You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@tomcat.apache.org by "Samara, Fadi N Mr ACSIM/ASPEX" <Fa...@hqda.army.mil> on 2006/02/03 17:32:32 UTC
RE: Port 8443 won't become active (UNCLASSIFIED)
Classification: UNCLASSIFIED
Caveats: NONE
Have you generated key pairs yet ?
-----Original Message-----
From: Jeffery G. Summers [mailto:jsummers@transy.edu]
Sent: Friday, February 03, 2006 11:24 AM
To: 'Tomcat Users List'
Subject: RE: Port 8443 won't become active
OK, so it isn't the java version. I've ensured JAVA_HOME is correct and
that the PATH is pointing to the right version. All the jars are running
through 1.4.2.
I'm stumped. I've gone through various docs/faqs and can't find anything
that helps. I know port 8443 can be activated because I changed the http
port 80 connector to port 8443. I connected to my site using :8443 in the
url but, of course, it's not https.
The only thing I can see that appears to be an issue is this error in the
logs:
Feb 3, 2006 6:57:54 AM org.apache.catalina.startup.Catalina start
SEVERE: Catalina.start: LifecycleException: Protocol handler start
failed: java.io.IOException: Algorithm SunX509 not available
I've no idea how to resolve this issue. Any clues? I've found some obscure
info on changing something called java.secure and making sure a few jar
files exist, but I don't know where this java.secure file is, how it should
be edited (if it really needs it) or where I should get the jar files since
we don't have them (Jcert.JAR , jNET.JAR,jSSE.jar in jre/lib/ext)
Thanks!
Jeff
-----Original Message-----
From: Jeffery G. Summers [mailto:jsummers@transy.edu]
Sent: Thursday, February 02, 2006 1:53 PM
To: 'Tomcat Users List'
Subject: RE: Port 8443 won't become active
When we contracted our upgrades the consultant installed version 1.4.2 but
when I just ran "java -version" the box tells me that 1.3.1 is the one
running in memory! I've never stopped/started java, etc. and I plan on
making the consultant finish the job on this...but, if I want to try it does
anyone have a "Quickie Guide" I could use?
Thanks!
Jeff
-----Original Message-----
From: Peter Crowther [mailto:Peter.Crowther@melandra.com]
Sent: Thursday, February 02, 2006 12:28 PM
To: Tomcat Users List
Subject: RE: Port 8443 won't become active
> From: Jeffery G. Summers [mailto:jsummers@transy.edu] Our webserver is
> an IBM P615C AIX 5.2 box.
Whose JVM and what version?
- Peter
Successfully scanned by McAfee SIG 3200 Appliance.
Successfully Scanned by the McAfee SIG 3200 Appliance.
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org
Successfully scanned by McAfee SIG 3200 Appliance.
Successfully Scanned by the McAfee SIG 3200 Appliance.
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org
Classification: UNCLASSIFIED
Caveats: NONE
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org
Re: Port 8443 won't become active (UNCLASSIFIED)
Posted by Mike Sabroff <mi...@cygnusb2b.com>.
I don't know if that will take care of it, but I would try changing the
catalina.properties (tomcat/conf)
it has some references to "sun". There may be some access problems on
the IBM classes or packages that need to be set in here....maybe just
adding the equivalent IBM packages may solve the problem.
This is an uneducated guess, not a fact.
BTW...have you checked IBM's site for info on tomcat integration?
Jeffery G. Summers wrote:
> Mike,
>
> In our JAVA_HOME/jre/lib/security/java.security the following exists:
>
> ssl.KeyManagerFactory.algorithm=IbmX509
> ssl.TrustManagerFactory.algorithm=IbmX509
>
> We have no JAVA_HOME/jre/lib/deploy.jar or jsse.jar.
>
> Our error log says SunX509 while the above obviously has IbmX509. I'm
> guessing that Tomcat has a setting somewhere that specifies SunX509 - can
> anyone tell me where that is? I'm assuming I can change it to IbmX509???
>
> Please advise!
>
> Thanks!
>
> jeff
>
> -----Original Message-----
> From: Mike Sabroff [mailto:mike.sabroff@cygnusb2b.com]
> Sent: Friday, February 03, 2006 11:43 AM
> To: Tomcat Users List
> Subject: Re: Port 8443 won't become active (UNCLASSIFIED)
>
> JAVA_HOME/jre/lib/security/java.security:ssl.KeyManagerFactory.algorithm=Sun
> X509
> JAVA_HOME/jre/lib/deploy.jar - found in here
> JAVA_HOME/jre/lib/jsse.jar - and here
>
> This is the default for a normal sun installation.
>
> What IBM does is unknown, but if tomcat sees the IBM release and NOT the
> Sun/java release.....I don't know, but I would thing IBM would have
> taken care of this
>
> Samara, Fadi N Mr ACSIM/ASPEX wrote:
>
>> Classification: UNCLASSIFIED
>> Caveats: NONE
>>
>> Have you generated key pairs yet ?
>>
>> -----Original Message-----
>> From: Jeffery G. Summers [mailto:jsummers@transy.edu]
>> Sent: Friday, February 03, 2006 11:24 AM
>> To: 'Tomcat Users List'
>> Subject: RE: Port 8443 won't become active
>>
>> OK, so it isn't the java version. I've ensured JAVA_HOME is correct and
>> that the PATH is pointing to the right version. All the jars are running
>> through 1.4.2.
>>
>> I'm stumped. I've gone through various docs/faqs and can't find anything
>> that helps. I know port 8443 can be activated because I changed the http
>> port 80 connector to port 8443. I connected to my site using :8443 in the
>> url but, of course, it's not https.
>>
>> The only thing I can see that appears to be an issue is this error in the
>> logs:
>>
>> Feb 3, 2006 6:57:54 AM org.apache.catalina.startup.Catalina start
>>
>> SEVERE: Catalina.start: LifecycleException: Protocol handler start
>> failed: java.io.IOException: Algorithm SunX509 not available
>>
>> I've no idea how to resolve this issue. Any clues? I've found some
>>
> obscure
>
>> info on changing something called java.secure and making sure a few jar
>> files exist, but I don't know where this java.secure file is, how it
>>
> should
>
>> be edited (if it really needs it) or where I should get the jar files
>>
> since
>
>> we don't have them (Jcert.JAR , jNET.JAR,jSSE.jar in jre/lib/ext)
>>
>> Thanks!
>>
>> Jeff
>>
>> -----Original Message-----
>> From: Jeffery G. Summers [mailto:jsummers@transy.edu]
>> Sent: Thursday, February 02, 2006 1:53 PM
>> To: 'Tomcat Users List'
>> Subject: RE: Port 8443 won't become active
>>
>> When we contracted our upgrades the consultant installed version 1.4.2 but
>> when I just ran "java -version" the box tells me that 1.3.1 is the one
>> running in memory! I've never stopped/started java, etc. and I plan on
>> making the consultant finish the job on this...but, if I want to try it
>>
> does
>
>> anyone have a "Quickie Guide" I could use?
>>
>> Thanks!
>>
>> Jeff
>>
>> -----Original Message-----
>> From: Peter Crowther [mailto:Peter.Crowther@melandra.com]
>> Sent: Thursday, February 02, 2006 12:28 PM
>> To: Tomcat Users List
>> Subject: RE: Port 8443 won't become active
>>
>>
>>
>>> From: Jeffery G. Summers [mailto:jsummers@transy.edu] Our webserver is
>>> an IBM P615C AIX 5.2 box.
>>>
>>>
>>
>> Whose JVM and what version?
>>
>> - Peter
>>
>>
>> Successfully scanned by McAfee SIG 3200 Appliance.
>>
>>
>>
>> Successfully Scanned by the McAfee SIG 3200 Appliance.
>>
>> ---------------------------------------------------------------------
>> To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
>> For additional commands, e-mail: users-help@tomcat.apache.org
>>
>>
>>
>> Successfully scanned by McAfee SIG 3200 Appliance.
>>
>>
>>
>> Successfully Scanned by the McAfee SIG 3200 Appliance.
>>
>> ---------------------------------------------------------------------
>> To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
>> For additional commands, e-mail: users-help@tomcat.apache.org
>> Classification: UNCLASSIFIED
>> Caveats: NONE
>>
>>
>> ---------------------------------------------------------------------
>> To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
>> For additional commands, e-mail: users-help@tomcat.apache.org
>>
>>
>>
>
>
--
Mike Sabroff
Web Services
Developer
mike.sabroff@cygnusb2b.com
920-568-8379
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org
RE: Port 8443 won't become active (UNCLASSIFIED)
Posted by "Jeffery G. Summers" <js...@transy.edu>.
Mike,
In our JAVA_HOME/jre/lib/security/java.security the following exists:
ssl.KeyManagerFactory.algorithm=IbmX509
ssl.TrustManagerFactory.algorithm=IbmX509
We have no JAVA_HOME/jre/lib/deploy.jar or jsse.jar.
Our error log says SunX509 while the above obviously has IbmX509. I'm
guessing that Tomcat has a setting somewhere that specifies SunX509 - can
anyone tell me where that is? I'm assuming I can change it to IbmX509???
Please advise!
Thanks!
jeff
-----Original Message-----
From: Mike Sabroff [mailto:mike.sabroff@cygnusb2b.com]
Sent: Friday, February 03, 2006 11:43 AM
To: Tomcat Users List
Subject: Re: Port 8443 won't become active (UNCLASSIFIED)
JAVA_HOME/jre/lib/security/java.security:ssl.KeyManagerFactory.algorithm=Sun
X509
JAVA_HOME/jre/lib/deploy.jar - found in here
JAVA_HOME/jre/lib/jsse.jar - and here
This is the default for a normal sun installation.
What IBM does is unknown, but if tomcat sees the IBM release and NOT the
Sun/java release.....I don't know, but I would thing IBM would have
taken care of this
Samara, Fadi N Mr ACSIM/ASPEX wrote:
> Classification: UNCLASSIFIED
> Caveats: NONE
>
> Have you generated key pairs yet ?
>
> -----Original Message-----
> From: Jeffery G. Summers [mailto:jsummers@transy.edu]
> Sent: Friday, February 03, 2006 11:24 AM
> To: 'Tomcat Users List'
> Subject: RE: Port 8443 won't become active
>
> OK, so it isn't the java version. I've ensured JAVA_HOME is correct and
> that the PATH is pointing to the right version. All the jars are running
> through 1.4.2.
>
> I'm stumped. I've gone through various docs/faqs and can't find anything
> that helps. I know port 8443 can be activated because I changed the http
> port 80 connector to port 8443. I connected to my site using :8443 in the
> url but, of course, it's not https.
>
> The only thing I can see that appears to be an issue is this error in the
> logs:
>
> Feb 3, 2006 6:57:54 AM org.apache.catalina.startup.Catalina start
>
> SEVERE: Catalina.start: LifecycleException: Protocol handler start
> failed: java.io.IOException: Algorithm SunX509 not available
>
> I've no idea how to resolve this issue. Any clues? I've found some
obscure
> info on changing something called java.secure and making sure a few jar
> files exist, but I don't know where this java.secure file is, how it
should
> be edited (if it really needs it) or where I should get the jar files
since
> we don't have them (Jcert.JAR , jNET.JAR,jSSE.jar in jre/lib/ext)
>
> Thanks!
>
> Jeff
>
> -----Original Message-----
> From: Jeffery G. Summers [mailto:jsummers@transy.edu]
> Sent: Thursday, February 02, 2006 1:53 PM
> To: 'Tomcat Users List'
> Subject: RE: Port 8443 won't become active
>
> When we contracted our upgrades the consultant installed version 1.4.2 but
> when I just ran "java -version" the box tells me that 1.3.1 is the one
> running in memory! I've never stopped/started java, etc. and I plan on
> making the consultant finish the job on this...but, if I want to try it
does
> anyone have a "Quickie Guide" I could use?
>
> Thanks!
>
> Jeff
>
> -----Original Message-----
> From: Peter Crowther [mailto:Peter.Crowther@melandra.com]
> Sent: Thursday, February 02, 2006 12:28 PM
> To: Tomcat Users List
> Subject: RE: Port 8443 won't become active
>
>
>> From: Jeffery G. Summers [mailto:jsummers@transy.edu] Our webserver is
>> an IBM P615C AIX 5.2 box.
>>
>
> Whose JVM and what version?
>
> - Peter
>
>
> Successfully scanned by McAfee SIG 3200 Appliance.
>
>
>
> Successfully Scanned by the McAfee SIG 3200 Appliance.
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
> For additional commands, e-mail: users-help@tomcat.apache.org
>
>
>
> Successfully scanned by McAfee SIG 3200 Appliance.
>
>
>
> Successfully Scanned by the McAfee SIG 3200 Appliance.
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
> For additional commands, e-mail: users-help@tomcat.apache.org
> Classification: UNCLASSIFIED
> Caveats: NONE
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
> For additional commands, e-mail: users-help@tomcat.apache.org
>
>
--
Mike Sabroff
Web Services
Developer
mike.sabroff@cygnusb2b.com
920-568-8379
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org
Successfully scanned by McAfee SIG 3200 Appliance.
Successfully Scanned by the McAfee SIG 3200 Appliance.
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org
Re: Port 8443 won't become active (UNCLASSIFIED)
Posted by Mike Sabroff <mi...@cygnusb2b.com>.
JAVA_HOME/jre/lib/security/java.security:ssl.KeyManagerFactory.algorithm=SunX509
JAVA_HOME/jre/lib/deploy.jar - found in here
JAVA_HOME/jre/lib/jsse.jar - and here
This is the default for a normal sun installation.
What IBM does is unknown, but if tomcat sees the IBM release and NOT the
Sun/java release.....I don't know, but I would thing IBM would have
taken care of this
Samara, Fadi N Mr ACSIM/ASPEX wrote:
> Classification: UNCLASSIFIED
> Caveats: NONE
>
> Have you generated key pairs yet ?
>
> -----Original Message-----
> From: Jeffery G. Summers [mailto:jsummers@transy.edu]
> Sent: Friday, February 03, 2006 11:24 AM
> To: 'Tomcat Users List'
> Subject: RE: Port 8443 won't become active
>
> OK, so it isn't the java version. I've ensured JAVA_HOME is correct and
> that the PATH is pointing to the right version. All the jars are running
> through 1.4.2.
>
> I'm stumped. I've gone through various docs/faqs and can't find anything
> that helps. I know port 8443 can be activated because I changed the http
> port 80 connector to port 8443. I connected to my site using :8443 in the
> url but, of course, it's not https.
>
> The only thing I can see that appears to be an issue is this error in the
> logs:
>
> Feb 3, 2006 6:57:54 AM org.apache.catalina.startup.Catalina start
>
> SEVERE: Catalina.start: LifecycleException: Protocol handler start
> failed: java.io.IOException: Algorithm SunX509 not available
>
> I've no idea how to resolve this issue. Any clues? I've found some obscure
> info on changing something called java.secure and making sure a few jar
> files exist, but I don't know where this java.secure file is, how it should
> be edited (if it really needs it) or where I should get the jar files since
> we don't have them (Jcert.JAR , jNET.JAR,jSSE.jar in jre/lib/ext)
>
> Thanks!
>
> Jeff
>
> -----Original Message-----
> From: Jeffery G. Summers [mailto:jsummers@transy.edu]
> Sent: Thursday, February 02, 2006 1:53 PM
> To: 'Tomcat Users List'
> Subject: RE: Port 8443 won't become active
>
> When we contracted our upgrades the consultant installed version 1.4.2 but
> when I just ran "java -version" the box tells me that 1.3.1 is the one
> running in memory! I've never stopped/started java, etc. and I plan on
> making the consultant finish the job on this...but, if I want to try it does
> anyone have a "Quickie Guide" I could use?
>
> Thanks!
>
> Jeff
>
> -----Original Message-----
> From: Peter Crowther [mailto:Peter.Crowther@melandra.com]
> Sent: Thursday, February 02, 2006 12:28 PM
> To: Tomcat Users List
> Subject: RE: Port 8443 won't become active
>
>
>> From: Jeffery G. Summers [mailto:jsummers@transy.edu] Our webserver is
>> an IBM P615C AIX 5.2 box.
>>
>
> Whose JVM and what version?
>
> - Peter
>
>
> Successfully scanned by McAfee SIG 3200 Appliance.
>
>
>
> Successfully Scanned by the McAfee SIG 3200 Appliance.
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
> For additional commands, e-mail: users-help@tomcat.apache.org
>
>
>
> Successfully scanned by McAfee SIG 3200 Appliance.
>
>
>
> Successfully Scanned by the McAfee SIG 3200 Appliance.
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
> For additional commands, e-mail: users-help@tomcat.apache.org
> Classification: UNCLASSIFIED
> Caveats: NONE
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
> For additional commands, e-mail: users-help@tomcat.apache.org
>
>
--
Mike Sabroff
Web Services
Developer
mike.sabroff@cygnusb2b.com
920-568-8379
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org
RE: Port 8443 won't become active (UNCLASSIFIED)
Posted by "Jeffery G. Summers" <js...@transy.edu>.
Yes. Based on Tomcat 5's documentation, we did the following:
keytool -genkey -alias tomcat -keyalg RSA
We edited the server.xml file and uncommented the port 8443 connector and
restarted Tomcat. At that point (according to the docs) port 8443 should be
active.
Previously we tried going through the whole cert process of a root &
intermediate certificate but that didn't do anything either.
Jeff
-----Original Message-----
From: Samara, Fadi N Mr ACSIM/ASPEX [mailto:Fadi.Samara@hqda.army.mil]
Sent: Friday, February 03, 2006 11:33 AM
To: 'Tomcat Users List'
Subject: RE: Port 8443 won't become active (UNCLASSIFIED)
Classification: UNCLASSIFIED
Caveats: NONE
Have you generated key pairs yet ?
-----Original Message-----
From: Jeffery G. Summers [mailto:jsummers@transy.edu]
Sent: Friday, February 03, 2006 11:24 AM
To: 'Tomcat Users List'
Subject: RE: Port 8443 won't become active
OK, so it isn't the java version. I've ensured JAVA_HOME is correct and
that the PATH is pointing to the right version. All the jars are running
through 1.4.2.
I'm stumped. I've gone through various docs/faqs and can't find anything
that helps. I know port 8443 can be activated because I changed the http
port 80 connector to port 8443. I connected to my site using :8443 in the
url but, of course, it's not https.
The only thing I can see that appears to be an issue is this error in the
logs:
Feb 3, 2006 6:57:54 AM org.apache.catalina.startup.Catalina start
SEVERE: Catalina.start: LifecycleException: Protocol handler start
failed: java.io.IOException: Algorithm SunX509 not available
I've no idea how to resolve this issue. Any clues? I've found some obscure
info on changing something called java.secure and making sure a few jar
files exist, but I don't know where this java.secure file is, how it should
be edited (if it really needs it) or where I should get the jar files since
we don't have them (Jcert.JAR , jNET.JAR,jSSE.jar in jre/lib/ext)
Thanks!
Jeff
-----Original Message-----
From: Jeffery G. Summers [mailto:jsummers@transy.edu]
Sent: Thursday, February 02, 2006 1:53 PM
To: 'Tomcat Users List'
Subject: RE: Port 8443 won't become active
When we contracted our upgrades the consultant installed version 1.4.2 but
when I just ran "java -version" the box tells me that 1.3.1 is the one
running in memory! I've never stopped/started java, etc. and I plan on
making the consultant finish the job on this...but, if I want to try it does
anyone have a "Quickie Guide" I could use?
Thanks!
Jeff
-----Original Message-----
From: Peter Crowther [mailto:Peter.Crowther@melandra.com]
Sent: Thursday, February 02, 2006 12:28 PM
To: Tomcat Users List
Subject: RE: Port 8443 won't become active
> From: Jeffery G. Summers [mailto:jsummers@transy.edu] Our webserver is
> an IBM P615C AIX 5.2 box.
Whose JVM and what version?
- Peter
Successfully scanned by McAfee SIG 3200 Appliance.
Successfully Scanned by the McAfee SIG 3200 Appliance.
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org
Successfully scanned by McAfee SIG 3200 Appliance.
Successfully Scanned by the McAfee SIG 3200 Appliance.
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org
Classification: UNCLASSIFIED
Caveats: NONE
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org
Successfully scanned by McAfee SIG 3200 Appliance.
Successfully Scanned by the McAfee SIG 3200 Appliance.
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org