflict. I've
been searching and reading for two days, looking for ideas on how I
could take this

Re: APR SSL error: Socket bind failed: [98] Address already in use

2011-11-19 Thread Talal Rabaa

Looks like you have another service (not necessarily Tomcat) running on port 98.

On 2011-11-19, at 1:44 PM, Eric Kemp wrote:

 Summary: I'm looking for ideas on how to resolve this Address already
 in use error when configuring SSL in Tomcat APR.
 
 Environment:
 Running Apache Tomcat/6.0.24
 on OS is Ubuntu 10.04.2 LTS
 with JVM 1.7.0_01-b08
 
 //
 // Prior to configuring SSL, and after starting Tomcat I run netstat
 -tulpn and see that port 8443 is not used:
 //
 Active Internet connections (only servers)
 Proto Recv-Q Send-Q Local Address   Foreign Address
 State   PID/Program name
 tcp0  0 127.0.0.1:3306  0.0.0.0:*
 LISTEN  29002/mysqld
 tcp0  0 0.0.0.0:22  0.0.0.0:*
 LISTEN  2136/sshd
 tcp6   0  0 127.0.0.1:8005  :::*
 LISTEN  12796/java
 tcp6   0  0 :::8080 :::*
 LISTEN  12796/java
 tcp6   0  0 :::22   :::*
 LISTEN  2136/sshd
 udp0  0 0.0.0.0:68  0.0.0.0:*
 2087/dhclient3
 
 //
 // I stop Tomcat, and add the following to my server.xml file:
 //
 Listener className=org.apache.catalina.core.AprLifecycleListener
 SSLEngine=on /
 Connector port=8443
   protocol=org.apache.coyote.http11.Http11AprProtocol
   maxThreads=150
   scheme=https
   secure=true
   clientAuth=false
   sslProtocol=TLS
   SSLEnabled=true
   SSLCertificateKeyFile=/etc/apache2/ssl/myUniqueDomain.com.key
   SSLCACertificateFile=/etc/apache2/ssl/myUniqueDomain.com.ca.crt /
 
 //
 // I restart Tomcat, and see the following in the catalina.out file:
 //
 SEVERE: Error starting endpoint
 java.lang.Exception: Socket bind failed: [98] Address already in use
at org.apache.tomcat.util.net.AprEndpoint.init(AprEndpoint.java:646)
at org.apache.tomcat.util.net.AprEndpoint.start(AprEndpoint.java:753)
at 
 org.apache.coyote.http11.Http11AprProtocol.start(Http11AprProtocol.java:137)
at org.apache.catalina.connector.Connector.start(Connector.java:1080)
at 
 org.apache.catalina.core.StandardService.start(StandardService.java:531)
at 
 org.apache.catalina.core.StandardServer.start(StandardServer.java:710)
at org.apache.catalina.startup.Catalina.start(Catalina.java:593)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at 
 sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:57)
at 
 sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
at java.lang.reflect.Method.invoke(Method.java:601)
at org.apache.catalina.startup.Bootstrap.start(Bootstrap.java:289)
at org.apache.catalina.startup.Bootstrap.main(Bootstrap.java:414)
 
 Nov 19, 2011 11:35:19 AM org.apache.catalina.startup.Catalina start
 SEVERE: Catalina.start:
 LifecycleException:  service.getName(): Catalina;  Protocol handler
 start failed: java.lang.Exception: Socket bind failed: [98] Address
 already in use
at org.apache.catalina.connector.Connector.start(Connector.java:1087)
at 
 org.apache.catalina.core.StandardService.start(StandardService.java:531)
at 
 org.apache.catalina.core.StandardServer.start(StandardServer.java:710)
at org.apache.catalina.startup.Catalina.start(Catalina.java:593)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at 
 sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:57)
at 
 sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
at java.lang.reflect.Method.invoke(Method.java:601)
at org.apache.catalina.startup.Bootstrap.start(Bootstrap.java:289)
at org.apache.catalina.startup.Bootstrap.main(Bootstrap.java:414)
 
 //
 // Running netstat -tulpn I see that port 8443 is now being used:
 //
 Active Internet connections (only servers)
 Proto Recv-Q Send-Q Local Address   Foreign Address
 State   PID/Program name
 tcp0  0 127.0.0.1:3306  0.0.0.0:*
 LISTEN  29002/mysqld
 tcp0  0 0.0.0.0:22  0.0.0.0:*
 LISTEN  2136/sshd
 tcp6   0  0 127.0.0.1:8005  :::*
 LISTEN  10696/java
 tcp6   0  0 :::8080 :::*
 LISTEN  10696/java
 tcp6   0  0 :::22   :::*
 LISTEN  2136/sshd
 tcp6   0  0 :::8443 :::*
 LISTEN  10696/java
 udp0  0 0.0.0.0:68  0.0.0.0:*
 2087/dhclient3
 
 If I change Connector port=8443 to Connector port=8445, I get
 the same error message, and netstat -tulpn shows:
 tcp6   0  0 :::8445 :::*
 LISTEN  10696/java
 
 I have also tried adding the following to my server.xml as an
 attribute to Connector  and still get the same error:
 SSLCertificateFile=/etc/apache2/ssl/domain.com.crt
 
 It appears as if

Re: APR SSL error: Socket bind failed: [98] Address already in use

2011-11-19 Thread Eric Kemp

I've seen several places where people say [98] is the error message
number - not the port number.  Also, I'm not doing anything with port
98.

Thanks


On Sat, Nov 19, 2011 at 8:03 PM, Talal Rabaa ara...@gmail.com wrote:
 Looks like you have another service (not necessarily Tomcat) running on port 
 98.

 On 2011-11-19, at 1:44 PM, Eric Kemp wrote:

 Summary: I'm looking for ideas on how to resolve this Address already
 in use error when configuring SSL in Tomcat APR.

 Environment:
 Running Apache Tomcat/6.0.24
 on OS is Ubuntu 10.04.2 LTS
 with JVM 1.7.0_01-b08

 //
 // Prior to configuring SSL, and after starting Tomcat I run netstat
 -tulpn and see that port 8443 is not used:
 //
 Active Internet connections (only servers)
 Proto Recv-Q Send-Q Local Address           Foreign Address
 State       PID/Program name
 tcp        0      0 127.0.0.1:3306          0.0.0.0:*
 LISTEN      29002/mysqld
 tcp        0      0 0.0.0.0:22              0.0.0.0:*
 LISTEN      2136/sshd
 tcp6       0      0 127.0.0.1:8005          :::*
 LISTEN      12796/java
 tcp6       0      0 :::8080                 :::*
 LISTEN      12796/java
 tcp6       0      0 :::22                   :::*
 LISTEN      2136/sshd
 udp        0      0 0.0.0.0:68              0.0.0.0:*
         2087/dhclient3

 //
 // I stop Tomcat, and add the following to my server.xml file:
 //
 Listener className=org.apache.catalina.core.AprLifecycleListener
 SSLEngine=on /
 Connector port=8443
           protocol=org.apache.coyote.http11.Http11AprProtocol
           maxThreads=150
           scheme=https
           secure=true
           clientAuth=false
           sslProtocol=TLS
           SSLEnabled=true
           SSLCertificateKeyFile=/etc/apache2/ssl/myUniqueDomain.com.key
           SSLCACertificateFile=/etc/apache2/ssl/myUniqueDomain.com.ca.crt 
 /

 //
 // I restart Tomcat, and see the following in the catalina.out file:
 //
 SEVERE: Error starting endpoint
 java.lang.Exception: Socket bind failed: [98] Address already in use
        at org.apache.tomcat.util.net.AprEndpoint.init(AprEndpoint.java:646)
        at org.apache.tomcat.util.net.AprEndpoint.start(AprEndpoint.java:753)
        at 
 org.apache.coyote.http11.Http11AprProtocol.start(Http11AprProtocol.java:137)
        at org.apache.catalina.connector.Connector.start(Connector.java:1080)
        at 
 org.apache.catalina.core.StandardService.start(StandardService.java:531)
        at 
 org.apache.catalina.core.StandardServer.start(StandardServer.java:710)
        at org.apache.catalina.startup.Catalina.start(Catalina.java:593)
        at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
        at 
 sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:57)
        at 
 sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
        at java.lang.reflect.Method.invoke(Method.java:601)
        at org.apache.catalina.startup.Bootstrap.start(Bootstrap.java:289)
        at org.apache.catalina.startup.Bootstrap.main(Bootstrap.java:414)

 Nov 19, 2011 11:35:19 AM org.apache.catalina.startup.Catalina start
 SEVERE: Catalina.start:
 LifecycleException:  service.getName(): Catalina;  Protocol handler
 start failed: java.lang.Exception: Socket bind failed: [98] Address
 already in use
        at org.apache.catalina.connector.Connector.start(Connector.java:1087)
        at 
 org.apache.catalina.core.StandardService.start(StandardService.java:531)
        at 
 org.apache.catalina.core.StandardServer.start(StandardServer.java:710)
        at org.apache.catalina.startup.Catalina.start(Catalina.java:593)
        at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
        at 
 sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:57)
        at 
 sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
        at java.lang.reflect.Method.invoke(Method.java:601)
        at org.apache.catalina.startup.Bootstrap.start(Bootstrap.java:289)
        at org.apache.catalina.startup.Bootstrap.main(Bootstrap.java:414)

 //
 // Running netstat -tulpn I see that port 8443 is now being used:
 //
 Active Internet connections (only servers)
 Proto Recv-Q Send-Q Local Address           Foreign Address
 State       PID/Program name
 tcp        0      0 127.0.0.1:3306          0.0.0.0:*
 LISTEN      29002/mysqld
 tcp        0      0 0.0.0.0:22              0.0.0.0:*
 LISTEN      2136/sshd
 tcp6       0      0 127.0.0.1:8005          :::*
 LISTEN      10696/java
 tcp6       0      0 :::8080                 :::*
 LISTEN      10696/java
 tcp6       0      0 :::22                   :::*
 LISTEN      2136/sshd
 tcp6       0      0 :::8443                 :::*
 LISTEN      10696/java
 udp        0      0 0.0.0.0:68              0.0.0.0:*
         2087/dhclient3

 If I change Connector port=8443 to Connector port=8445, I get
 the same error message, and netstat -tulpn shows:
 tcp6       0      0 :::8445

Re: APR SSL error: Socket bind failed: [98] Address already in use

2011-11-19 Thread Konstantin Kolinko

2011/11/19 Eric Kemp cruisingat90...@gmail.com:
 Summary: I'm looking for ideas on how to resolve this Address already
 in use error when configuring SSL in Tomcat APR.

 Environment:
  Running Apache Tomcat/6.0.24

That one is old. Maybe you can upgrade to 6.0.33?

  on OS is Ubuntu 10.04.2 LTS
  with JVM 1.7.0_01-b08

There were severe issues with 1.7.0, such as Loop unroll optimization
causes incorrect result. I do not know whether all of them are fixed
in 7u1.
http://tomcat.markmail.org/thread/oghpdg2whkrpnk7w

Anyway, maybe you can try running with Java 6?

 //
 // I restart Tomcat, and see the following in the catalina.out file:
 //
 SEVERE: Error starting endpoint
 java.lang.Exception: Socket bind failed: [98] Address already in use
        at org.apache.tomcat.util.net.AprEndpoint.init(AprEndpoint.java:646)
        at org.apache.tomcat.util.net.AprEndpoint.start(AprEndpoint.java:753)
        at 
 org.apache.coyote.http11.Http11AprProtocol.start(Http11AprProtocol.java:137)
        at org.apache.catalina.connector.Connector.start(Connector.java:1080)
        at 
 org.apache.catalina.core.StandardService.start(StandardService.java:531)
        at 
 org.apache.catalina.core.StandardServer.start(StandardServer.java:710)
        at org.apache.catalina.startup.Catalina.start(Catalina.java:593)
        at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
        at 
 sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:57)
        at 
 sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
        at java.lang.reflect.Method.invoke(Method.java:601)
        at org.apache.catalina.startup.Bootstrap.start(Bootstrap.java:289)
        at org.apache.catalina.startup.Bootstrap.main(Bootstrap.java:414)

What INFO messages are before this one?
Maybe you can post your entire server.xml (without comments and passwords)?


Best regards,
Konstantin Kolinko

-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org

SSL error reported from windows socket

2010-01-25 Thread Tony Anecito

Hi All,

I am getting intermittant windows ssl error regarding connections. Something 
like socket error code 12157 ERROR_INTERNET_SECURITY_CHANNEL_ERROR.

It is intermittant and I am load testing against Apache web server using 
loadrunner 9.0. We are using SSLV3 for Apache 2.2. There is some strange 
message in the error about retrys(0). Is there some control on the Apache side 
for setting the retries to more than 0?

Thanks,
-Tony


  

-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org

Re: [us...@httpd] SSL error reported from windows socket

2010-01-25 Thread Tony Anecito

Hopefully you are right. It is from the loadrunner virtual user logs and it is 
a windows API but that may only try to point someone in the right direction not 
be a root cause. I am having someone look at the Windows settings to see if 
that is where the problem is.

I am hoping to understand what the retrys(0) is all about regardless of the 
root cause of the error. I would want 5 retries before stopping to try to 
connect to a port but not sure if it means 0 retries or infinite retries.

Thanks,
-Tony

--- On Mon, 1/25/10, William A. Rowe Jr. wr...@rowe-clan.net wrote:

 From: William A. Rowe Jr. wr...@rowe-clan.net
 Subject: Re: [us...@httpd] SSL error reported from windows socket
 To: us...@httpd.apache.org
 Cc: Tony Anecito adanec...@yahoo.com, Tomcat Users Group 
 users@tomcat.apache.org
 Date: Monday, January 25, 2010, 11:14 AM
 On 1/25/2010 10:05 AM, Tony Anecito
 wrote:
  Hi All,
  
  I am getting intermittant windows ssl error regarding
 connections. Something like socket error code 12157
 ERROR_INTERNET_SECURITY_CHANNEL_ERROR.
 
 This message has no relationship to Apache httpd that I'm
 aware of, it is
 from a different set of APIs altogether.  Is this from
 your error.log?
 
  It is intermittant and I am load testing against
 Apache web server using loadrunner 9.0. We are using SSLV3
 for Apache 2.2. There is some strange message in the error
 about retrys(0). Is there some control on the Apache side
 for setting the retries to more than 0?
 
 I believe it's a loadrunner configuration, if I had to
 guess.
 




-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org

SSL error certificate question

2009-08-18 Thread BJ Selman

First of all, is there a specific extension required for SSL certificates on an 
Apache/Tomcat server?  i.e. Does it have to be a crt or a cert or ?  Seems 
like I read that it needs to be PEM-encoded - that's about all I could find.

Also, my error log is showing the below... Where should I start looking for the 
problem?  (Trying to 'rewrite' a certain page to httpS - it never gets 
redirected... if I manually add the s, the browser tells me its trying to 
connect to SSL, but when I 'proceed' through the security warning, the s 
disappears from the URL)

[Mon Aug 17 15:00:19 2009] [debug] ssl_engine_kernel.c(1752): OpenSSL: 
Handshake: start
[Mon Aug 17 15:00:19 2009] [debug] ssl_engine_kernel.c(1760): OpenSSL: Loop: 
before/accept initialization
[Mon Aug 17 15:00:19 2009] [debug] ssl_engine_io.c(1817): OpenSSL: read 11/11 
bytes from BIO#%p [mem: %p] \xa0\x11\xd2o
[Mon Aug 17 15:00:19 2009] [debug] ssl_engine_io.c(1750): 
+-+
[Mon Aug 17 15:00:19 2009] [debug] ssl_engine_io.c(1789): | : 47 45 54 20 
2f 66 61 76-69 63 6f GET /favico  |
[Mon Aug 17 15:00:19 2009] [debug] ssl_engine_io.c(1795): 
+-+
[Mon Aug 17 15:00:19 2009] [debug] ssl_engine_kernel.c(1789): OpenSSL: Exit: 
error in SSLv2/v3 read client hello A
[Mon Aug 17 15:00:19 2009] [info] [client 1.2.3.4] SSL handshake failed: HTTP 
spoken on HTTPS port; trying to send HTML error page
[Mon Aug 17 15:00:19 2009] [info] SSL Library Error: 336027804 
error:1407609C:SSL routines:SSL23_GET_CLIENT_HELLO:http request speaking HTTP 
to HTTPS port!?
[Mon Aug 17 15:00:22 2009] [info] [client 1.2.3.4] Connection to child 57 
established (server www.domain.com:443)
[Mon Aug 17 15:00:22 2009] [info] Seeding PRNG with 144 bytes of entropy

 This is what my sslerror.log says:

[Mon Aug 17 13:39:45 2009] [info] Initial (No.1) HTTPS request received for 
child 61 (server www.domain.com:443)
[Mon Aug 17 13:39:45 2009] [debug] ssl_engine_io.c(1828): OpenSSL: I/O error, 5 
bytes expected to read on BIO#%p [mem: %p]
[Mon Aug 17 13:39:45 2009] [info] [client 172.1.2.3] (70014)End of file found: 
SSL input filter read failed.
[Mon Aug 17 13:39:45 2009] [debug] ssl_engine_kernel.c(1770): OpenSSL: Write: 
SSL negotiation finished successfully
[Mon Aug 17 13:39:45 2009] [info] [client 172.1.2.3] Connection closed to child 
61 with standard shutdown (server www.domain.com:443)


Thanks

Re: SSL error certificate question

2009-08-18 Thread Mark Thomas

BJ Selman wrote:
 First of all, is there a specific extension required for SSL certificates on 
 an Apache/Tomcat server?  i.e. Does it have to be a crt or a cert or ?  
 Seems like I read that it needs to be PEM-encoded - that's about all I 
 could find.
 
 Also, my error log is showing the below... Where should I start looking for 
 the problem?  (Trying to 'rewrite' a certain page to httpS - it never gets 
 redirected... if I manually add the s, the browser tells me its trying to 
 connect to SSL, but when I 'proceed' through the security warning, the s 
 disappears from the URL)

That looks like an httpd log, not a Tomcat one. You'll have more luck on
the httpd users list.

Mark



-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org

Re: SSL error when invoking web service

2008-01-23 Thread Rizwan Merchant



Thanks for the response.
The client can be any one who wants to post an XML message to this URL. 
So you could create an xml message and post the request using https.
Not sure why the client would need to 'add' this certificate. We have 
written code to connect to many such web services and we never need to 
add certificates from the server we are connecting to? For example, if 
we need to use Fedex's API service, we need to send the request using 
https, but we have never added any certificates from them on our server.




Bill Barker wrote:
Rizwan Merchant [EMAIL PROTECTED] wrote in message 
news:[EMAIL PROTECTED]
  

Hi,

We have a web based application running on Tomcat 6. The server.xml file
is configured so that the application can handle incoming https requests
on port 443 (default). When a user hits the URL http://www.mydomain.com,
it automatically redirects to https://www.mydomain.com (due to security
constraint set up in web.xml).

We also have a web service running which is invoked by posting the
request message to http://www.mydomain.com/rpc2
I am trying to enforce ssl on this service as well, but when a message
is posted to https://www.mydomain.com/rpc2 (secure using https
protocol), the client is seeing the following error:
(Posting the message to http://www.mydomain.com/rpc2 works fine)

*Error 60:SSL certificate problem, verify that the CA cert is OK.
Details: error:14090086:SSL
routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed*




You didn't say what the client is so I can't offer much on how to fix it. 
But the error is saying that the client couldn't find the CA certificate 
that signed your Tomcat server certificate in it's list of trusted CAs.  As 
a result, the client correctly desides not to trust your Tomcat server.


You need to add the CA certificate to the client's trusted certificate list, 
as explained in the documentation for the client (but probably cacerts.pem).


  

Basically, the https is working fine on the website, but not for the web
service (which, from what I understand, is being handled by a separate
servlet, rpc2).

Any ideas please?

Thanks,
-Rizwan Merchant.











  

-
To start a new topic, e-mail: users@tomcat.apache.org
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED] 






-
To start a new topic, e-mail: users@tomcat.apache.org
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]


  


-
To start a new topic, e-mail: users@tomcat.apache.org
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Re: SSL error when invoking web service

2008-01-23 Thread Bill Barker


Rizwan Merchant [EMAIL PROTECTED] wrote in message 
news:[EMAIL PROTECTED]

 Thanks for the response.
 The client can be any one who wants to post an XML message to this URL.
 So you could create an xml message and post the request using https.
 Not sure why the client would need to 'add' this certificate. We have
 written code to connect to many such web services and we never need to
 add certificates from the server we are connecting to? For example, if
 we need to use Fedex's API service, we need to send the request using
 https, but we have never added any certificates from them on our server.



Without looking, Fedex almost certainly uses one of the big commercial CAs 
(e.g. Verisign, Thwate).  Their CA certs ship with almost all SSL enabled 
clients, and so the client will be able to verify the certificate chain up 
to a trusted CA.  This is pretty much the only way to go if anyone can 
post to the URL.  If you're using your own CA (or, worse, a self-signed 
cert), then the server's certificate won't be trusted without adding the CA 
cert (and in the case of self-signed, may not be trusted in any case).  SSL 
certificates work sort of like the mafia:  If someone I trust will sign for 
you, then I'll trust you ;).


 Bill Barker wrote:
 Rizwan Merchant [EMAIL PROTECTED] wrote in message
 news:[EMAIL PROTECTED]

 Hi,

 We have a web based application running on Tomcat 6. The server.xml file
 is configured so that the application can handle incoming https requests
 on port 443 (default). When a user hits the URL http://www.mydomain.com,
 it automatically redirects to https://www.mydomain.com (due to security
 constraint set up in web.xml).

 We also have a web service running which is invoked by posting the
 request message to http://www.mydomain.com/rpc2
 I am trying to enforce ssl on this service as well, but when a message
 is posted to https://www.mydomain.com/rpc2 (secure using https
 protocol), the client is seeing the following error:
 (Posting the message to http://www.mydomain.com/rpc2 works fine)

 *Error 60:SSL certificate problem, verify that the CA cert is OK.
 Details: error:14090086:SSL
 routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed*



 You didn't say what the client is so I can't offer much on how to fix it.
 But the error is saying that the client couldn't find the CA certificate
 that signed your Tomcat server certificate in it's list of trusted CAs. 
 As
 a result, the client correctly desides not to trust your Tomcat server.

 You need to add the CA certificate to the client's trusted certificate 
 list,
 as explained in the documentation for the client (but probably 
 cacerts.pem).


 Basically, the https is working fine on the website, but not for the web
 service (which, from what I understand, is being handled by a separate
 servlet, rpc2).

 Any ideas please?

 Thanks,
 -Rizwan Merchant.







 



 -
 To start a new topic, e-mail: users@tomcat.apache.org
 To unsubscribe, e-mail: [EMAIL PROTECTED]
 For additional commands, e-mail: [EMAIL PROTECTED]





 -
 To start a new topic, e-mail: users@tomcat.apache.org
 To unsubscribe, e-mail: [EMAIL PROTECTED]
 For additional commands, e-mail: [EMAIL PROTECTED]










 -
 To start a new topic, e-mail: users@tomcat.apache.org
 To unsubscribe, e-mail: [EMAIL PROTECTED]
 For additional commands, e-mail: [EMAIL PROTECTED] 




-
To start a new topic, e-mail: users@tomcat.apache.org
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

SSL error when invoking web service

2008-01-22 Thread Rizwan Merchant



Hi,

We have a web based application running on Tomcat 6. The server.xml file 
is configured so that the application can handle incoming https requests 
on port 443 (default). When a user hits the URL http://www.mydomain.com, 
it automatically redirects to https://www.mydomain.com (due to security 
constraint set up in web.xml).


We also have a web service running which is invoked by posting the 
request message to http://www.mydomain.com/rpc2
I am trying to enforce ssl on this service as well, but when a message 
is posted to https://www.mydomain.com/rpc2 (secure using https 
protocol), the client is seeing the following error:

(Posting the message to http://www.mydomain.com/rpc2 works fine)

*Error 60:SSL certificate problem, verify that the CA cert is OK. 
Details: error:14090086:SSL 
routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed*


Basically, the https is working fine on the website, but not for the web 
service (which, from what I understand, is being handled by a separate 
servlet, rpc2).


Any ideas please?

Thanks,
-Rizwan Merchant.



-
To start a new topic, e-mail: users@tomcat.apache.org
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Re: SSL error when invoking web service

2008-01-22 Thread Bill Barker


Rizwan Merchant [EMAIL PROTECTED] wrote in message 
news:[EMAIL PROTECTED]

 Hi,

 We have a web based application running on Tomcat 6. The server.xml file
 is configured so that the application can handle incoming https requests
 on port 443 (default). When a user hits the URL http://www.mydomain.com,
 it automatically redirects to https://www.mydomain.com (due to security
 constraint set up in web.xml).

 We also have a web service running which is invoked by posting the
 request message to http://www.mydomain.com/rpc2
 I am trying to enforce ssl on this service as well, but when a message
 is posted to https://www.mydomain.com/rpc2 (secure using https
 protocol), the client is seeing the following error:
 (Posting the message to http://www.mydomain.com/rpc2 works fine)

 *Error 60:SSL certificate problem, verify that the CA cert is OK.
 Details: error:14090086:SSL
 routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed*


You didn't say what the client is so I can't offer much on how to fix it. 
But the error is saying that the client couldn't find the CA certificate 
that signed your Tomcat server certificate in it's list of trusted CAs.  As 
a result, the client correctly desides not to trust your Tomcat server.

You need to add the CA certificate to the client's trusted certificate list, 
as explained in the documentation for the client (but probably cacerts.pem).

 Basically, the https is working fine on the website, but not for the web
 service (which, from what I understand, is being handled by a separate
 servlet, rpc2).

 Any ideas please?

 Thanks,
 -Rizwan Merchant.









 -
 To start a new topic, e-mail: users@tomcat.apache.org
 To unsubscribe, e-mail: [EMAIL PROTECTED]
 For additional commands, e-mail: [EMAIL PROTECTED] 




-
To start a new topic, e-mail: users@tomcat.apache.org
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

RE: SSL Error : Please HELP

2005-10-17 Thread Longson, Robert

You want to put this in the Java tab under Java Options.

Best regards

Robert.

-Original Message-
From: James Rome [mailto:[EMAIL PROTECTED]
Sent: 17 October 2005 16:00
To: tomcat-user@jakarta.apache.org
Subject: SSL Error : Please HELP

I tried putting 
start -Djavax.net.debug=ssl:handshake
in the Windows 5.5 GUI startup tab under arguments and Tomcat will not start

How does one get this to work?

Jim
-
You can pass the option '-Djavax.net.debug=ssl:handshake' to the Tomcat 
startup, (either set JAVA_OPTS to it if you are using startup.bat, or add it 
via the tomcat5w.exe GUI if you are using the service).  It will give you 
tons of information about the SSL negotiations from the Tomcat side.  If the 
problem doesn't pop out at you, post the results to the list, and maybe 
another set of eyes will see something.

Iannis' answer below is the most likely answer to your problem, without 
knowing more about it.

Lalit Batra [EMAIL PROTECTED] wrote in message 
news:[EMAIL PROTECTED]
yes it was typing mistake. I use https://localhost:8443/ Netcape 7.0 works,
IE 6.x Works but Mozilla and Netscape 8.0 fails.

Thanks,
Lalit

-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED] 

The information contained in this message is intended only for the recipient, 
and may be a confidential attorney-client communication or may otherwise be 
privileged and confidential and protected from disclosure. If the reader of 
this message is not the intended recipient, or an employee or agent responsible 
for delivering this message to the intended recipient, please be aware that any 
dissemination or copying of this communication is strictly prohibited. If you 
have received this communication in error, please immediately notify us by 
replying to the message and deleting it from your computer. 

-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

RE: SSL error [EXTERNAL]

RE: SSL error [EXTERNAL]

RE: SSL error [EXTERNAL]

Re: SSL error

SSL error

Re: APR SSL error: Socket bind failed: [98] Address already in use

Re: APR SSL error: Socket bind failed: [98] Address already in use

Re: APR SSL error: Socket bind failed: [98] Address already in use

Re: APR SSL error: Socket bind failed: [98] Address already in use

Re: APR SSL error: Socket bind failed: [98] Address already in use

Re: APR SSL error: Socket bind failed: [98] Address already in use

Re: APR SSL error: Socket bind failed: [98] Address already in use

Re: APR SSL error: Socket bind failed: [98] Address already in use

RE: APR SSL error: Socket bind failed: [98] Address already in use

Re: APR SSL error: Socket bind failed: [98] Address already in use

APR SSL error: Socket bind failed: [98] Address already in use

Re: APR SSL error: Socket bind failed: [98] Address already in use

Re: APR SSL error: Socket bind failed: [98] Address already in use

Re: APR SSL error: Socket bind failed: [98] Address already in use

SSL error reported from windows socket

Re: [us...@httpd] SSL error reported from windows socket

SSL error certificate question

Re: SSL error certificate question

Re: SSL error when invoking web service

Re: SSL error when invoking web service

SSL error when invoking web service

Re: SSL error when invoking web service

RE: SSL Error : Please HELP

28 matches

Site Navigation

Mail list logo

Footer information