Comments inline - see ==== COMMENT ====
On 8/7/2012 9:52 AM, Massimo Chirivì - Ict Consultant wrote:
i HAVE CORRECT THIS ERROR, <CONNECTOR> NOW IS OUT THE <ENGINE>
now the log files write:
7-ago-2012 18.42.52 org.apache.catalina.core.AprLifecycleListener init
INFO: Loaded APR based Apache Tomcat Native library 1.1.10.
7-ago-2012 18.42.52 org.apache.catalina.core.AprLifecycleListener init
INFO: APR capabilities: IPv6 [false], sendfile [true], accept filters
[false], random [true].
==== COMMENT ====
You're using the APR (native libraries). You are trying to configure
your connector with the Java SSL configuration. This won't work.
See the following:
http://tomcat.apache.org/tomcat-6.0-doc/ssl-howto.html#Configuration
In particular:
<Connector
port="8443" maxThreads="200"
scheme="https" secure="true" SSLEnabled="true"
SSLCertificateFile="/usr/local/ssl/server.crt"
SSLCertificateKeyFile="/usr/local/ssl/server.pem"
clientAuth="optional" SSLProtocol="TLSv1"/>
Note that the format for the certificate (and key) is different for the
two connectors.
==== COMMENT ====
7-ago-2012 18.42.53 org.apache.coyote.http11.Http11AprProtocol init
INFO: Initializing Coyote HTTP/1.1 on http-80
7-ago-2012 18.42.53 org.apache.coyote.ajp.AjpAprProtocol init
INFO: Initializing Coyote AJP/1.3 on ajp-8009
7-ago-2012 18.42.53 org.apache.coyote.http11.Http11AprProtocol init
GRAVE: Error initializing endpoint
java.lang.Exception: No Certificate file specified
at org.apache.tomcat.jni.SSLContext.setCertificate(Native Method)
at org.apache.tomcat.util.net.AprEndpoint.init(AprEndpoint.java:684)
at
org.apache.coyote.http11.Http11AprProtocol.init(Http11AprProtocol.java:107)
at org.apache.catalina.connector.Connector.initialize(Connector.java:1058)
at
org.apache.catalina.core.StandardService.initialize(StandardService.java:677)
at
org.apache.catalina.core.StandardServer.initialize(StandardServer.java:795)
at org.apache.catalina.startup.Catalina.load(Catalina.java:530)
at org.apache.catalina.startup.Catalina.load(Catalina.java:550)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(Unknown Source)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(Unknown Source)
at java.lang.reflect.Method.invoke(Unknown Source)
at org.apache.catalina.startup.Bootstrap.load(Bootstrap.java:260)
at org.apache.catalina.startup.Bootstrap.main(Bootstrap.java:412)
7-ago-2012 18.42.53 org.apache.catalina.startup.Catalina load
GRAVE: Catalina.start
LifecycleException: Protocol handler initialization failed:
java.lang.Exception: No Certificate file specified
at org.apache.catalina.connector.Connector.initialize(Connector.java:1060)
at
org.apache.catalina.core.StandardService.initialize(StandardService.java:677)
at
org.apache.catalina.core.StandardServer.initialize(StandardServer.java:795)
at org.apache.catalina.startup.Catalina.load(Catalina.java:530)
at org.apache.catalina.startup.Catalina.load(Catalina.java:550)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(Unknown Source)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(Unknown Source)
at java.lang.reflect.Method.invoke(Unknown Source)
at org.apache.catalina.startup.Bootstrap.load(Bootstrap.java:260)
at org.apache.catalina.startup.Bootstrap.main(Bootstrap.java:412)
7-ago-2012 18.42.53 org.apache.catalina.startup.Catalina load
INFO: Initialization processed in 2236 ms
7-ago-2012 18.42.53 org.apache.catalina.realm.JAASRealm setContainer
INFO: Set JAAS app name Catalinassl
7-ago-2012 18.42.53 org.apache.catalina.core.StandardService start
INFO: Starting service Catalina
7-ago-2012 18.42.53 org.apache.catalina.core.StandardEngine start
INFO: Starting Servlet Engine: Apache Tomcat/6.0.16
2012/8/7 Terence M. Bandoian <tere...@tmbsw.com>
On 1:59 PM, Massimo Chirivě - Ict Consultant wrote:
What version of Tomcat are you using?
6.0.16
What *exactly* does 'not ok' mean?
The https site is not responding
Are there any errors in the log files?
NO, I have Stop and Start TOMCAT, the log files Catalina.2012-08-07.txt is
attach
Can you describe the symptoms of the error?
When i submit http://www.sito1.net or http://www.site2.net is work
correctly
when i submit https://www.sito3.net is not responding.
the configuration in the server.xml is correctly?
2012/8/7 Pid<p...@pidster.com>
On 03/08/2012 17:35, Massimo Chirivě - Ict Consultant wrote:
*this is my server.xml, *
*the sites on the http is ok, but the site on the https is not ok?*
*thank you for help*
Are you just repeating the same question over& over?
Have you read the documents provided previously?
What version of Tomcat are you using?
What *exactly* does 'not ok' mean?
Are there any errors in the log files?
Can you describe the symptoms of the error?
Have you ever read& comprehended:
http://www.catb.org/esr/faqs/**smart-questions.html<http://www.catb.org/esr/faqs/smart-questions.html>
p
==== COMMENT ====
I'm not going to try and inject my comments concerning the server.xml
issues. Instead, I'll make a few general comments (amplifying other
comments) and then point you to the Wiki article that exists on the
Tomcat site.
1. There is no such thing as a Logger element
2. Do not put <Context> elements in your server.xml
3. For the default context, name your war file ROOT.war
a. do not use a null path - in general the path attribute is wrong
b. case IS important, even on Windows
4. Do NOT overlap appBase directories for virtual hosts
a. You will get multiple deployments
b. You will have memory issues
Please read and follow the Wiki document below for setting up virtual
hosts. I know it says development, but this same structure works well
for production. I use it to run a large number of production sites.
Coupled with CATALINA_HOME / CATALINA_BASE and some custom Ant scripts,
I have complete flexibility, and I can provision environments in about 5
minutes. I'm working on reducing that time.
Here's the link (again) :
http://wiki.apache.org/tomcat/TomcatDevelopmentVirtualHosts
Also, please tell me you are not using the following JRE:
C:\Program Files\Java\jre1.5.0_15
This is ancient, unsupported, has lots of security issues, and is in
general asking for trouble.
Upgrade at least to the latest 1.6.0 release.
==== COMMENT ====
<?xml version='1.0' encoding='utf-8'?>
<Server port="8005" shutdown="SHUTDOWN">
<Listener className="org.apache.**catalina.core.**
AprLifecycleListener"
SSLEngine="on" />
<Listener className="org.apache.**catalina.core.JasperListener" />
<Listener
className="org.apache.**catalina.mbeans.**ServerLifecycleListener"
/>
<Listener
className="org.apache.**catalina.mbeans.**
GlobalResourcesLifecycleListen**er"
/>
<GlobalNamingResources>
<Resource name="UserDatabase" auth="Container"
type="org.apache.catalina.**UserDatabase"
description="User database that can be updated and saved"
factory="org.apache.catalina.**users.**MemoryUserDatabaseFactory"
pathname="conf/tomcat-users.**xml" />
</GlobalNamingResources>
<Service name="Catalina">
<Connector port="80" protocol="HTTP/1.1"
connectionTimeout="20000"
redirectPort="443" />
<Connector port="8009" protocol="AJP/1.3" redirectPort="443" />
<Engine name="Catalina" defaultHost="localhost">
<Realm className="org.apache.**catalina.realm.**
UserDatabaseRealm"
resourceName="UserDatabase"/>
<Host name="localhost" appBase="webapps"
unpackWARs="true" autoDeploy="true"
xmlValidation="false" xmlNamespaceAware="false">
</Host>
<Host name="www.site1.it" debug="0" unpackWARs="true">
<Logger className="org.apache.**catalina.logger.FileLogger"
directory="logs" prefix="virtual_log1." suffix=".txt"
timestamp="true"/>
<Context path="" docBase="/webapps/site1" debug="0"
reloadable="true"/>
Context definitions in server.xml is very strongly discouraged and
considered poor practice.
<Valve className="org.apache.**catalina.valves.**
AccessLogValve"
directory="logs" prefix="virtual_log." suffix=".txt"
pattern="common"/>
</Host>
<Host name="www.site2.net" debug="0" unpackWARs="true">
<Logger className="org.apache.**catalina.logger.FileLogger"
directory="logs" prefix="virtual_log29."
suffix=".txt"
timestamp="true"/>
There is no logger in Tomcat 7.0.
<Context path="" docBase="/webapps/site2" debug="0"
reloadable="true"/>
<Valve className="org.apache.**catalina.valves.**
AccessLogValve"
directory="logs" prefix="virtual_log." suffix=".txt"
pattern="common"/>
</Host>
</Engine>
</Service>
<Service name="Catalinassl">
<Engine name="Catalinassl" defaultHost="localhost">
<Connector port="443" maxHttpHeaderSize="8192" maxThreads="150"
minSpareThreads="25" maxSpareThreads="75" enableLookups="false"
disableUploadTimeout="true" acceptCount="100" scheme="https"
secure="true"
SSLEnabled="true" clientAuth="false" sslProtocol="TLS"
keyAlias="bancomed"
keystoreFile="C:\Program Files\Java\jre1.5.0_15\bin\**site3.jks"
keypass="xxxx" />
<Host name="www.site3.net" debug="0" unpackWARs="true">
<Logger className="org.apache.**catalina.logger.FileLogger"
directory="logs" prefix="virtual_log29."
suffix=".txt"
timestamp="true"/>
There is no logger in Tomcat 7.0.
<Context path="" docBase="/webapps/site3" debug="0"
reloadable="true"/>
Context definitions in server.xml is very strongly discouraged and
considered poor practice.
<Valve className="org.apache.**catalina.valves.**
AccessLogValve"
directory="logs" prefix="virtual_log." suffix=".txt"
pattern="common"/>
</Host>
</Engine>
</Service>
</Server>
Massimo Chirivě
2012/2/12 Caldarale, Charles R<chuck.caldar...@unisys.com>
From: mchirivi....@gmail.com [mailto:mchirivi....@gmail.com**] On
Behalf
Of
Massimo Chirivě - Ict Consultant
Subject: Re: TOMCAT with multiple sites (one on https, others on http)
i have a server with TOMCAT and i want to configure multiple sites,
i can configure one site on https and others sites on http?
1) Read the servlet spec, especially section 13, security.
2) Read the Tomcat doc for SSL and<Connector>:
http://tomcat.apache.org/**tomcat-7.0-doc/ssl-howto.html<http://tomcat.apache.org/tomcat-7.0-doc/ssl-howto.html>
http://tomcat.apache.org/**tomcat-7.0-doc/config/http.**html<http://tomcat.apache.org/tomcat-7.0-doc/config/http.html>
3) Read the Wiki for virtual hosts:
http://wiki.apache.org/tomcat/**HowTo#How_do_I_set_up_Tomcat_**
virtual_hosts_in_a_**development_environment.3F<http://wiki.apache.org/tomcat/HowTo#How_do_I_set_up_Tomcat_virtual_hosts_in_a_development_environment.3F>
- Chuck
Hi, Massimo-
Is it valid to nest a <Connector> element inside an <Engine> element?
-Terence Bandoian
Sorry for being lazy and not cleaning up the rest of this post. However,
I'm not terribly motivated when I don't see commensurate effort from the
original poster.
. . . . just my 2 cents.
/mde/
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org
