You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@tomcat.apache.org by Christopher Schultz <ch...@christopherschultz.net> on 2019/02/20 16:11:09 UTC
Re: [OT] Tomcat Apache 7.0.79 upgrade to Latest version
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
John,
On 2/20/19 10:58, John Dale wrote:
> Points taken .. I have a great deal from my cloud provider on a
> wheezy instance, so I have to see if I can negotiate to keep my
> rate. I do a lot of custom MVC and security checks so things are
> nice and tight and I haven't been hacked even though I get several
> thousand attempts a day mostly from China and Iran. I'm also
> kicking around whether to use James or keep using postfix for
> email. With an upgrade to Java 8 I can use the latest james
> release so I'll look into that.
>
> I've been struggling to find a nice block of time for a full
> regression test. It's funny .. I was working for a bank a couple
> of years back that was still on Java 1.6 and that's the way they
> liked it. :)
>
> Did you see the road map for Java 10? Seems like we're moving a
> little too fast sometimes ..
Java 10's dead, baby.
Java 11 will be a long-term-service release. Java 12 is already
available for pre-release.
The biggest step is from 8 -> 9/10/11. Once you are over that, it will
be much better for everyone.
I don't want to have to wait 10 years to get new stuff like TLS 1.3
support or the forthcoming HTTP/3, so I'm happy with the shorter
development cycles Oracle has switched-over to.
- -chris
> On 2/20/19, Christopher Schultz <ch...@christopherschultz.net>
> wrote: John,
>
> On 2/20/19 09:11, John Dale wrote:
>>>> I'm thinking about migrating to 8 soon myself. Maybe I'll
>>>> use this as an opportunity to get started on that .. but I
>>>> think the last time I checked, OpenJDK 7 was supported on
>>>> Wheezy, so I'm thinking I have more to do than just upgrade
>>>> tomcat in my scenario.
>
> Yes. Wheezy is essentially unsupported and I would drop everything
> and upgrade to at least Jessie like right now if I were you.
> Stretch isn't much more work and you'll be good for a few years on
> that.
>
> Stretch has OpenJDK 8 packages. Current version is 1.8.0_181.
>
> Jessie looks like it only has OpenJDK 7 packages. I didn't check
> the backports.
>
>>>> I'll need to update linux, Java, tomcat, then finally my
>>>> apps. But I'm pretty CDO (that's like OCD, but alphabetical)
>>>> about the platform independence of my apps, so that's going
>>>> to be straightforward.
> Make sure you don't waste time upgrading from Tomcat 7 to Tomcat 8.
> Go directly to Tomcat 8.5, since 8.0 is no longer supported.
>
> -chris
>
>>>> On 2/20/19, Nitin Kadam <ni...@gmail.com> wrote:
>>>>> Thanks John for reply..
>>>>>
>>>>> is there any documentation walkthrough for this upgrade
>>>>> available? i am new to Tomcat and doing this 1st time, It
>>>>> will be great help if anyone provide same.
>>>>>
>>>>> On Wed, Feb 20, 2019 at 6:49 PM Olaf Kock
>>>>> <to...@olafkock.de> wrote:
>>>>>
>>>>>>
>>>>>> On 20.02.19 13:57, Nitin Kadam wrote:
>>>>>>> Hello Team,
>>>>>>>
>>>>>>> Can you please guide how we can migrate seamlessly
>>>>>>> from Tomcat apache 7.0.79 to 7.0.92 or any latest
>>>>>>> version that 8.x or 9.x ( Windows 2012 R2 server)escr
>>>>>>
>>>>>> 7.0 to 8.0: https://tomcat.apache.org/migration-8.html
>>>>>>
>>>>>> 8.0 to 8.5: https://tomcat.apache.org/migration-85.html
>>>>>>
>>>>>> 8.x to 9.0: https://tomcat.apache.org/migration-9.html
>>>>>>
>>>>>>> the current environment is configured with SSL
>>>>>>> certificate ( SSL 443)
>>>>>> .jks
>>>>>>> store and needs to upgrade same due to security
>>>>>>> vulnerability detected by Qualys scanner.
>>>>>>
>>>>>> The documents have TLS documentation chapters. If you run
>>>>>> into specific problems, describe them here.
>>>>>>
>>>>>> Olaf
>>>>>>
>>>>>>
>>>>>> -----------------------------------------------------------------
- ---
>
>>>>>>
- -
>>>>>>
>>>>>>
> To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
>>>>>> For additional commands, e-mail:
>>>>>> users-help@tomcat.apache.org
>>>>>>
>>>>>>
>>>>>
>>>>> -- Regards Nitin Kadam (9967688959)
>>>>>
>>>>
>>>> -------------------------------------------------------------------
- --
>>>>
>>>>
>
>>>>
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
>>>> For additional commands, e-mail:
>>>> users-help@tomcat.apache.org
>>>>
>>
>> ---------------------------------------------------------------------
>>
>>
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
>> For additional commands, e-mail: users-help@tomcat.apache.org
>>
>>
>
> ---------------------------------------------------------------------
>
>
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
> For additional commands, e-mail: users-help@tomcat.apache.org
>
-----BEGIN PGP SIGNATURE-----
Comment: Using GnuPG with Thunderbird - https://www.enigmail.net/
iQIzBAEBCAAdFiEEMmKgYcQvxMe7tcJcHPApP6U8pFgFAlxtfBwACgkQHPApP6U8
pFj9NQ//R4TxxfPFCtzZzPhRJqtka6A9MSQ7wfoqvZcVD+Wde/WquelT47lZySam
LqyMwKo3/IN7HUCwYBI6zm7JHPJYHrYv7FU+xH8TgpeSNCmxqKY0CPRQbKEPxY+T
CYiikk/9YFIpKA7QWBMpGO0Fs3/dKX2dwlrC9Bx7gllz5nzG6Vq0SWILOPt7FsEt
cxHpMP9PrAvLOWdeU7CNSk9Mdj2P+ed8ABvQ7WecvMY+gyObkW7OcBo/enuUYbFv
zIPHIsMlDrgsIyU+NSvxuOfjnZGgGzeCL1KeKdqkcykUq1/bODC8ThtRhF2fQ6Rx
/jxgY0L5ycbWxVqZg0eToW680yaspbW5UbfaWbu/XxWPRPXZwlwrtqsEYSBf0wfV
RUbuGwPpBqvOG2dK4meAy6haHwG6fuD3+ko9U522ok313QoqmhCLCepnDDMlHPvL
WlBt/zyqsX1K0hej+upNuAsqRPdZdAf2wUbIwPr2WmiFeA3TUaIlrRffYOolK4Sk
ukTHWQ4kasQzbmQu2gCGvp6G9loPiEWfyjO7vWZqUBTuQhnWoStZwDOxLa35w1y3
9XYmzNagl0Y4ndSpFg7Vg8h6mdZrWGUW8z5iFRoPkgxvkUk4v+nnxRCRtYI2hcBp
m7hRMtB6LA7vFcadySybEqyJvHuZBBvXCbF1nV9n05RerrUdeW8=
=neVF
-----END PGP SIGNATURE-----
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org
Re: [OT] Tomcat Apache 7.0.79 upgrade to Latest version
Posted by Nitin Kadam <ni...@gmail.com>.
Hello Mark,
Thanks for your suggestion it's work like charm.
On Thu, Mar 7, 2019, 6:13 PM Mark Thomas <ma...@apache.org> wrote:
> On 07/03/2019 11:24, Nitin Kadam wrote:
>
> <snip/>
>
> > </pre><p><b>Root Cause</b></p><pre>java.lang.TypeNotPresentException:
> > Type javax.persistence.PersistenceUnit not present
>
> <snip/>
>
> It looks like you are missing the JPA implementation. Check for
> additional JARs that were added to your Tomcat 7 lib directory that you
> didn't add in Tomcat 8.
>
> A better solution would be to package all the JARs the app depends on in
> the WAR file.
>
> Mark
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
> For additional commands, e-mail: users-help@tomcat.apache.org
>
>
Re: [OT] Tomcat Apache 7.0.79 upgrade to Latest version
Posted by Mark Thomas <ma...@apache.org>.
On 07/03/2019 11:24, Nitin Kadam wrote:
<snip/>
> </pre><p><b>Root Cause</b></p><pre>java.lang.TypeNotPresentException:
> Type javax.persistence.PersistenceUnit not present
<snip/>
It looks like you are missing the JPA implementation. Check for
additional JARs that were added to your Tomcat 7 lib directory that you
didn't add in Tomcat 8.
A better solution would be to package all the JARs the app depends on in
the WAR file.
Mark
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org
Re: [OT] Tomcat Apache 7.0.79 upgrade to Latest version
Posted by Nitin Kadam <ni...@gmail.com>.
We upgraded to tomcat 8.5.38 but facing below issue for couple of apps
We developed REST API using Jersey and deployed a WAR file of the same on
Tomcat7 (Exact Version)
It works fine.
We upgraded the Tomcat to the version 8.5.38 and redeployed the WAR file to
this version. We are getting errors while making the REST Calls to the API
In Developer Console we are getting attached error when the API is getting
hit from the Web application.
Below are the logs we get when hitting the API using postman
<!doctype html><html lang="en"><head><title>HTTP Status 500 – Internal
Server Error</title><style type="text/css">h1
{font-family:Tahoma,Arial,sans-serif;color:white;background-color:#525D76;font-size:22px;}
h2
{font-family:Tahoma,Arial,sans-serif;color:white;background-color:#525D76;font-size:16px;}
h3
{font-family:Tahoma,Arial,sans-serif;color:white;background-color:#525D76;font-size:14px;}
body
{font-family:Tahoma,Arial,sans-serif;color:black;background-color:white;} b
{font-family:Tahoma,Arial,sans-serif;color:white;background-color:#525D76;}
p
{font-family:Tahoma,Arial,sans-serif;background:white;color:black;font-size:12px;}
a {color:black;} a.name {color:black;} .line
{height:1px;background-color:#525D76;border:none;}</style></head><body><h1>HTTP
Status 500 – Internal Server Error</h1><hr class="line" /><p><b>Type</b>
Exception Report</p><p><b>Message</b> Servlet.init() for servlet
[GMService] threw exception</p><p><b>Description</b> The server encountered
an unexpected condition that prevented it from fulfilling the
request.</p><p><b>Exception</b></p><pre>javax.servlet.ServletException:
Servlet.init() for servlet [GMService] threw exception
org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:493)
org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:81)
org.apache.catalina.valves.AbstractAccessLogValve.invoke(AbstractAccessLogValve.java:650)
org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:342)
org.apache.coyote.http11.Http11Processor.service(Http11Processor.java:800)
org.apache.coyote.AbstractProcessorLight.process(AbstractProcessorLight.java:66)
org.apache.coyote.AbstractProtocol$ConnectionHandler.process(AbstractProtocol.java:806)
org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.doRun(NioEndpoint.java:1498)
org.apache.tomcat.util.net.SocketProcessorBase.run(SocketProcessorBase.java:49)
java.util.concurrent.ThreadPoolExecutor.runWorker(Unknown
Source)
java.util.concurrent.ThreadPoolExecutor$Worker.run(Unknown
Source)
org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:61)
java.lang.Thread.run(Unknown Source)
</pre><p><b>Root Cause</b></p><pre>java.lang.TypeNotPresentException: Type
javax.persistence.PersistenceUnit not present
sun.reflect.generics.factory.CoreReflectionFactory.makeNamedType(Unknown
Source)
sun.reflect.generics.visitor.Reifier.visitClassTypeSignature(Unknown Source)
sun.reflect.generics.tree.ClassTypeSignature.accept(Unknown
Source)
sun.reflect.generics.visitor.Reifier.reifyTypeArguments(Unknown Source)
sun.reflect.generics.visitor.Reifier.visitClassTypeSignature(Unknown Source)
sun.reflect.generics.tree.ClassTypeSignature.accept(Unknown
Source)
sun.reflect.generics.repository.ClassRepository.getSuperInterfaces(Unknown
Source)
java.lang.Class.getGenericInterfaces(Unknown Source)
com.sun.jersey.core.spi.factory.InjectableProviderFactory.getMetaArguments(InjectableProviderFactory.java:122)
com.sun.jersey.core.spi.factory.InjectableProviderFactory.add(InjectableProviderFactory.java:85)
com.sun.jersey.core.spi.factory.InjectableProviderFactory$1.onAdd(InjectableProviderFactory.java:101)
com.sun.jersey.core.spi.factory.InjectableProviderFactory$1.onAdd(InjectableProviderFactory.java:100)
com.sun.jersey.core.spi.component.ProviderServices.getProvidersAndServices(ProviderServices.java:135)
com.sun.jersey.core.spi.factory.InjectableProviderFactory.configure(InjectableProviderFactory.java:98)
com.sun.jersey.server.impl.application.WebApplicationImpl.initiate(WebApplicationImpl.java:501)
com.sun.jersey.server.impl.application.WebApplicationImpl.initiate(WebApplicationImpl.java:383)
com.sun.jersey.spi.container.servlet.ServletContainer.initiate(ServletContainer.java:377)
com.sun.jersey.spi.container.servlet.ServletContainer$InternalWebComponent.initiate(ServletContainer.java:242)
com.sun.jersey.spi.container.servlet.WebComponent.load(WebComponent.java:449)
com.sun.jersey.spi.container.servlet.WebComponent.init(WebComponent.java:169)
com.sun.jersey.spi.container.servlet.ServletContainer.init(ServletContainer.java:281)
com.sun.jersey.spi.container.servlet.ServletContainer.init(ServletContainer.java:442)
javax.servlet.GenericServlet.init(GenericServlet.java:158)
org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:493)
org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:81)
org.apache.catalina.valves.AbstractAccessLogValve.invoke(AbstractAccessLogValve.java:650)
org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:342)
org.apache.coyote.http11.Http11Processor.service(Http11Processor.java:800)
org.apache.coyote.AbstractProcessorLight.process(AbstractProcessorLight.java:66)
org.apache.coyote.AbstractProtocol$ConnectionHandler.process(AbstractProtocol.java:806)
org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.doRun(NioEndpoint.java:1498)
org.apache.tomcat.util.net.SocketProcessorBase.run(SocketProcessorBase.java:49)
java.util.concurrent.ThreadPoolExecutor.runWorker(Unknown
Source)
java.util.concurrent.ThreadPoolExecutor$Worker.run(Unknown
Source)
org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:61)
java.lang.Thread.run(Unknown Source)
</pre><p><b>Root Cause</b></p><pre>java.lang.ClassNotFoundException:
javax.persistence.PersistenceUnit
org.apache.catalina.loader.WebappClassLoaderBase.loadClass(WebappClassLoaderBase.java:1364)
org.apache.catalina.loader.WebappClassLoaderBase.loadClass(WebappClassLoaderBase.java:1185)
java.lang.Class.forName0(Native Method)
java.lang.Class.forName(Unknown Source)
sun.reflect.generics.factory.CoreReflectionFactory.makeNamedType(Unknown
Source)
sun.reflect.generics.visitor.Reifier.visitClassTypeSignature(Unknown Source)
sun.reflect.generics.tree.ClassTypeSignature.accept(Unknown
Source)
sun.reflect.generics.visitor.Reifier.reifyTypeArguments(Unknown Source)
sun.reflect.generics.visitor.Reifier.visitClassTypeSignature(Unknown Source)
sun.reflect.generics.tree.ClassTypeSignature.accept(Unknown
Source)
sun.reflect.generics.repository.ClassRepository.getSuperInterfaces(Unknown
Source)
java.lang.Class.getGenericInterfaces(Unknown Source)
com.sun.jersey.core.spi.factory.InjectableProviderFactory.getMetaArguments(InjectableProviderFactory.java:122)
com.sun.jersey.core.spi.factory.InjectableProviderFactory.add(InjectableProviderFactory.java:85)
com.sun.jersey.core.spi.factory.InjectableProviderFactory$1.onAdd(InjectableProviderFactory.java:101)
com.sun.jersey.core.spi.factory.InjectableProviderFactory$1.onAdd(InjectableProviderFactory.java:100)
com.sun.jersey.core.spi.component.ProviderServices.getProvidersAndServices(ProviderServices.java:135)
com.sun.jersey.core.spi.factory.InjectableProviderFactory.configure(InjectableProviderFactory.java:98)
com.sun.jersey.server.impl.application.WebApplicationImpl.initiate(WebApplicationImpl.java:501)
com.sun.jersey.server.impl.application.WebApplicationImpl.initiate(WebApplicationImpl.java:383)
com.sun.jersey.spi.container.servlet.ServletContainer.initiate(ServletContainer.java:377)
com.sun.jersey.spi.container.servlet.ServletContainer$InternalWebComponent.initiate(ServletContainer.java:242)
com.sun.jersey.spi.container.servlet.WebComponent.load(WebComponent.java:449)
com.sun.jersey.spi.container.servlet.WebComponent.init(WebComponent.java:169)
com.sun.jersey.spi.container.servlet.ServletContainer.init(ServletContainer.java:281)
com.sun.jersey.spi.container.servlet.ServletContainer.init(ServletContainer.java:442)
javax.servlet.GenericServlet.init(GenericServlet.java:158)
org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:493)
org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:81)
org.apache.catalina.valves.AbstractAccessLogValve.invoke(AbstractAccessLogValve.java:650)
org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:342)
org.apache.coyote.http11.Http11Processor.service(Http11Processor.java:800)
org.apache.coyote.AbstractProcessorLight.process(AbstractProcessorLight.java:66)
org.apache.coyote.AbstractProtocol$ConnectionHandler.process(AbstractProtocol.java:806)
org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.doRun(NioEndpoint.java:1498)
org.apache.tomcat.util.net.SocketProcessorBase.run(SocketProcessorBase.java:49)
java.util.concurrent.ThreadPoolExecutor.runWorker(Unknown
Source)
java.util.concurrent.ThreadPoolExecutor$Worker.run(Unknown
Source)
org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:61)
java.lang.Thread.run(Unknown Source)
</pre><p><b>Note</b> The full stack trace of the root cause is available in
the server logs.</p><hr class="line" /><h3>Apache
Tomcat/8.5.38</h3></body></html>
On Fri, Feb 22, 2019 at 6:58 PM John Dale <jc...@gmail.com> wrote:
> Your call. Not sure on the video .. your applications and particular
> configuration will have bearing on the accuracy of the video. The
> ability to revert if it doesn't work will be key. Don't be afraid to
> take a deep breath and review the migration guides carefully.
>
> I'll try to check some email Saturday morning in case there is
> something specific I can help out with.
>
> Good luck and again .. welcome to Tomcat,
>
> John
>
>
> On 2/21/19, Nitin Kadam <ni...@gmail.com> wrote:
> > Hello ,
> >
> > Thanks for the reply.
> > Yes having the plan to remediate same on weekend, ALready informed them
> > about Challenges of upgrading and impact of any failure.
> >
> > Current vulnerability CVE detected in 7.0.79 is showing is taken care in
> > 7.0.91 tomcat version So thinking of upgrading to the same family
> > version, Which I am thinking will be easier than upgrading to the latest
> > version.
> >
> > Found below Link from Youtube and will be performing same, Please let
> know
> > your thoughts on same.
> >
> > https://www.youtube.com/watch?v=Jvum4TsTnAQ
> >
> >
> >
> >
> >
> > On Thu, Feb 21, 2019 at 6:30 PM John Dale <jc...@gmail.com> wrote:
> >
> >> Are you going to try to do this on Friday night? You might forward
> >> some of our comments to your security team if they want you to change
> >> a tire on a moving vehicle .. it's possible, but not the best
> >> practice.
> >>
> >> Does your security team have the ability to allocate some more
> >> computing resources to your project?
> >>
> >> On 2/21/19, Nitin Kadam <ni...@gmail.com> wrote:
> >> > FOr backup - I will be taking Snapshot backup before doing the upgrade
> >> but
> >> > also going to take folder backup from C: programme Files /Apache
> Tomcat
> >> > folder.
> >> >
> >> > I am continuously getting emails from the internal security team for
> >> > upgrading the version 7.0.79 to the latest version
> >> > need to figure out this ASAP
> >> >
> >> > Apps are hosted in Web apps folders and there are few D3 apps
> >> > which connected with SQL for database
> >> >
> >> >
> >> >
> >> >
> >> > On Wed, Feb 20, 2019 at 9:45 PM John Dale <jc...@gmail.com> wrote:
> >> >
> >> >> Without all of those early adopters to take the flack, we'd never
> know
> >> >> where the enemy bases are .. or something like that. ;)
> >> >>
> >> >> I'm just very glad we have OpenJDK and that my code is very simple.
> >> >>
> >> >> Java 12 .. Uff da!
> >> >>
> >> >>
> >> >>
> >> >> On 2/20/19, Christopher Schultz <ch...@christopherschultz.net>
> wrote:
> >> >> > -----BEGIN PGP SIGNED MESSAGE-----
> >> >> > Hash: SHA256
> >> >> >
> >> >> > John,
> >> >> >
> >> >> > On 2/20/19 10:58, John Dale wrote:
> >> >> >> Points taken .. I have a great deal from my cloud provider on a
> >> >> >> wheezy instance, so I have to see if I can negotiate to keep my
> >> >> >> rate. I do a lot of custom MVC and security checks so things are
> >> >> >> nice and tight and I haven't been hacked even though I get several
> >> >> >> thousand attempts a day mostly from China and Iran. I'm also
> >> >> >> kicking around whether to use James or keep using postfix for
> >> >> >> email. With an upgrade to Java 8 I can use the latest james
> >> >> >> release so I'll look into that.
> >> >> >>
> >> >> >> I've been struggling to find a nice block of time for a full
> >> >> >> regression test. It's funny .. I was working for a bank a couple
> >> >> >> of years back that was still on Java 1.6 and that's the way they
> >> >> >> liked it. :)
> >> >> >>
> >> >> >> Did you see the road map for Java 10? Seems like we're moving a
> >> >> >> little too fast sometimes ..
> >> >> >
> >> >> > Java 10's dead, baby.
> >> >> >
> >> >> > Java 11 will be a long-term-service release. Java 12 is already
> >> >> > available for pre-release.
> >> >> >
> >> >> > The biggest step is from 8 -> 9/10/11. Once you are over that, it
> >> >> > will
> >> >> > be much better for everyone.
> >> >> >
> >> >> > I don't want to have to wait 10 years to get new stuff like TLS 1.3
> >> >> > support or the forthcoming HTTP/3, so I'm happy with the shorter
> >> >> > development cycles Oracle has switched-over to.
> >> >> >
> >> >> > - -chris
> >> >> >
> >> >> >> On 2/20/19, Christopher Schultz <ch...@christopherschultz.net>
> >> >> >> wrote: John,
> >> >> >>
> >> >> >> On 2/20/19 09:11, John Dale wrote:
> >> >> >>>>> I'm thinking about migrating to 8 soon myself. Maybe I'll
> >> >> >>>>> use this as an opportunity to get started on that .. but I
> >> >> >>>>> think the last time I checked, OpenJDK 7 was supported on
> >> >> >>>>> Wheezy, so I'm thinking I have more to do than just upgrade
> >> >> >>>>> tomcat in my scenario.
> >> >> >>
> >> >> >> Yes. Wheezy is essentially unsupported and I would drop everything
> >> >> >> and upgrade to at least Jessie like right now if I were you.
> >> >> >> Stretch isn't much more work and you'll be good for a few years on
> >> >> >> that.
> >> >> >>
> >> >> >> Stretch has OpenJDK 8 packages. Current version is 1.8.0_181.
> >> >> >>
> >> >> >> Jessie looks like it only has OpenJDK 7 packages. I didn't check
> >> >> >> the backports.
> >> >> >>
> >> >> >>>>> I'll need to update linux, Java, tomcat, then finally my
> >> >> >>>>> apps. But I'm pretty CDO (that's like OCD, but alphabetical)
> >> >> >>>>> about the platform independence of my apps, so that's going
> >> >> >>>>> to be straightforward.
> >> >> >> Make sure you don't waste time upgrading from Tomcat 7 to Tomcat
> 8.
> >> >> >> Go directly to Tomcat 8.5, since 8.0 is no longer supported.
> >> >> >>
> >> >> >> -chris
> >> >> >>
> >> >> >>>>> On 2/20/19, Nitin Kadam <ni...@gmail.com> wrote:
> >> >> >>>>>> Thanks John for reply..
> >> >> >>>>>>
> >> >> >>>>>> is there any documentation walkthrough for this upgrade
> >> >> >>>>>> available? i am new to Tomcat and doing this 1st time, It
> >> >> >>>>>> will be great help if anyone provide same.
> >> >> >>>>>>
> >> >> >>>>>> On Wed, Feb 20, 2019 at 6:49 PM Olaf Kock
> >> >> >>>>>> <to...@olafkock.de> wrote:
> >> >> >>>>>>
> >> >> >>>>>>>
> >> >> >>>>>>> On 20.02.19 13:57, Nitin Kadam wrote:
> >> >> >>>>>>>> Hello Team,
> >> >> >>>>>>>>
> >> >> >>>>>>>> Can you please guide how we can migrate seamlessly
> >> >> >>>>>>>> from Tomcat apache 7.0.79 to 7.0.92 or any latest
> >> >> >>>>>>>> version that 8.x or 9.x ( Windows 2012 R2 server)escr
> >> >> >>>>>>>
> >> >> >>>>>>> 7.0 to 8.0: https://tomcat.apache.org/migration-8.html
> >> >> >>>>>>>
> >> >> >>>>>>> 8.0 to 8.5: https://tomcat.apache.org/migration-85.html
> >> >> >>>>>>>
> >> >> >>>>>>> 8.x to 9.0: https://tomcat.apache.org/migration-9.html
> >> >> >>>>>>>
> >> >> >>>>>>>> the current environment is configured with SSL
> >> >> >>>>>>>> certificate ( SSL 443)
> >> >> >>>>>>> .jks
> >> >> >>>>>>>> store and needs to upgrade same due to security
> >> >> >>>>>>>> vulnerability detected by Qualys scanner.
> >> >> >>>>>>>
> >> >> >>>>>>> The documents have TLS documentation chapters. If you run
> >> >> >>>>>>> into specific problems, describe them here.
> >> >> >>>>>>>
> >> >> >>>>>>> Olaf
> >> >> >>>>>>>
> >> >> >>>>>>>
> >> >> >>>>>>>
> >> -----------------------------------------------------------------
> >> >> > - ---
> >> >> >>
> >> >> >>>>>>>
> >> >> > - -
> >> >> >>>>>>>
> >> >> >>>>>>>
> >> >> >> To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
> >> >> >>>>>>> For additional commands, e-mail:
> >> >> >>>>>>> users-help@tomcat.apache.org
> >> >> >>>>>>>
> >> >> >>>>>>>
> >> >> >>>>>>
> >> >> >>>>>> -- Regards Nitin Kadam (9967688959)
> >> >> >>>>>>
> >> >> >>>>>
> >> >> >>>>>
> >> -------------------------------------------------------------------
> >> >> > - --
> >> >> >>>>>
> >> >> >>>>>
> >> >> >>
> >> >> >>>>>
> >> >> > To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
> >> >> >>>>> For additional commands, e-mail:
> >> >> >>>>> users-help@tomcat.apache.org
> >> >> >>>>>
> >> >> >>>
> >> >> >>>
> >> ---------------------------------------------------------------------
> >> >> >>>
> >> >> >>>
> >> >> > To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
> >> >> >>> For additional commands, e-mail: users-help@tomcat.apache.org
> >> >> >>>
> >> >> >>>
> >> >> >>
> >> >> >>
> ---------------------------------------------------------------------
> >> >> >>
> >> >> >>
> >> >> > To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
> >> >> >> For additional commands, e-mail: users-help@tomcat.apache.org
> >> >> >>
> >> >> > -----BEGIN PGP SIGNATURE-----
> >> >> > Comment: Using GnuPG with Thunderbird - https://www.enigmail.net/
> >> >> >
> >> >> > iQIzBAEBCAAdFiEEMmKgYcQvxMe7tcJcHPApP6U8pFgFAlxtfBwACgkQHPApP6U8
> >> >> > pFj9NQ//R4TxxfPFCtzZzPhRJqtka6A9MSQ7wfoqvZcVD+Wde/WquelT47lZySam
> >> >> > LqyMwKo3/IN7HUCwYBI6zm7JHPJYHrYv7FU+xH8TgpeSNCmxqKY0CPRQbKEPxY+T
> >> >> > CYiikk/9YFIpKA7QWBMpGO0Fs3/dKX2dwlrC9Bx7gllz5nzG6Vq0SWILOPt7FsEt
> >> >> > cxHpMP9PrAvLOWdeU7CNSk9Mdj2P+ed8ABvQ7WecvMY+gyObkW7OcBo/enuUYbFv
> >> >> > zIPHIsMlDrgsIyU+NSvxuOfjnZGgGzeCL1KeKdqkcykUq1/bODC8ThtRhF2fQ6Rx
> >> >> > /jxgY0L5ycbWxVqZg0eToW680yaspbW5UbfaWbu/XxWPRPXZwlwrtqsEYSBf0wfV
> >> >> > RUbuGwPpBqvOG2dK4meAy6haHwG6fuD3+ko9U522ok313QoqmhCLCepnDDMlHPvL
> >> >> > WlBt/zyqsX1K0hej+upNuAsqRPdZdAf2wUbIwPr2WmiFeA3TUaIlrRffYOolK4Sk
> >> >> > ukTHWQ4kasQzbmQu2gCGvp6G9loPiEWfyjO7vWZqUBTuQhnWoStZwDOxLa35w1y3
> >> >> > 9XYmzNagl0Y4ndSpFg7Vg8h6mdZrWGUW8z5iFRoPkgxvkUk4v+nnxRCRtYI2hcBp
> >> >> > m7hRMtB6LA7vFcadySybEqyJvHuZBBvXCbF1nV9n05RerrUdeW8=
> >> >> > =neVF
> >> >> > -----END PGP SIGNATURE-----
> >> >> >
> >> >> >
> ---------------------------------------------------------------------
> >> >> > To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
> >> >> > For additional commands, e-mail: users-help@tomcat.apache.org
> >> >> >
> >> >> >
> >> >>
> >> >> ---------------------------------------------------------------------
> >> >> To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
> >> >> For additional commands, e-mail: users-help@tomcat.apache.org
> >> >>
> >> >>
> >> >
> >> > --
> >> > Regards
> >> > Nitin Kadam
> >> > (9967688959)
> >> >
> >>
> >> ---------------------------------------------------------------------
> >> To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
> >> For additional commands, e-mail: users-help@tomcat.apache.org
> >>
> >>
> >
> > --
> > Regards
> > Nitin Kadam
> > (9967688959)
> >
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
> For additional commands, e-mail: users-help@tomcat.apache.org
>
>
--
Regards
Nitin Kadam
(9967688959)
Re: [OT] Tomcat Apache 7.0.79 upgrade to Latest version
Posted by John Dale <jc...@gmail.com>.
Your call. Not sure on the video .. your applications and particular
configuration will have bearing on the accuracy of the video. The
ability to revert if it doesn't work will be key. Don't be afraid to
take a deep breath and review the migration guides carefully.
I'll try to check some email Saturday morning in case there is
something specific I can help out with.
Good luck and again .. welcome to Tomcat,
John
On 2/21/19, Nitin Kadam <ni...@gmail.com> wrote:
> Hello ,
>
> Thanks for the reply.
> Yes having the plan to remediate same on weekend, ALready informed them
> about Challenges of upgrading and impact of any failure.
>
> Current vulnerability CVE detected in 7.0.79 is showing is taken care in
> 7.0.91 tomcat version So thinking of upgrading to the same family
> version, Which I am thinking will be easier than upgrading to the latest
> version.
>
> Found below Link from Youtube and will be performing same, Please let know
> your thoughts on same.
>
> https://www.youtube.com/watch?v=Jvum4TsTnAQ
>
>
>
>
>
> On Thu, Feb 21, 2019 at 6:30 PM John Dale <jc...@gmail.com> wrote:
>
>> Are you going to try to do this on Friday night? You might forward
>> some of our comments to your security team if they want you to change
>> a tire on a moving vehicle .. it's possible, but not the best
>> practice.
>>
>> Does your security team have the ability to allocate some more
>> computing resources to your project?
>>
>> On 2/21/19, Nitin Kadam <ni...@gmail.com> wrote:
>> > FOr backup - I will be taking Snapshot backup before doing the upgrade
>> but
>> > also going to take folder backup from C: programme Files /Apache Tomcat
>> > folder.
>> >
>> > I am continuously getting emails from the internal security team for
>> > upgrading the version 7.0.79 to the latest version
>> > need to figure out this ASAP
>> >
>> > Apps are hosted in Web apps folders and there are few D3 apps
>> > which connected with SQL for database
>> >
>> >
>> >
>> >
>> > On Wed, Feb 20, 2019 at 9:45 PM John Dale <jc...@gmail.com> wrote:
>> >
>> >> Without all of those early adopters to take the flack, we'd never know
>> >> where the enemy bases are .. or something like that. ;)
>> >>
>> >> I'm just very glad we have OpenJDK and that my code is very simple.
>> >>
>> >> Java 12 .. Uff da!
>> >>
>> >>
>> >>
>> >> On 2/20/19, Christopher Schultz <ch...@christopherschultz.net> wrote:
>> >> > -----BEGIN PGP SIGNED MESSAGE-----
>> >> > Hash: SHA256
>> >> >
>> >> > John,
>> >> >
>> >> > On 2/20/19 10:58, John Dale wrote:
>> >> >> Points taken .. I have a great deal from my cloud provider on a
>> >> >> wheezy instance, so I have to see if I can negotiate to keep my
>> >> >> rate. I do a lot of custom MVC and security checks so things are
>> >> >> nice and tight and I haven't been hacked even though I get several
>> >> >> thousand attempts a day mostly from China and Iran. I'm also
>> >> >> kicking around whether to use James or keep using postfix for
>> >> >> email. With an upgrade to Java 8 I can use the latest james
>> >> >> release so I'll look into that.
>> >> >>
>> >> >> I've been struggling to find a nice block of time for a full
>> >> >> regression test. It's funny .. I was working for a bank a couple
>> >> >> of years back that was still on Java 1.6 and that's the way they
>> >> >> liked it. :)
>> >> >>
>> >> >> Did you see the road map for Java 10? Seems like we're moving a
>> >> >> little too fast sometimes ..
>> >> >
>> >> > Java 10's dead, baby.
>> >> >
>> >> > Java 11 will be a long-term-service release. Java 12 is already
>> >> > available for pre-release.
>> >> >
>> >> > The biggest step is from 8 -> 9/10/11. Once you are over that, it
>> >> > will
>> >> > be much better for everyone.
>> >> >
>> >> > I don't want to have to wait 10 years to get new stuff like TLS 1.3
>> >> > support or the forthcoming HTTP/3, so I'm happy with the shorter
>> >> > development cycles Oracle has switched-over to.
>> >> >
>> >> > - -chris
>> >> >
>> >> >> On 2/20/19, Christopher Schultz <ch...@christopherschultz.net>
>> >> >> wrote: John,
>> >> >>
>> >> >> On 2/20/19 09:11, John Dale wrote:
>> >> >>>>> I'm thinking about migrating to 8 soon myself. Maybe I'll
>> >> >>>>> use this as an opportunity to get started on that .. but I
>> >> >>>>> think the last time I checked, OpenJDK 7 was supported on
>> >> >>>>> Wheezy, so I'm thinking I have more to do than just upgrade
>> >> >>>>> tomcat in my scenario.
>> >> >>
>> >> >> Yes. Wheezy is essentially unsupported and I would drop everything
>> >> >> and upgrade to at least Jessie like right now if I were you.
>> >> >> Stretch isn't much more work and you'll be good for a few years on
>> >> >> that.
>> >> >>
>> >> >> Stretch has OpenJDK 8 packages. Current version is 1.8.0_181.
>> >> >>
>> >> >> Jessie looks like it only has OpenJDK 7 packages. I didn't check
>> >> >> the backports.
>> >> >>
>> >> >>>>> I'll need to update linux, Java, tomcat, then finally my
>> >> >>>>> apps. But I'm pretty CDO (that's like OCD, but alphabetical)
>> >> >>>>> about the platform independence of my apps, so that's going
>> >> >>>>> to be straightforward.
>> >> >> Make sure you don't waste time upgrading from Tomcat 7 to Tomcat 8.
>> >> >> Go directly to Tomcat 8.5, since 8.0 is no longer supported.
>> >> >>
>> >> >> -chris
>> >> >>
>> >> >>>>> On 2/20/19, Nitin Kadam <ni...@gmail.com> wrote:
>> >> >>>>>> Thanks John for reply..
>> >> >>>>>>
>> >> >>>>>> is there any documentation walkthrough for this upgrade
>> >> >>>>>> available? i am new to Tomcat and doing this 1st time, It
>> >> >>>>>> will be great help if anyone provide same.
>> >> >>>>>>
>> >> >>>>>> On Wed, Feb 20, 2019 at 6:49 PM Olaf Kock
>> >> >>>>>> <to...@olafkock.de> wrote:
>> >> >>>>>>
>> >> >>>>>>>
>> >> >>>>>>> On 20.02.19 13:57, Nitin Kadam wrote:
>> >> >>>>>>>> Hello Team,
>> >> >>>>>>>>
>> >> >>>>>>>> Can you please guide how we can migrate seamlessly
>> >> >>>>>>>> from Tomcat apache 7.0.79 to 7.0.92 or any latest
>> >> >>>>>>>> version that 8.x or 9.x ( Windows 2012 R2 server)escr
>> >> >>>>>>>
>> >> >>>>>>> 7.0 to 8.0: https://tomcat.apache.org/migration-8.html
>> >> >>>>>>>
>> >> >>>>>>> 8.0 to 8.5: https://tomcat.apache.org/migration-85.html
>> >> >>>>>>>
>> >> >>>>>>> 8.x to 9.0: https://tomcat.apache.org/migration-9.html
>> >> >>>>>>>
>> >> >>>>>>>> the current environment is configured with SSL
>> >> >>>>>>>> certificate ( SSL 443)
>> >> >>>>>>> .jks
>> >> >>>>>>>> store and needs to upgrade same due to security
>> >> >>>>>>>> vulnerability detected by Qualys scanner.
>> >> >>>>>>>
>> >> >>>>>>> The documents have TLS documentation chapters. If you run
>> >> >>>>>>> into specific problems, describe them here.
>> >> >>>>>>>
>> >> >>>>>>> Olaf
>> >> >>>>>>>
>> >> >>>>>>>
>> >> >>>>>>>
>> -----------------------------------------------------------------
>> >> > - ---
>> >> >>
>> >> >>>>>>>
>> >> > - -
>> >> >>>>>>>
>> >> >>>>>>>
>> >> >> To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
>> >> >>>>>>> For additional commands, e-mail:
>> >> >>>>>>> users-help@tomcat.apache.org
>> >> >>>>>>>
>> >> >>>>>>>
>> >> >>>>>>
>> >> >>>>>> -- Regards Nitin Kadam (9967688959)
>> >> >>>>>>
>> >> >>>>>
>> >> >>>>>
>> -------------------------------------------------------------------
>> >> > - --
>> >> >>>>>
>> >> >>>>>
>> >> >>
>> >> >>>>>
>> >> > To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
>> >> >>>>> For additional commands, e-mail:
>> >> >>>>> users-help@tomcat.apache.org
>> >> >>>>>
>> >> >>>
>> >> >>>
>> ---------------------------------------------------------------------
>> >> >>>
>> >> >>>
>> >> > To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
>> >> >>> For additional commands, e-mail: users-help@tomcat.apache.org
>> >> >>>
>> >> >>>
>> >> >>
>> >> >> ---------------------------------------------------------------------
>> >> >>
>> >> >>
>> >> > To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
>> >> >> For additional commands, e-mail: users-help@tomcat.apache.org
>> >> >>
>> >> > -----BEGIN PGP SIGNATURE-----
>> >> > Comment: Using GnuPG with Thunderbird - https://www.enigmail.net/
>> >> >
>> >> > iQIzBAEBCAAdFiEEMmKgYcQvxMe7tcJcHPApP6U8pFgFAlxtfBwACgkQHPApP6U8
>> >> > pFj9NQ//R4TxxfPFCtzZzPhRJqtka6A9MSQ7wfoqvZcVD+Wde/WquelT47lZySam
>> >> > LqyMwKo3/IN7HUCwYBI6zm7JHPJYHrYv7FU+xH8TgpeSNCmxqKY0CPRQbKEPxY+T
>> >> > CYiikk/9YFIpKA7QWBMpGO0Fs3/dKX2dwlrC9Bx7gllz5nzG6Vq0SWILOPt7FsEt
>> >> > cxHpMP9PrAvLOWdeU7CNSk9Mdj2P+ed8ABvQ7WecvMY+gyObkW7OcBo/enuUYbFv
>> >> > zIPHIsMlDrgsIyU+NSvxuOfjnZGgGzeCL1KeKdqkcykUq1/bODC8ThtRhF2fQ6Rx
>> >> > /jxgY0L5ycbWxVqZg0eToW680yaspbW5UbfaWbu/XxWPRPXZwlwrtqsEYSBf0wfV
>> >> > RUbuGwPpBqvOG2dK4meAy6haHwG6fuD3+ko9U522ok313QoqmhCLCepnDDMlHPvL
>> >> > WlBt/zyqsX1K0hej+upNuAsqRPdZdAf2wUbIwPr2WmiFeA3TUaIlrRffYOolK4Sk
>> >> > ukTHWQ4kasQzbmQu2gCGvp6G9loPiEWfyjO7vWZqUBTuQhnWoStZwDOxLa35w1y3
>> >> > 9XYmzNagl0Y4ndSpFg7Vg8h6mdZrWGUW8z5iFRoPkgxvkUk4v+nnxRCRtYI2hcBp
>> >> > m7hRMtB6LA7vFcadySybEqyJvHuZBBvXCbF1nV9n05RerrUdeW8=
>> >> > =neVF
>> >> > -----END PGP SIGNATURE-----
>> >> >
>> >> > ---------------------------------------------------------------------
>> >> > To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
>> >> > For additional commands, e-mail: users-help@tomcat.apache.org
>> >> >
>> >> >
>> >>
>> >> ---------------------------------------------------------------------
>> >> To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
>> >> For additional commands, e-mail: users-help@tomcat.apache.org
>> >>
>> >>
>> >
>> > --
>> > Regards
>> > Nitin Kadam
>> > (9967688959)
>> >
>>
>> ---------------------------------------------------------------------
>> To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
>> For additional commands, e-mail: users-help@tomcat.apache.org
>>
>>
>
> --
> Regards
> Nitin Kadam
> (9967688959)
>
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org
Re: [OT] Tomcat Apache 7.0.79 upgrade to Latest version
Posted by Nitin Kadam <ni...@gmail.com>.
Hello ,
Thanks for the reply.
Yes having the plan to remediate same on weekend, ALready informed them
about Challenges of upgrading and impact of any failure.
Current vulnerability CVE detected in 7.0.79 is showing is taken care in
7.0.91 tomcat version So thinking of upgrading to the same family
version, Which I am thinking will be easier than upgrading to the latest
version.
Found below Link from Youtube and will be performing same, Please let know
your thoughts on same.
https://www.youtube.com/watch?v=Jvum4TsTnAQ
On Thu, Feb 21, 2019 at 6:30 PM John Dale <jc...@gmail.com> wrote:
> Are you going to try to do this on Friday night? You might forward
> some of our comments to your security team if they want you to change
> a tire on a moving vehicle .. it's possible, but not the best
> practice.
>
> Does your security team have the ability to allocate some more
> computing resources to your project?
>
> On 2/21/19, Nitin Kadam <ni...@gmail.com> wrote:
> > FOr backup - I will be taking Snapshot backup before doing the upgrade
> but
> > also going to take folder backup from C: programme Files /Apache Tomcat
> > folder.
> >
> > I am continuously getting emails from the internal security team for
> > upgrading the version 7.0.79 to the latest version
> > need to figure out this ASAP
> >
> > Apps are hosted in Web apps folders and there are few D3 apps
> > which connected with SQL for database
> >
> >
> >
> >
> > On Wed, Feb 20, 2019 at 9:45 PM John Dale <jc...@gmail.com> wrote:
> >
> >> Without all of those early adopters to take the flack, we'd never know
> >> where the enemy bases are .. or something like that. ;)
> >>
> >> I'm just very glad we have OpenJDK and that my code is very simple.
> >>
> >> Java 12 .. Uff da!
> >>
> >>
> >>
> >> On 2/20/19, Christopher Schultz <ch...@christopherschultz.net> wrote:
> >> > -----BEGIN PGP SIGNED MESSAGE-----
> >> > Hash: SHA256
> >> >
> >> > John,
> >> >
> >> > On 2/20/19 10:58, John Dale wrote:
> >> >> Points taken .. I have a great deal from my cloud provider on a
> >> >> wheezy instance, so I have to see if I can negotiate to keep my
> >> >> rate. I do a lot of custom MVC and security checks so things are
> >> >> nice and tight and I haven't been hacked even though I get several
> >> >> thousand attempts a day mostly from China and Iran. I'm also
> >> >> kicking around whether to use James or keep using postfix for
> >> >> email. With an upgrade to Java 8 I can use the latest james
> >> >> release so I'll look into that.
> >> >>
> >> >> I've been struggling to find a nice block of time for a full
> >> >> regression test. It's funny .. I was working for a bank a couple
> >> >> of years back that was still on Java 1.6 and that's the way they
> >> >> liked it. :)
> >> >>
> >> >> Did you see the road map for Java 10? Seems like we're moving a
> >> >> little too fast sometimes ..
> >> >
> >> > Java 10's dead, baby.
> >> >
> >> > Java 11 will be a long-term-service release. Java 12 is already
> >> > available for pre-release.
> >> >
> >> > The biggest step is from 8 -> 9/10/11. Once you are over that, it will
> >> > be much better for everyone.
> >> >
> >> > I don't want to have to wait 10 years to get new stuff like TLS 1.3
> >> > support or the forthcoming HTTP/3, so I'm happy with the shorter
> >> > development cycles Oracle has switched-over to.
> >> >
> >> > - -chris
> >> >
> >> >> On 2/20/19, Christopher Schultz <ch...@christopherschultz.net>
> >> >> wrote: John,
> >> >>
> >> >> On 2/20/19 09:11, John Dale wrote:
> >> >>>>> I'm thinking about migrating to 8 soon myself. Maybe I'll
> >> >>>>> use this as an opportunity to get started on that .. but I
> >> >>>>> think the last time I checked, OpenJDK 7 was supported on
> >> >>>>> Wheezy, so I'm thinking I have more to do than just upgrade
> >> >>>>> tomcat in my scenario.
> >> >>
> >> >> Yes. Wheezy is essentially unsupported and I would drop everything
> >> >> and upgrade to at least Jessie like right now if I were you.
> >> >> Stretch isn't much more work and you'll be good for a few years on
> >> >> that.
> >> >>
> >> >> Stretch has OpenJDK 8 packages. Current version is 1.8.0_181.
> >> >>
> >> >> Jessie looks like it only has OpenJDK 7 packages. I didn't check
> >> >> the backports.
> >> >>
> >> >>>>> I'll need to update linux, Java, tomcat, then finally my
> >> >>>>> apps. But I'm pretty CDO (that's like OCD, but alphabetical)
> >> >>>>> about the platform independence of my apps, so that's going
> >> >>>>> to be straightforward.
> >> >> Make sure you don't waste time upgrading from Tomcat 7 to Tomcat 8.
> >> >> Go directly to Tomcat 8.5, since 8.0 is no longer supported.
> >> >>
> >> >> -chris
> >> >>
> >> >>>>> On 2/20/19, Nitin Kadam <ni...@gmail.com> wrote:
> >> >>>>>> Thanks John for reply..
> >> >>>>>>
> >> >>>>>> is there any documentation walkthrough for this upgrade
> >> >>>>>> available? i am new to Tomcat and doing this 1st time, It
> >> >>>>>> will be great help if anyone provide same.
> >> >>>>>>
> >> >>>>>> On Wed, Feb 20, 2019 at 6:49 PM Olaf Kock
> >> >>>>>> <to...@olafkock.de> wrote:
> >> >>>>>>
> >> >>>>>>>
> >> >>>>>>> On 20.02.19 13:57, Nitin Kadam wrote:
> >> >>>>>>>> Hello Team,
> >> >>>>>>>>
> >> >>>>>>>> Can you please guide how we can migrate seamlessly
> >> >>>>>>>> from Tomcat apache 7.0.79 to 7.0.92 or any latest
> >> >>>>>>>> version that 8.x or 9.x ( Windows 2012 R2 server)escr
> >> >>>>>>>
> >> >>>>>>> 7.0 to 8.0: https://tomcat.apache.org/migration-8.html
> >> >>>>>>>
> >> >>>>>>> 8.0 to 8.5: https://tomcat.apache.org/migration-85.html
> >> >>>>>>>
> >> >>>>>>> 8.x to 9.0: https://tomcat.apache.org/migration-9.html
> >> >>>>>>>
> >> >>>>>>>> the current environment is configured with SSL
> >> >>>>>>>> certificate ( SSL 443)
> >> >>>>>>> .jks
> >> >>>>>>>> store and needs to upgrade same due to security
> >> >>>>>>>> vulnerability detected by Qualys scanner.
> >> >>>>>>>
> >> >>>>>>> The documents have TLS documentation chapters. If you run
> >> >>>>>>> into specific problems, describe them here.
> >> >>>>>>>
> >> >>>>>>> Olaf
> >> >>>>>>>
> >> >>>>>>>
> >> >>>>>>>
> -----------------------------------------------------------------
> >> > - ---
> >> >>
> >> >>>>>>>
> >> > - -
> >> >>>>>>>
> >> >>>>>>>
> >> >> To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
> >> >>>>>>> For additional commands, e-mail:
> >> >>>>>>> users-help@tomcat.apache.org
> >> >>>>>>>
> >> >>>>>>>
> >> >>>>>>
> >> >>>>>> -- Regards Nitin Kadam (9967688959)
> >> >>>>>>
> >> >>>>>
> >> >>>>>
> -------------------------------------------------------------------
> >> > - --
> >> >>>>>
> >> >>>>>
> >> >>
> >> >>>>>
> >> > To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
> >> >>>>> For additional commands, e-mail:
> >> >>>>> users-help@tomcat.apache.org
> >> >>>>>
> >> >>>
> >> >>>
> ---------------------------------------------------------------------
> >> >>>
> >> >>>
> >> > To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
> >> >>> For additional commands, e-mail: users-help@tomcat.apache.org
> >> >>>
> >> >>>
> >> >>
> >> >> ---------------------------------------------------------------------
> >> >>
> >> >>
> >> > To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
> >> >> For additional commands, e-mail: users-help@tomcat.apache.org
> >> >>
> >> > -----BEGIN PGP SIGNATURE-----
> >> > Comment: Using GnuPG with Thunderbird - https://www.enigmail.net/
> >> >
> >> > iQIzBAEBCAAdFiEEMmKgYcQvxMe7tcJcHPApP6U8pFgFAlxtfBwACgkQHPApP6U8
> >> > pFj9NQ//R4TxxfPFCtzZzPhRJqtka6A9MSQ7wfoqvZcVD+Wde/WquelT47lZySam
> >> > LqyMwKo3/IN7HUCwYBI6zm7JHPJYHrYv7FU+xH8TgpeSNCmxqKY0CPRQbKEPxY+T
> >> > CYiikk/9YFIpKA7QWBMpGO0Fs3/dKX2dwlrC9Bx7gllz5nzG6Vq0SWILOPt7FsEt
> >> > cxHpMP9PrAvLOWdeU7CNSk9Mdj2P+ed8ABvQ7WecvMY+gyObkW7OcBo/enuUYbFv
> >> > zIPHIsMlDrgsIyU+NSvxuOfjnZGgGzeCL1KeKdqkcykUq1/bODC8ThtRhF2fQ6Rx
> >> > /jxgY0L5ycbWxVqZg0eToW680yaspbW5UbfaWbu/XxWPRPXZwlwrtqsEYSBf0wfV
> >> > RUbuGwPpBqvOG2dK4meAy6haHwG6fuD3+ko9U522ok313QoqmhCLCepnDDMlHPvL
> >> > WlBt/zyqsX1K0hej+upNuAsqRPdZdAf2wUbIwPr2WmiFeA3TUaIlrRffYOolK4Sk
> >> > ukTHWQ4kasQzbmQu2gCGvp6G9loPiEWfyjO7vWZqUBTuQhnWoStZwDOxLa35w1y3
> >> > 9XYmzNagl0Y4ndSpFg7Vg8h6mdZrWGUW8z5iFRoPkgxvkUk4v+nnxRCRtYI2hcBp
> >> > m7hRMtB6LA7vFcadySybEqyJvHuZBBvXCbF1nV9n05RerrUdeW8=
> >> > =neVF
> >> > -----END PGP SIGNATURE-----
> >> >
> >> > ---------------------------------------------------------------------
> >> > To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
> >> > For additional commands, e-mail: users-help@tomcat.apache.org
> >> >
> >> >
> >>
> >> ---------------------------------------------------------------------
> >> To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
> >> For additional commands, e-mail: users-help@tomcat.apache.org
> >>
> >>
> >
> > --
> > Regards
> > Nitin Kadam
> > (9967688959)
> >
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
> For additional commands, e-mail: users-help@tomcat.apache.org
>
>
--
Regards
Nitin Kadam
(9967688959)
Re: [OT] Tomcat Apache 7.0.79 upgrade to Latest version
Posted by John Dale <jc...@gmail.com>.
Are you going to try to do this on Friday night? You might forward
some of our comments to your security team if they want you to change
a tire on a moving vehicle .. it's possible, but not the best
practice.
Does your security team have the ability to allocate some more
computing resources to your project?
On 2/21/19, Nitin Kadam <ni...@gmail.com> wrote:
> FOr backup - I will be taking Snapshot backup before doing the upgrade but
> also going to take folder backup from C: programme Files /Apache Tomcat
> folder.
>
> I am continuously getting emails from the internal security team for
> upgrading the version 7.0.79 to the latest version
> need to figure out this ASAP
>
> Apps are hosted in Web apps folders and there are few D3 apps
> which connected with SQL for database
>
>
>
>
> On Wed, Feb 20, 2019 at 9:45 PM John Dale <jc...@gmail.com> wrote:
>
>> Without all of those early adopters to take the flack, we'd never know
>> where the enemy bases are .. or something like that. ;)
>>
>> I'm just very glad we have OpenJDK and that my code is very simple.
>>
>> Java 12 .. Uff da!
>>
>>
>>
>> On 2/20/19, Christopher Schultz <ch...@christopherschultz.net> wrote:
>> > -----BEGIN PGP SIGNED MESSAGE-----
>> > Hash: SHA256
>> >
>> > John,
>> >
>> > On 2/20/19 10:58, John Dale wrote:
>> >> Points taken .. I have a great deal from my cloud provider on a
>> >> wheezy instance, so I have to see if I can negotiate to keep my
>> >> rate. I do a lot of custom MVC and security checks so things are
>> >> nice and tight and I haven't been hacked even though I get several
>> >> thousand attempts a day mostly from China and Iran. I'm also
>> >> kicking around whether to use James or keep using postfix for
>> >> email. With an upgrade to Java 8 I can use the latest james
>> >> release so I'll look into that.
>> >>
>> >> I've been struggling to find a nice block of time for a full
>> >> regression test. It's funny .. I was working for a bank a couple
>> >> of years back that was still on Java 1.6 and that's the way they
>> >> liked it. :)
>> >>
>> >> Did you see the road map for Java 10? Seems like we're moving a
>> >> little too fast sometimes ..
>> >
>> > Java 10's dead, baby.
>> >
>> > Java 11 will be a long-term-service release. Java 12 is already
>> > available for pre-release.
>> >
>> > The biggest step is from 8 -> 9/10/11. Once you are over that, it will
>> > be much better for everyone.
>> >
>> > I don't want to have to wait 10 years to get new stuff like TLS 1.3
>> > support or the forthcoming HTTP/3, so I'm happy with the shorter
>> > development cycles Oracle has switched-over to.
>> >
>> > - -chris
>> >
>> >> On 2/20/19, Christopher Schultz <ch...@christopherschultz.net>
>> >> wrote: John,
>> >>
>> >> On 2/20/19 09:11, John Dale wrote:
>> >>>>> I'm thinking about migrating to 8 soon myself. Maybe I'll
>> >>>>> use this as an opportunity to get started on that .. but I
>> >>>>> think the last time I checked, OpenJDK 7 was supported on
>> >>>>> Wheezy, so I'm thinking I have more to do than just upgrade
>> >>>>> tomcat in my scenario.
>> >>
>> >> Yes. Wheezy is essentially unsupported and I would drop everything
>> >> and upgrade to at least Jessie like right now if I were you.
>> >> Stretch isn't much more work and you'll be good for a few years on
>> >> that.
>> >>
>> >> Stretch has OpenJDK 8 packages. Current version is 1.8.0_181.
>> >>
>> >> Jessie looks like it only has OpenJDK 7 packages. I didn't check
>> >> the backports.
>> >>
>> >>>>> I'll need to update linux, Java, tomcat, then finally my
>> >>>>> apps. But I'm pretty CDO (that's like OCD, but alphabetical)
>> >>>>> about the platform independence of my apps, so that's going
>> >>>>> to be straightforward.
>> >> Make sure you don't waste time upgrading from Tomcat 7 to Tomcat 8.
>> >> Go directly to Tomcat 8.5, since 8.0 is no longer supported.
>> >>
>> >> -chris
>> >>
>> >>>>> On 2/20/19, Nitin Kadam <ni...@gmail.com> wrote:
>> >>>>>> Thanks John for reply..
>> >>>>>>
>> >>>>>> is there any documentation walkthrough for this upgrade
>> >>>>>> available? i am new to Tomcat and doing this 1st time, It
>> >>>>>> will be great help if anyone provide same.
>> >>>>>>
>> >>>>>> On Wed, Feb 20, 2019 at 6:49 PM Olaf Kock
>> >>>>>> <to...@olafkock.de> wrote:
>> >>>>>>
>> >>>>>>>
>> >>>>>>> On 20.02.19 13:57, Nitin Kadam wrote:
>> >>>>>>>> Hello Team,
>> >>>>>>>>
>> >>>>>>>> Can you please guide how we can migrate seamlessly
>> >>>>>>>> from Tomcat apache 7.0.79 to 7.0.92 or any latest
>> >>>>>>>> version that 8.x or 9.x ( Windows 2012 R2 server)escr
>> >>>>>>>
>> >>>>>>> 7.0 to 8.0: https://tomcat.apache.org/migration-8.html
>> >>>>>>>
>> >>>>>>> 8.0 to 8.5: https://tomcat.apache.org/migration-85.html
>> >>>>>>>
>> >>>>>>> 8.x to 9.0: https://tomcat.apache.org/migration-9.html
>> >>>>>>>
>> >>>>>>>> the current environment is configured with SSL
>> >>>>>>>> certificate ( SSL 443)
>> >>>>>>> .jks
>> >>>>>>>> store and needs to upgrade same due to security
>> >>>>>>>> vulnerability detected by Qualys scanner.
>> >>>>>>>
>> >>>>>>> The documents have TLS documentation chapters. If you run
>> >>>>>>> into specific problems, describe them here.
>> >>>>>>>
>> >>>>>>> Olaf
>> >>>>>>>
>> >>>>>>>
>> >>>>>>> -----------------------------------------------------------------
>> > - ---
>> >>
>> >>>>>>>
>> > - -
>> >>>>>>>
>> >>>>>>>
>> >> To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
>> >>>>>>> For additional commands, e-mail:
>> >>>>>>> users-help@tomcat.apache.org
>> >>>>>>>
>> >>>>>>>
>> >>>>>>
>> >>>>>> -- Regards Nitin Kadam (9967688959)
>> >>>>>>
>> >>>>>
>> >>>>> -------------------------------------------------------------------
>> > - --
>> >>>>>
>> >>>>>
>> >>
>> >>>>>
>> > To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
>> >>>>> For additional commands, e-mail:
>> >>>>> users-help@tomcat.apache.org
>> >>>>>
>> >>>
>> >>> ---------------------------------------------------------------------
>> >>>
>> >>>
>> > To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
>> >>> For additional commands, e-mail: users-help@tomcat.apache.org
>> >>>
>> >>>
>> >>
>> >> ---------------------------------------------------------------------
>> >>
>> >>
>> > To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
>> >> For additional commands, e-mail: users-help@tomcat.apache.org
>> >>
>> > -----BEGIN PGP SIGNATURE-----
>> > Comment: Using GnuPG with Thunderbird - https://www.enigmail.net/
>> >
>> > iQIzBAEBCAAdFiEEMmKgYcQvxMe7tcJcHPApP6U8pFgFAlxtfBwACgkQHPApP6U8
>> > pFj9NQ//R4TxxfPFCtzZzPhRJqtka6A9MSQ7wfoqvZcVD+Wde/WquelT47lZySam
>> > LqyMwKo3/IN7HUCwYBI6zm7JHPJYHrYv7FU+xH8TgpeSNCmxqKY0CPRQbKEPxY+T
>> > CYiikk/9YFIpKA7QWBMpGO0Fs3/dKX2dwlrC9Bx7gllz5nzG6Vq0SWILOPt7FsEt
>> > cxHpMP9PrAvLOWdeU7CNSk9Mdj2P+ed8ABvQ7WecvMY+gyObkW7OcBo/enuUYbFv
>> > zIPHIsMlDrgsIyU+NSvxuOfjnZGgGzeCL1KeKdqkcykUq1/bODC8ThtRhF2fQ6Rx
>> > /jxgY0L5ycbWxVqZg0eToW680yaspbW5UbfaWbu/XxWPRPXZwlwrtqsEYSBf0wfV
>> > RUbuGwPpBqvOG2dK4meAy6haHwG6fuD3+ko9U522ok313QoqmhCLCepnDDMlHPvL
>> > WlBt/zyqsX1K0hej+upNuAsqRPdZdAf2wUbIwPr2WmiFeA3TUaIlrRffYOolK4Sk
>> > ukTHWQ4kasQzbmQu2gCGvp6G9loPiEWfyjO7vWZqUBTuQhnWoStZwDOxLa35w1y3
>> > 9XYmzNagl0Y4ndSpFg7Vg8h6mdZrWGUW8z5iFRoPkgxvkUk4v+nnxRCRtYI2hcBp
>> > m7hRMtB6LA7vFcadySybEqyJvHuZBBvXCbF1nV9n05RerrUdeW8=
>> > =neVF
>> > -----END PGP SIGNATURE-----
>> >
>> > ---------------------------------------------------------------------
>> > To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
>> > For additional commands, e-mail: users-help@tomcat.apache.org
>> >
>> >
>>
>> ---------------------------------------------------------------------
>> To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
>> For additional commands, e-mail: users-help@tomcat.apache.org
>>
>>
>
> --
> Regards
> Nitin Kadam
> (9967688959)
>
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org
Re: [OT] Tomcat Apache 7.0.79 upgrade to Latest version
Posted by Christopher Schultz <ch...@christopherschultz.net>.
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Nitin,
On 2/21/19 07:47, Nitin Kadam wrote:
> FOr backup - I will be taking Snapshot backup before doing the
> upgrade but also going to take folder backup from C: programme
> Files /Apache Tomcat folder.
>
> I am continuously getting emails from the internal security team
> for upgrading the version 7.0.79 to the latest version need to
> figure out this ASAP
Upgrading from 7.0.79 to 7.0.92 should not be too risky.
Upgrading from 7.0.79 (or 7.0.92) up to 8.5.x will absolutely require
you to test it in another environment before upgrading. There are a
few small things that changed which may significantly affect you. I'm
specifically thinking about the stricter Cookie-parsing that was
introduced in Tomcat 8.5 which may break some of your application's
cookies. (Specifically, ones that are not properly-quoted and/or use
non-ASCII names and values).
If you have Cookie-related problems, my recommendation is that you
modify your application to encode cookie values in a way that
guarantees ASCII-only values. Options include base32/64 encoding, etc.
> Apps are hosted in Web apps folders and there are few D3 apps which
> connected with SQL for database
This should be no problem.
For your 7.0.x -> 8.5.x upgrade, I highly recommend that you start
using split CATALINA_HOME and CATALINA_BASE directories. It makes
"trying" a new version of Tomcat much less painful.
Hope that helps,
- -chris
> On Wed, Feb 20, 2019 at 9:45 PM John Dale <jc...@gmail.com>
> wrote:
>
>> Without all of those early adopters to take the flack, we'd never
>> know where the enemy bases are .. or something like that. ;)
>>
>> I'm just very glad we have OpenJDK and that my code is very
>> simple.
>>
>> Java 12 .. Uff da!
>>
>>
>>
>> On 2/20/19, Christopher Schultz <ch...@christopherschultz.net>
>> wrote:
> John,
>
> On 2/20/19 10:58, John Dale wrote:
>>>>> Points taken .. I have a great deal from my cloud provider
>>>>> on a wheezy instance, so I have to see if I can negotiate
>>>>> to keep my rate. I do a lot of custom MVC and security
>>>>> checks so things are nice and tight and I haven't been
>>>>> hacked even though I get several thousand attempts a day
>>>>> mostly from China and Iran. I'm also kicking around
>>>>> whether to use James or keep using postfix for email. With
>>>>> an upgrade to Java 8 I can use the latest james release so
>>>>> I'll look into that.
>>>>>
>>>>> I've been struggling to find a nice block of time for a
>>>>> full regression test. It's funny .. I was working for a
>>>>> bank a couple of years back that was still on Java 1.6 and
>>>>> that's the way they liked it. :)
>>>>>
>>>>> Did you see the road map for Java 10? Seems like we're
>>>>> moving a little too fast sometimes ..
>
> Java 10's dead, baby.
>
> Java 11 will be a long-term-service release. Java 12 is already
> available for pre-release.
>
> The biggest step is from 8 -> 9/10/11. Once you are over that, it
> will be much better for everyone.
>
> I don't want to have to wait 10 years to get new stuff like TLS
> 1.3 support or the forthcoming HTTP/3, so I'm happy with the
> shorter development cycles Oracle has switched-over to.
>
> -chris
>
>>>>> On 2/20/19, Christopher Schultz
>>>>> <ch...@christopherschultz.net> wrote: John,
>>>>>
>>>>> On 2/20/19 09:11, John Dale wrote:
>>>>>>>> I'm thinking about migrating to 8 soon myself. Maybe
>>>>>>>> I'll use this as an opportunity to get started on
>>>>>>>> that .. but I think the last time I checked, OpenJDK
>>>>>>>> 7 was supported on Wheezy, so I'm thinking I have
>>>>>>>> more to do than just upgrade tomcat in my scenario.
>>>>>
>>>>> Yes. Wheezy is essentially unsupported and I would drop
>>>>> everything and upgrade to at least Jessie like right now if
>>>>> I were you. Stretch isn't much more work and you'll be good
>>>>> for a few years on that.
>>>>>
>>>>> Stretch has OpenJDK 8 packages. Current version is
>>>>> 1.8.0_181.
>>>>>
>>>>> Jessie looks like it only has OpenJDK 7 packages. I didn't
>>>>> check the backports.
>>>>>
>>>>>>>> I'll need to update linux, Java, tomcat, then finally
>>>>>>>> my apps. But I'm pretty CDO (that's like OCD, but
>>>>>>>> alphabetical) about the platform independence of my
>>>>>>>> apps, so that's going to be straightforward.
>>>>> Make sure you don't waste time upgrading from Tomcat 7 to
>>>>> Tomcat 8. Go directly to Tomcat 8.5, since 8.0 is no longer
>>>>> supported.
>>>>>
>>>>> -chris
>>>>>
>>>>>>>> On 2/20/19, Nitin Kadam <ni...@gmail.com>
>>>>>>>> wrote:
>>>>>>>>> Thanks John for reply..
>>>>>>>>>
>>>>>>>>> is there any documentation walkthrough for this
>>>>>>>>> upgrade available? i am new to Tomcat and doing
>>>>>>>>> this 1st time, It will be great help if anyone
>>>>>>>>> provide same.
>>>>>>>>>
>>>>>>>>> On Wed, Feb 20, 2019 at 6:49 PM Olaf Kock
>>>>>>>>> <to...@olafkock.de> wrote:
>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>> On 20.02.19 13:57, Nitin Kadam wrote:
>>>>>>>>>>> Hello Team,
>>>>>>>>>>>
>>>>>>>>>>> Can you please guide how we can migrate
>>>>>>>>>>> seamlessly from Tomcat apache 7.0.79 to 7.0.92
>>>>>>>>>>> or any latest version that 8.x or 9.x ( Windows
>>>>>>>>>>> 2012 R2 server)escr
>>>>>>>>>>
>>>>>>>>>> 7.0 to 8.0:
>>>>>>>>>> https://tomcat.apache.org/migration-8.html
>>>>>>>>>>
>>>>>>>>>> 8.0 to 8.5:
>>>>>>>>>> https://tomcat.apache.org/migration-85.html
>>>>>>>>>>
>>>>>>>>>> 8.x to 9.0:
>>>>>>>>>> https://tomcat.apache.org/migration-9.html
>>>>>>>>>>
>>>>>>>>>>> the current environment is configured with SSL
>>>>>>>>>>> certificate ( SSL 443)
>>>>>>>>>> .jks
>>>>>>>>>>> store and needs to upgrade same due to
>>>>>>>>>>> security vulnerability detected by Qualys
>>>>>>>>>>> scanner.
>>>>>>>>>>
>>>>>>>>>> The documents have TLS documentation chapters. If
>>>>>>>>>> you run into specific problems, describe them
>>>>>>>>>> here.
>>>>>>>>>>
>>>>>>>>>> Olaf
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>> -------------------------------------------------------------
- ----
>
>>>>>>>>>>
- ---
>>>>>
>>>>>>>>>>
> -
>>>>>>>>>>
>>>>>>>>>>
>>>>> To unsubscribe, e-mail:
>>>>> users-unsubscribe@tomcat.apache.org
>>>>>>>>>> For additional commands, e-mail:
>>>>>>>>>> users-help@tomcat.apache.org
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>
>>>>>>>>> -- Regards Nitin Kadam (9967688959)
>>>>>>>>>
>>>>>>>>
>>>>>>>> ---------------------------------------------------------------
- ----
>>>
>>>
>>>>>>>>
- ---------------------------------------------------------------------
>>> To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org For
>>> additional commands, e-mail: users-help@tomcat.apache.org
>>>
>>>
>>
>> ---------------------------------------------------------------------
>>
>>
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
>> For additional commands, e-mail: users-help@tomcat.apache.org
>>
>>
>
-----BEGIN PGP SIGNATURE-----
Comment: Using GnuPG with Thunderbird - https://www.enigmail.net/
iQIzBAEBCAAdFiEEMmKgYcQvxMe7tcJcHPApP6U8pFgFAlxusngACgkQHPApP6U8
pFgE5Q//TQy2bJoayS6ygBWXpT7iSxxhxDw93QC2AEfDb/Z9OVFeQS47FcVvBF0I
t5pcUsulrlf1n7Xn/2ayMAuXN0F/TdxISBQjvCgsIOAO4mj9VdgNbcrAhNohjzCz
uqPuE9tda3044/7zM2SQmmJYWguOM+SyPG6/wJrhhhqtm0d+o+VsaVTcXrF9LWJO
+77NBKnwT0/OR7TJI4IJz40J8+ygfhCM2JyW3p5im0nEEE+T2riNDb+Rk/rFj8iD
30KIjP5vwyRCphSNPPokcLvJsDkzEED4Kto+++eEVhd6JLoi63B5gBAbMcHkamgJ
QXGfRat/MQ4CrxU2KUxZ4fvALcnhZQ3WEpXaORQxnruDF3h7hT5Xf2FXEmNq//EJ
qr/uOaFCFMBjiA9r4ifkuxNrazYgiG6SGPPNYoDXmmJG300cOOTM45znqonWv3uO
Sdz2MqLsNuLlCQ/Zc4Zya3etgNV6IEs3fTx5oVNUF8CIsLoMFisU8AQLUIBmBaT8
iUtvRMd9vTHCFXTjTnfrAYXrqbsnMMNDcoH2RpOOW6BVnMZIysU0WjNtgsFgeS0K
4/opHu5sOrIO1MT0RfdC6oUtXGFyNS74y0Puy6o9owwb5xwc9M6zY3Ch1gfAVTKy
4jkio8l8T4vjKAnEpbaUITpvRKKajJx+S/0YFm0UScZ+6A68Jx0=
=IJiN
-----END PGP SIGNATURE-----
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org
Re: [OT] Tomcat Apache 7.0.79 upgrade to Latest version
Posted by Nitin Kadam <ni...@gmail.com>.
FOr backup - I will be taking Snapshot backup before doing the upgrade but
also going to take folder backup from C: programme Files /Apache Tomcat
folder.
I am continuously getting emails from the internal security team for
upgrading the version 7.0.79 to the latest version
need to figure out this ASAP
Apps are hosted in Web apps folders and there are few D3 apps
which connected with SQL for database
On Wed, Feb 20, 2019 at 9:45 PM John Dale <jc...@gmail.com> wrote:
> Without all of those early adopters to take the flack, we'd never know
> where the enemy bases are .. or something like that. ;)
>
> I'm just very glad we have OpenJDK and that my code is very simple.
>
> Java 12 .. Uff da!
>
>
>
> On 2/20/19, Christopher Schultz <ch...@christopherschultz.net> wrote:
> > -----BEGIN PGP SIGNED MESSAGE-----
> > Hash: SHA256
> >
> > John,
> >
> > On 2/20/19 10:58, John Dale wrote:
> >> Points taken .. I have a great deal from my cloud provider on a
> >> wheezy instance, so I have to see if I can negotiate to keep my
> >> rate. I do a lot of custom MVC and security checks so things are
> >> nice and tight and I haven't been hacked even though I get several
> >> thousand attempts a day mostly from China and Iran. I'm also
> >> kicking around whether to use James or keep using postfix for
> >> email. With an upgrade to Java 8 I can use the latest james
> >> release so I'll look into that.
> >>
> >> I've been struggling to find a nice block of time for a full
> >> regression test. It's funny .. I was working for a bank a couple
> >> of years back that was still on Java 1.6 and that's the way they
> >> liked it. :)
> >>
> >> Did you see the road map for Java 10? Seems like we're moving a
> >> little too fast sometimes ..
> >
> > Java 10's dead, baby.
> >
> > Java 11 will be a long-term-service release. Java 12 is already
> > available for pre-release.
> >
> > The biggest step is from 8 -> 9/10/11. Once you are over that, it will
> > be much better for everyone.
> >
> > I don't want to have to wait 10 years to get new stuff like TLS 1.3
> > support or the forthcoming HTTP/3, so I'm happy with the shorter
> > development cycles Oracle has switched-over to.
> >
> > - -chris
> >
> >> On 2/20/19, Christopher Schultz <ch...@christopherschultz.net>
> >> wrote: John,
> >>
> >> On 2/20/19 09:11, John Dale wrote:
> >>>>> I'm thinking about migrating to 8 soon myself. Maybe I'll
> >>>>> use this as an opportunity to get started on that .. but I
> >>>>> think the last time I checked, OpenJDK 7 was supported on
> >>>>> Wheezy, so I'm thinking I have more to do than just upgrade
> >>>>> tomcat in my scenario.
> >>
> >> Yes. Wheezy is essentially unsupported and I would drop everything
> >> and upgrade to at least Jessie like right now if I were you.
> >> Stretch isn't much more work and you'll be good for a few years on
> >> that.
> >>
> >> Stretch has OpenJDK 8 packages. Current version is 1.8.0_181.
> >>
> >> Jessie looks like it only has OpenJDK 7 packages. I didn't check
> >> the backports.
> >>
> >>>>> I'll need to update linux, Java, tomcat, then finally my
> >>>>> apps. But I'm pretty CDO (that's like OCD, but alphabetical)
> >>>>> about the platform independence of my apps, so that's going
> >>>>> to be straightforward.
> >> Make sure you don't waste time upgrading from Tomcat 7 to Tomcat 8.
> >> Go directly to Tomcat 8.5, since 8.0 is no longer supported.
> >>
> >> -chris
> >>
> >>>>> On 2/20/19, Nitin Kadam <ni...@gmail.com> wrote:
> >>>>>> Thanks John for reply..
> >>>>>>
> >>>>>> is there any documentation walkthrough for this upgrade
> >>>>>> available? i am new to Tomcat and doing this 1st time, It
> >>>>>> will be great help if anyone provide same.
> >>>>>>
> >>>>>> On Wed, Feb 20, 2019 at 6:49 PM Olaf Kock
> >>>>>> <to...@olafkock.de> wrote:
> >>>>>>
> >>>>>>>
> >>>>>>> On 20.02.19 13:57, Nitin Kadam wrote:
> >>>>>>>> Hello Team,
> >>>>>>>>
> >>>>>>>> Can you please guide how we can migrate seamlessly
> >>>>>>>> from Tomcat apache 7.0.79 to 7.0.92 or any latest
> >>>>>>>> version that 8.x or 9.x ( Windows 2012 R2 server)escr
> >>>>>>>
> >>>>>>> 7.0 to 8.0: https://tomcat.apache.org/migration-8.html
> >>>>>>>
> >>>>>>> 8.0 to 8.5: https://tomcat.apache.org/migration-85.html
> >>>>>>>
> >>>>>>> 8.x to 9.0: https://tomcat.apache.org/migration-9.html
> >>>>>>>
> >>>>>>>> the current environment is configured with SSL
> >>>>>>>> certificate ( SSL 443)
> >>>>>>> .jks
> >>>>>>>> store and needs to upgrade same due to security
> >>>>>>>> vulnerability detected by Qualys scanner.
> >>>>>>>
> >>>>>>> The documents have TLS documentation chapters. If you run
> >>>>>>> into specific problems, describe them here.
> >>>>>>>
> >>>>>>> Olaf
> >>>>>>>
> >>>>>>>
> >>>>>>> -----------------------------------------------------------------
> > - ---
> >>
> >>>>>>>
> > - -
> >>>>>>>
> >>>>>>>
> >> To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
> >>>>>>> For additional commands, e-mail:
> >>>>>>> users-help@tomcat.apache.org
> >>>>>>>
> >>>>>>>
> >>>>>>
> >>>>>> -- Regards Nitin Kadam (9967688959)
> >>>>>>
> >>>>>
> >>>>> -------------------------------------------------------------------
> > - --
> >>>>>
> >>>>>
> >>
> >>>>>
> > To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
> >>>>> For additional commands, e-mail:
> >>>>> users-help@tomcat.apache.org
> >>>>>
> >>>
> >>> ---------------------------------------------------------------------
> >>>
> >>>
> > To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
> >>> For additional commands, e-mail: users-help@tomcat.apache.org
> >>>
> >>>
> >>
> >> ---------------------------------------------------------------------
> >>
> >>
> > To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
> >> For additional commands, e-mail: users-help@tomcat.apache.org
> >>
> > -----BEGIN PGP SIGNATURE-----
> > Comment: Using GnuPG with Thunderbird - https://www.enigmail.net/
> >
> > iQIzBAEBCAAdFiEEMmKgYcQvxMe7tcJcHPApP6U8pFgFAlxtfBwACgkQHPApP6U8
> > pFj9NQ//R4TxxfPFCtzZzPhRJqtka6A9MSQ7wfoqvZcVD+Wde/WquelT47lZySam
> > LqyMwKo3/IN7HUCwYBI6zm7JHPJYHrYv7FU+xH8TgpeSNCmxqKY0CPRQbKEPxY+T
> > CYiikk/9YFIpKA7QWBMpGO0Fs3/dKX2dwlrC9Bx7gllz5nzG6Vq0SWILOPt7FsEt
> > cxHpMP9PrAvLOWdeU7CNSk9Mdj2P+ed8ABvQ7WecvMY+gyObkW7OcBo/enuUYbFv
> > zIPHIsMlDrgsIyU+NSvxuOfjnZGgGzeCL1KeKdqkcykUq1/bODC8ThtRhF2fQ6Rx
> > /jxgY0L5ycbWxVqZg0eToW680yaspbW5UbfaWbu/XxWPRPXZwlwrtqsEYSBf0wfV
> > RUbuGwPpBqvOG2dK4meAy6haHwG6fuD3+ko9U522ok313QoqmhCLCepnDDMlHPvL
> > WlBt/zyqsX1K0hej+upNuAsqRPdZdAf2wUbIwPr2WmiFeA3TUaIlrRffYOolK4Sk
> > ukTHWQ4kasQzbmQu2gCGvp6G9loPiEWfyjO7vWZqUBTuQhnWoStZwDOxLa35w1y3
> > 9XYmzNagl0Y4ndSpFg7Vg8h6mdZrWGUW8z5iFRoPkgxvkUk4v+nnxRCRtYI2hcBp
> > m7hRMtB6LA7vFcadySybEqyJvHuZBBvXCbF1nV9n05RerrUdeW8=
> > =neVF
> > -----END PGP SIGNATURE-----
> >
> > ---------------------------------------------------------------------
> > To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
> > For additional commands, e-mail: users-help@tomcat.apache.org
> >
> >
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
> For additional commands, e-mail: users-help@tomcat.apache.org
>
>
--
Regards
Nitin Kadam
(9967688959)
Re: [OT] Tomcat Apache 7.0.79 upgrade to Latest version
Posted by John Dale <jc...@gmail.com>.
Without all of those early adopters to take the flack, we'd never know
where the enemy bases are .. or something like that. ;)
I'm just very glad we have OpenJDK and that my code is very simple.
Java 12 .. Uff da!
On 2/20/19, Christopher Schultz <ch...@christopherschultz.net> wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA256
>
> John,
>
> On 2/20/19 10:58, John Dale wrote:
>> Points taken .. I have a great deal from my cloud provider on a
>> wheezy instance, so I have to see if I can negotiate to keep my
>> rate. I do a lot of custom MVC and security checks so things are
>> nice and tight and I haven't been hacked even though I get several
>> thousand attempts a day mostly from China and Iran. I'm also
>> kicking around whether to use James or keep using postfix for
>> email. With an upgrade to Java 8 I can use the latest james
>> release so I'll look into that.
>>
>> I've been struggling to find a nice block of time for a full
>> regression test. It's funny .. I was working for a bank a couple
>> of years back that was still on Java 1.6 and that's the way they
>> liked it. :)
>>
>> Did you see the road map for Java 10? Seems like we're moving a
>> little too fast sometimes ..
>
> Java 10's dead, baby.
>
> Java 11 will be a long-term-service release. Java 12 is already
> available for pre-release.
>
> The biggest step is from 8 -> 9/10/11. Once you are over that, it will
> be much better for everyone.
>
> I don't want to have to wait 10 years to get new stuff like TLS 1.3
> support or the forthcoming HTTP/3, so I'm happy with the shorter
> development cycles Oracle has switched-over to.
>
> - -chris
>
>> On 2/20/19, Christopher Schultz <ch...@christopherschultz.net>
>> wrote: John,
>>
>> On 2/20/19 09:11, John Dale wrote:
>>>>> I'm thinking about migrating to 8 soon myself. Maybe I'll
>>>>> use this as an opportunity to get started on that .. but I
>>>>> think the last time I checked, OpenJDK 7 was supported on
>>>>> Wheezy, so I'm thinking I have more to do than just upgrade
>>>>> tomcat in my scenario.
>>
>> Yes. Wheezy is essentially unsupported and I would drop everything
>> and upgrade to at least Jessie like right now if I were you.
>> Stretch isn't much more work and you'll be good for a few years on
>> that.
>>
>> Stretch has OpenJDK 8 packages. Current version is 1.8.0_181.
>>
>> Jessie looks like it only has OpenJDK 7 packages. I didn't check
>> the backports.
>>
>>>>> I'll need to update linux, Java, tomcat, then finally my
>>>>> apps. But I'm pretty CDO (that's like OCD, but alphabetical)
>>>>> about the platform independence of my apps, so that's going
>>>>> to be straightforward.
>> Make sure you don't waste time upgrading from Tomcat 7 to Tomcat 8.
>> Go directly to Tomcat 8.5, since 8.0 is no longer supported.
>>
>> -chris
>>
>>>>> On 2/20/19, Nitin Kadam <ni...@gmail.com> wrote:
>>>>>> Thanks John for reply..
>>>>>>
>>>>>> is there any documentation walkthrough for this upgrade
>>>>>> available? i am new to Tomcat and doing this 1st time, It
>>>>>> will be great help if anyone provide same.
>>>>>>
>>>>>> On Wed, Feb 20, 2019 at 6:49 PM Olaf Kock
>>>>>> <to...@olafkock.de> wrote:
>>>>>>
>>>>>>>
>>>>>>> On 20.02.19 13:57, Nitin Kadam wrote:
>>>>>>>> Hello Team,
>>>>>>>>
>>>>>>>> Can you please guide how we can migrate seamlessly
>>>>>>>> from Tomcat apache 7.0.79 to 7.0.92 or any latest
>>>>>>>> version that 8.x or 9.x ( Windows 2012 R2 server)escr
>>>>>>>
>>>>>>> 7.0 to 8.0: https://tomcat.apache.org/migration-8.html
>>>>>>>
>>>>>>> 8.0 to 8.5: https://tomcat.apache.org/migration-85.html
>>>>>>>
>>>>>>> 8.x to 9.0: https://tomcat.apache.org/migration-9.html
>>>>>>>
>>>>>>>> the current environment is configured with SSL
>>>>>>>> certificate ( SSL 443)
>>>>>>> .jks
>>>>>>>> store and needs to upgrade same due to security
>>>>>>>> vulnerability detected by Qualys scanner.
>>>>>>>
>>>>>>> The documents have TLS documentation chapters. If you run
>>>>>>> into specific problems, describe them here.
>>>>>>>
>>>>>>> Olaf
>>>>>>>
>>>>>>>
>>>>>>> -----------------------------------------------------------------
> - ---
>>
>>>>>>>
> - -
>>>>>>>
>>>>>>>
>> To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
>>>>>>> For additional commands, e-mail:
>>>>>>> users-help@tomcat.apache.org
>>>>>>>
>>>>>>>
>>>>>>
>>>>>> -- Regards Nitin Kadam (9967688959)
>>>>>>
>>>>>
>>>>> -------------------------------------------------------------------
> - --
>>>>>
>>>>>
>>
>>>>>
> To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
>>>>> For additional commands, e-mail:
>>>>> users-help@tomcat.apache.org
>>>>>
>>>
>>> ---------------------------------------------------------------------
>>>
>>>
> To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
>>> For additional commands, e-mail: users-help@tomcat.apache.org
>>>
>>>
>>
>> ---------------------------------------------------------------------
>>
>>
> To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
>> For additional commands, e-mail: users-help@tomcat.apache.org
>>
> -----BEGIN PGP SIGNATURE-----
> Comment: Using GnuPG with Thunderbird - https://www.enigmail.net/
>
> iQIzBAEBCAAdFiEEMmKgYcQvxMe7tcJcHPApP6U8pFgFAlxtfBwACgkQHPApP6U8
> pFj9NQ//R4TxxfPFCtzZzPhRJqtka6A9MSQ7wfoqvZcVD+Wde/WquelT47lZySam
> LqyMwKo3/IN7HUCwYBI6zm7JHPJYHrYv7FU+xH8TgpeSNCmxqKY0CPRQbKEPxY+T
> CYiikk/9YFIpKA7QWBMpGO0Fs3/dKX2dwlrC9Bx7gllz5nzG6Vq0SWILOPt7FsEt
> cxHpMP9PrAvLOWdeU7CNSk9Mdj2P+ed8ABvQ7WecvMY+gyObkW7OcBo/enuUYbFv
> zIPHIsMlDrgsIyU+NSvxuOfjnZGgGzeCL1KeKdqkcykUq1/bODC8ThtRhF2fQ6Rx
> /jxgY0L5ycbWxVqZg0eToW680yaspbW5UbfaWbu/XxWPRPXZwlwrtqsEYSBf0wfV
> RUbuGwPpBqvOG2dK4meAy6haHwG6fuD3+ko9U522ok313QoqmhCLCepnDDMlHPvL
> WlBt/zyqsX1K0hej+upNuAsqRPdZdAf2wUbIwPr2WmiFeA3TUaIlrRffYOolK4Sk
> ukTHWQ4kasQzbmQu2gCGvp6G9loPiEWfyjO7vWZqUBTuQhnWoStZwDOxLa35w1y3
> 9XYmzNagl0Y4ndSpFg7Vg8h6mdZrWGUW8z5iFRoPkgxvkUk4v+nnxRCRtYI2hcBp
> m7hRMtB6LA7vFcadySybEqyJvHuZBBvXCbF1nV9n05RerrUdeW8=
> =neVF
> -----END PGP SIGNATURE-----
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
> For additional commands, e-mail: users-help@tomcat.apache.org
>
>
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org