You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@tomcat.apache.org by Tobias Soloschenko <to...@googlemail.com> on 2017/06/01 07:53:41 UTC
Developer quickstart guide for Tomcat with HTTP/2 on macOS
Hi everyone,
a long time ago I tried out to install Apache Tomcat with HTTP/2 support on
macOS. I finally got a short time window to complete a developer quickstart
guide for that:
1. Download XCode from the AppStore
2. Install Brew: http://brew.sh/
3. Download Apache Tomcat binaries > 8.5 http://tomcat.apache.org/
4. Install APR and OPENSSL with “brew install openssl” and “brew install
apr”
5. Create pem files in “apache-tomcat-8.5.15/conf” folder - use “changeit”
every time a password is going to be requested (The commands can be
executed separately or within a shell script):
/usr/local/Cellar/openssl/1.0.2l/bin/openssl genrsa -des3 -out
localhost-rsa-key 1024
/usr/local/Cellar/openssl/1.0.2l/bin/openssl genrsa -out localhost-key 1024
/usr/local/Cellar/openssl/1.0.2l/bin/openssl rsa -in localhost-rsa-key -out
localhost-key
/usr/local/Cellar/openssl/1.0.2l/bin/openssl req -new -key localhost-key
-out localhost-csr
/usr/local/Cellar/openssl/1.0.2l/bin/openssl x509 -req -days 365 -in
localhost-csr -signkey localhost-key -out localhost-crt
cat localhost-key localhost-crt > localhost-rsa-cert.pem
cat localhost-rsa-cert.pem > localhost-rsa-chain.pem
cat localhost-rsa-key > localhost-rsa-key-mod.pem
/usr/local/Cellar/openssl/1.0.2l/bin/openssl rsa -in
localhost-rsa-key-mod.pem -out localhost-rsa-key.pem
6. Uncomment the http/2 connector with protocol
“org.apache.coyote.http11.Http11AprProtocol” in the
"apache-tomcat-8.5.15/conf/server.xml"
7. Tomcat native installation
Extract “apache-tomcat-8.5.15/bin/tomcat-native.tar.gz”
Go into folder “apache-tomcat-8.5.15/bin/tomcat-native-1.2.12-src/native”
Run “./configure --with-apr=/usr/local/Cellar/apr/1.5.2_3/
--with-ssl=/usr/local/Cellar/openssl/1.0.2l”
Run “make”
8. Create a setenv.sh file within the <tomcat>/bin folder and add lines:
LD_LIBRARY_PATH=$LD_LIBRARY_PATH:/usr/local/Cellar/apr/1.5.2_3/libexec/lib:/Applications/apache-tomcat-8.5.15/bin/tomcat-native-1.2.12-src/native/.libs
JAVA_OPTS="-Djava.library.path=/usr/local/Cellar/apr/1.5.2_3/libexec/lib:/Applications/apache-tomcat-8.5.15/bin/tomcat-native-1.2.12-src/native/.libs"
9. Start Server
* Note1: The paths might be adjusted according to the version of openssl /
apr / tomcat-native / tomcat version
Logs:
01-Jun-2017 09:32:46.551 INFO [main]
org.apache.catalina.core.AprLifecycleListener.lifecycleEvent Loaded APR
based Apache Tomcat Native library [1.2.12] using APR version [1.5.2].
01-Jun-2017 09:32:46.551 INFO [main]
org.apache.catalina.core.AprLifecycleListener.lifecycleEvent APR
capabilities: IPv6 [true], sendfile [true], accept filters [false], random
[true].
01-Jun-2017 09:32:46.551 INFO [main]
org.apache.catalina.core.AprLifecycleListener.lifecycleEvent APR/OpenSSL
configuration: useAprConnector [false], useOpenSSL [true]
01-Jun-2017 09:32:46.556 INFO [main]
org.apache.catalina.core.AprLifecycleListener.initializeSSL OpenSSL
successfully initialized [OpenSSL 1.0.2l 25 May 2017]
My question regarding this guide: Is there anything which might be changed
or is bad practice?
thanks in advance / kind regards
Tobias
Re: Developer quickstart guide for Tomcat with HTTP/2 on macOS
Posted by Tobias Soloschenko <to...@googlemail.com>.
Christopher,
> Am 01.06.2017 um 16:33 schrieb Christopher Schultz <ch...@christopherschultz.net>:
>
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA256
>
> Tobias,
>
>> On 6/1/17 3:53 AM, Tobias Soloschenko wrote:
>> a long time ago I tried out to install Apache Tomcat with HTTP/2
>> support on macOS. I finally got a short time window to complete a
>> developer quickstart guide for that:
>
> Wouldn't this all be a lot easier if you used the NIO connector
> instead of APR? No XCode/OpenSSL/tcnative necessary.
>
>> 1. Download XCode from the AppStore
>>
>>
>> 2. Install Brew: http://brew.sh/
>>
>>
>> 3. Download Apache Tomcat binaries > 8.5 http://tomcat.apache.org/
>>
>>
>> 4. Install APR and OPENSSL with “brew install openssl” and “brew
>> install apr”
>>
>>
>> 5. Create pem files in “apache-tomcat-8.5.15/conf” folder - use
>> “changeit” every time a password is going to be requested (The
>> commands can be executed separately or within a shell script):
>>
>> /usr/local/Cellar/openssl/1.0.2l/bin/openssl genrsa -des3 -out
>> localhost-rsa-key 1024
>>
>> /usr/local/Cellar/openssl/1.0.2l/bin/openssl genrsa -out
>> localhost-key 1024
>>
>> /usr/local/Cellar/openssl/1.0.2l/bin/openssl rsa -in
>> localhost-rsa-key -out localhost-key
>>
>> /usr/local/Cellar/openssl/1.0.2l/bin/openssl req -new -key
>> localhost-key -out localhost-csr
>>
>> /usr/local/Cellar/openssl/1.0.2l/bin/openssl x509 -req -days 365
>> -in localhost-csr -signkey localhost-key -out localhost-crt
>>
>> cat localhost-key localhost-crt > localhost-rsa-cert.pem
>>
>> cat localhost-rsa-cert.pem > localhost-rsa-chain.pem
>>
>> cat localhost-rsa-key > localhost-rsa-key-mod.pem
>>
>> /usr/local/Cellar/openssl/1.0.2l/bin/openssl rsa -in
>> localhost-rsa-key-mod.pem -out localhost-rsa-key.pem
>>
>>
>> 6. Uncomment the http/2 connector with protocol
>> “org.apache.coyote.http11.Http11AprProtocol” in the
>> "apache-tomcat-8.5.15/conf/server.xml"
>>
>>
>> 7. Tomcat native installation
>>
>> Extract “apache-tomcat-8.5.15/bin/tomcat-native.tar.gz”
>>
>> Go into folder
>> “apache-tomcat-8.5.15/bin/tomcat-native-1.2.12-src/native”
>>
>> Run “./configure --with-apr=/usr/local/Cellar/apr/1.5.2_3/
>> --with-ssl=/usr/local/Cellar/openssl/1.0.2l”
>>
>> Run “make”
>>
>>
>> 8. Create a setenv.sh file within the <tomcat>/bin folder and add
>> lines:
>>
>> LD_LIBRARY_PATH=$LD_LIBRARY_PATH:/usr/local/Cellar/apr/1.5.2_3/libexec
> /lib:/Applications/apache-tomcat-8.5.15/bin/tomcat-native-1.2.12-src/nat
> ive/.libs
>>
>>
>> JAVA_OPTS="-Djava.library.path=/usr/local/Cellar/apr/1.5.2_3/libexec/l
> ib:/Applications/apache-tomcat-8.5.15/bin/tomcat-native-1.2.12-src/nativ
> e/.libs"
>>
>>
>>
>> 9. Start Server
>>
>>
>> * Note1: The paths might be adjusted according to the version of
>> openssl / apr / tomcat-native / tomcat version
>>
>>
>> Logs:
>>
>> 01-Jun-2017 09:32:46.551 INFO [main]
>> org.apache.catalina.core.AprLifecycleListener.lifecycleEvent Loaded
>> APR based Apache Tomcat Native library [1.2.12] using APR version
>> [1.5.2].
>>
>> 01-Jun-2017 09:32:46.551 INFO [main]
>> org.apache.catalina.core.AprLifecycleListener.lifecycleEvent APR
>> capabilities: IPv6 [true], sendfile [true], accept filters [false],
>> random [true].
>>
>> 01-Jun-2017 09:32:46.551 INFO [main]
>> org.apache.catalina.core.AprLifecycleListener.lifecycleEvent
>> APR/OpenSSL configuration: useAprConnector [false], useOpenSSL
>> [true]
>>
>> 01-Jun-2017 09:32:46.556 INFO [main]
>> org.apache.catalina.core.AprLifecycleListener.initializeSSL
>> OpenSSL successfully initialized [OpenSSL 1.0.2l 25 May 2017]
>>
>>
>> My question regarding this guide: Is there anything which might be
>> changed or is bad practice?
>
> Everything looks good to me.
>
> Whenever I try to build tcnative on my Mac, I find that XCode has
> broken some kind of symlink somewhere that I need to correct in order
> to use clang from the CLI. Some notes about how to work-around that
> would be good.
I was thinking of adding this line as optional. I tried to write a guide sometime ago but failed and switched to jetty. I am very happy that Tomcat with http/2 is running for me because I can test the Apache Wicket http/2 experimental integration on both servers, now.
http://tomcat.10.x6.nabble.com/Apache-Tomcat-9-0-0-M4-and-http-2-on-Mac-OS-X-10-11-4-td5048883.html
Point 5. of this guide shows how to create the symlink.
>
> - -chris
> -----BEGIN PGP SIGNATURE-----
> Comment: GPGTools - http://gpgtools.org
> Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/
>
> iQIcBAEBCAAGBQJZMCXKAAoJEBzwKT+lPKRY7x8P/jvES/2Z5MZOWcq2mHabGkxu
> PDPoi9X+gdWet/ucMToyuI0gHoJe9s51RsqWRn5T4jW+XuOmjgKEpgTM2+qbDwpB
> q3T/ZFWL31YMFwJ3YFOD6MZzQ89MqfK8pLvJ7pIzXjYLWL+8gaAfBXAwg7lmdLr/
> TM5fnl5lwzEw9sTdkNZ+o1bIjbs4PkpxKP7X3vZylnwRVKrP/5q3NQirBiXuG/Dn
> RMlhjAfepog24L/Wja/DAQVgq4EjHfh9KvxytN1WHO7o9x6d9seBCm5PtR+6If3B
> GxvGSfd47AcbA/T2nUnSAPLrGQheUCWw31StFvsNY1n2z6/6iISabRzxHLL3JPf4
> 7Qr92AKt9FVFDlzfHlzYWp+zoRcDX+ApjFUUpeMsp/+ZFDzXbZ/0zRu6J+wnDvMF
> CYRVkv42ct9wXJjEk2WYUint9Hn2xj5BLGMIRk0xFBohFLHMb6eYDeKoAoWGUG/L
> T4HSt7cfW2NWV84TdewfIN2u2fr9Hkpm8QohB0FcFHJ8LSRUXHcdtFRuE25XBnum
> RyQkkpKpaBEsVdZ17EBEX1Kh29Apa7HgpeJ7KCiLHoGkf+OUmYnr3Qm9Tv6zdRWo
> jousTeghGf0/nolys0/+zLkR/lDtjB19r/H2hav7dP7NGxaCio2V2CyWqLwyOcMu
> QkfKDlXIohfm3W9L+m1E
> =X9UM
> -----END PGP SIGNATURE-----
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
> For additional commands, e-mail: users-help@tomcat.apache.org
kind regards
Tobias
Re: Developer quickstart guide for Tomcat with HTTP/2 on macOS
Posted by Tobias Soloschenko <to...@googlemail.com>.
Hi,
what do you think of adding this to wiki or a place to point to?
kind regards
Tobias
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org
Re: Developer quickstart guide for Tomcat with HTTP/2 on macOS
Posted by Mark Thomas <ma...@apache.org>.
On 1 June 2017 17:03:48 BST, Christopher Schultz <ch...@christopherschultz.net> wrote:
>Mark,
>
>On 6/1/17 11:46 AM, Mark Thomas wrote:
>> On 1 June 2017 15:33:46 BST, Christopher Schultz
>> <ch...@christopherschultz.net> wrote:
>>> Tobias,
>>>
>>> On 6/1/17 3:53 AM, Tobias Soloschenko wrote:
>>>> a long time ago I tried out to install Apache Tomcat with
>>>> HTTP/2 support on macOS. I finally got a short time window to
>>>> complete a developer quickstart guide for that:
>>>
>>> Wouldn't this all be a lot easier if you used the NIO connector
>>> instead of APR? No XCode/OpenSSL/tcnative necessary.
>>
>> But then you wouldn't have HTTP/2 support. Well you could have
>> HTTP/2 if you used 9.0 x on Java 9 but there were a few wrinkles
>> running Tomcat on Java 9 the last time I checked.
>
>Oh, I didn't realize that HTTP/2 required the APR connector.
It doesn't. It does require tomcat-native on 8.5.x.
>Funny... there is nothing on the Tomcat 8.5 HTTP/2 page that says
>anything about that requirement:
>http://tomcat.apache.org/tomcat-8.5-doc/config/http2.html
>
>The HTTP/1.1 connector docs allude to this fact:
>http://tomcat.apache.org/tomcat-8.5-doc/config/http.html#HTTP/2_Support
>
>... but it's not explicitly said that the APR connector is required.
>From my reading, NIO+OpenSSL should work. Is that true?
Correct.
>Of course, NIO+OpenSSL requires that libtcnative be available, so the
>only question is whether NIO+OpenSSL is as reliable as the APR
>connector (or vice-versa).
I'd opt for NIO+OpenSSL as my first choice.
Mark
>
>Thanks for putting together this guide, Tobias.
>
>-chris
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org
Re: Developer quickstart guide for Tomcat with HTTP/2 on macOS
Posted by Christopher Schultz <ch...@christopherschultz.net>.
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Mark,
On 6/1/17 11:46 AM, Mark Thomas wrote:
> On 1 June 2017 15:33:46 BST, Christopher Schultz
> <ch...@christopherschultz.net> wrote:
>> Tobias,
>>
>> On 6/1/17 3:53 AM, Tobias Soloschenko wrote:
>>> a long time ago I tried out to install Apache Tomcat with
>>> HTTP/2 support on macOS. I finally got a short time window to
>>> complete a developer quickstart guide for that:
>>
>> Wouldn't this all be a lot easier if you used the NIO connector
>> instead of APR? No XCode/OpenSSL/tcnative necessary.
>
> But then you wouldn't have HTTP/2 support. Well you could have
> HTTP/2 if you used 9.0 x on Java 9 but there were a few wrinkles
> running Tomcat on Java 9 the last time I checked.
Oh, I didn't realize that HTTP/2 required the APR connector.
Funny... there is nothing on the Tomcat 8.5 HTTP/2 page that says
anything about that requirement:
http://tomcat.apache.org/tomcat-8.5-doc/config/http2.html
The HTTP/1.1 connector docs allude to this fact:
http://tomcat.apache.org/tomcat-8.5-doc/config/http.html#HTTP/2_Support
... but it's not explicitly said that the APR connector is required.
- From my reading, NIO+OpenSSL should work. Is that true?
Of course, NIO+OpenSSL requires that libtcnative be available, so the
only question is whether NIO+OpenSSL is as reliable as the APR
connector (or vice-versa).
Thanks for putting together this guide, Tobias.
- -chris
-----BEGIN PGP SIGNATURE-----
Comment: GPGTools - http://gpgtools.org
Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/
iQIcBAEBCAAGBQJZMDrkAAoJEBzwKT+lPKRYua8P/i1L1nX1lJWas/kkuibL4FKs
5pUkt46CIlAqTQ7e0JEyUOd04J5xMsOOvmJbO36eFiRhLzhlOzSUOR6SI+QZWaZv
m38zCov/9pllJEbLK+hjhmrta4Pqj2az499dsVBXH2zY1cSN5JhOosM66YKPpc9s
VVCQVEpj7xxliccGGwJMI5ngMTE9NPIMLSmAvCEgp7bYLHe8Rqh17lKuenWHXud7
bqkCIYHDOIOgRWbrQciatwBW9Hs/hIU1uNLjI4z7Z9wSMLWE/LKYp1vV95aYQ/82
0BV+xzkz1iBgffSnJc0fRLeQovdvzWK9VFlnWQ40u1Q7gLPqMA27QWEPrlJJ7RiF
IeKL33rmAgVt6NXhKl0JFc7qCwplyf8zvyA3+EdZjyPg+3WnkgWwkijcFgWwMsC9
9bxAkc3+q1WRJeGiz4efxyJFiet3G9oIFqnmeJi48mTiCKubnd4tNitP0j6BeF1F
maF5YkMnn5F319A8A8pMYVIQxcJW4ibXJexUryl1BVS4dYOARc1kICFEO+/zPrm/
DGNEpxXgFYiBZeiJel0IrTlZE1Qy/bjzTSZMrwHAdyXQSt7o1TZ7nFnzxxOiNA0H
Ga6JDPnbGLHszD5BVMwrObSuefzqZ5d1ewdmZLflUzVd8m/IERubQyVFTQmPkzhC
/I/7hs/qt+2rVLiZqXs/
=Pw7+
-----END PGP SIGNATURE-----
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org
Re: Developer quickstart guide for Tomcat with HTTP/2 on macOS
Posted by Mark Thomas <ma...@apache.org>.
On 1 June 2017 15:33:46 BST, Christopher Schultz <ch...@christopherschultz.net> wrote:
>Tobias,
>
>On 6/1/17 3:53 AM, Tobias Soloschenko wrote:
>> a long time ago I tried out to install Apache Tomcat with HTTP/2
>> support on macOS. I finally got a short time window to complete a
>> developer quickstart guide for that:
>
>Wouldn't this all be a lot easier if you used the NIO connector
>instead of APR? No XCode/OpenSSL/tcnative necessary.
But then you wouldn't have HTTP/2 support. Well you could have HTTP/2 if you used 9.0 x on Java 9 but there were a few wrinkles running Tomcat on Java 9 the last time I checked.
Mark
>
>> 1. Download XCode from the AppStore
>>
>>
>> 2. Install Brew: http://brew.sh/
>>
>>
>> 3. Download Apache Tomcat binaries > 8.5 http://tomcat.apache.org/
>>
>>
>> 4. Install APR and OPENSSL with “brew install openssl” and “brew
>> install apr”
>>
>>
>> 5. Create pem files in “apache-tomcat-8.5.15/conf” folder - use
>> “changeit” every time a password is going to be requested (The
>> commands can be executed separately or within a shell script):
>>
>> /usr/local/Cellar/openssl/1.0.2l/bin/openssl genrsa -des3 -out
>> localhost-rsa-key 1024
>>
>> /usr/local/Cellar/openssl/1.0.2l/bin/openssl genrsa -out
>> localhost-key 1024
>>
>> /usr/local/Cellar/openssl/1.0.2l/bin/openssl rsa -in
>> localhost-rsa-key -out localhost-key
>>
>> /usr/local/Cellar/openssl/1.0.2l/bin/openssl req -new -key
>> localhost-key -out localhost-csr
>>
>> /usr/local/Cellar/openssl/1.0.2l/bin/openssl x509 -req -days 365
>> -in localhost-csr -signkey localhost-key -out localhost-crt
>>
>> cat localhost-key localhost-crt > localhost-rsa-cert.pem
>>
>> cat localhost-rsa-cert.pem > localhost-rsa-chain.pem
>>
>> cat localhost-rsa-key > localhost-rsa-key-mod.pem
>>
>> /usr/local/Cellar/openssl/1.0.2l/bin/openssl rsa -in
>> localhost-rsa-key-mod.pem -out localhost-rsa-key.pem
>>
>>
>> 6. Uncomment the http/2 connector with protocol
>> “org.apache.coyote.http11.Http11AprProtocol” in the
>> "apache-tomcat-8.5.15/conf/server.xml"
>>
>>
>> 7. Tomcat native installation
>>
>> Extract “apache-tomcat-8.5.15/bin/tomcat-native.tar.gz”
>>
>> Go into folder
>> “apache-tomcat-8.5.15/bin/tomcat-native-1.2.12-src/native”
>>
>> Run “./configure --with-apr=/usr/local/Cellar/apr/1.5.2_3/
>> --with-ssl=/usr/local/Cellar/openssl/1.0.2l”
>>
>> Run “make”
>>
>>
>> 8. Create a setenv.sh file within the <tomcat>/bin folder and add
>> lines:
>>
>>
>LD_LIBRARY_PATH=$LD_LIBRARY_PATH:/usr/local/Cellar/apr/1.5.2_3/libexec
>/lib:/Applications/apache-tomcat-8.5.15/bin/tomcat-native-1.2.12-src/nat
>ive/.libs
>>
>>
>>
>JAVA_OPTS="-Djava.library.path=/usr/local/Cellar/apr/1.5.2_3/libexec/l
>ib:/Applications/apache-tomcat-8.5.15/bin/tomcat-native-1.2.12-src/nativ
>e/.libs"
>>
>>
>>
>> 9. Start Server
>>
>>
>> * Note1: The paths might be adjusted according to the version of
>> openssl / apr / tomcat-native / tomcat version
>>
>>
>> Logs:
>>
>> 01-Jun-2017 09:32:46.551 INFO [main]
>> org.apache.catalina.core.AprLifecycleListener.lifecycleEvent Loaded
>> APR based Apache Tomcat Native library [1.2.12] using APR version
>> [1.5.2].
>>
>> 01-Jun-2017 09:32:46.551 INFO [main]
>> org.apache.catalina.core.AprLifecycleListener.lifecycleEvent APR
>> capabilities: IPv6 [true], sendfile [true], accept filters [false],
>> random [true].
>>
>> 01-Jun-2017 09:32:46.551 INFO [main]
>> org.apache.catalina.core.AprLifecycleListener.lifecycleEvent
>> APR/OpenSSL configuration: useAprConnector [false], useOpenSSL
>> [true]
>>
>> 01-Jun-2017 09:32:46.556 INFO [main]
>> org.apache.catalina.core.AprLifecycleListener.initializeSSL
>> OpenSSL successfully initialized [OpenSSL 1.0.2l 25 May 2017]
>>
>>
>> My question regarding this guide: Is there anything which might be
>> changed or is bad practice?
>
>Everything looks good to me.
>
>Whenever I try to build tcnative on my Mac, I find that XCode has
>broken some kind of symlink somewhere that I need to correct in order
>to use clang from the CLI. Some notes about how to work-around that
>would be good.
>
>-chris
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org
Re: Developer quickstart guide for Tomcat with HTTP/2 on macOS
Posted by Christopher Schultz <ch...@christopherschultz.net>.
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Tobias,
On 6/1/17 3:53 AM, Tobias Soloschenko wrote:
> a long time ago I tried out to install Apache Tomcat with HTTP/2
> support on macOS. I finally got a short time window to complete a
> developer quickstart guide for that:
Wouldn't this all be a lot easier if you used the NIO connector
instead of APR? No XCode/OpenSSL/tcnative necessary.
> 1. Download XCode from the AppStore
>
>
> 2. Install Brew: http://brew.sh/
>
>
> 3. Download Apache Tomcat binaries > 8.5 http://tomcat.apache.org/
>
>
> 4. Install APR and OPENSSL with “brew install openssl” and “brew
> install apr”
>
>
> 5. Create pem files in “apache-tomcat-8.5.15/conf” folder - use
> “changeit” every time a password is going to be requested (The
> commands can be executed separately or within a shell script):
>
> /usr/local/Cellar/openssl/1.0.2l/bin/openssl genrsa -des3 -out
> localhost-rsa-key 1024
>
> /usr/local/Cellar/openssl/1.0.2l/bin/openssl genrsa -out
> localhost-key 1024
>
> /usr/local/Cellar/openssl/1.0.2l/bin/openssl rsa -in
> localhost-rsa-key -out localhost-key
>
> /usr/local/Cellar/openssl/1.0.2l/bin/openssl req -new -key
> localhost-key -out localhost-csr
>
> /usr/local/Cellar/openssl/1.0.2l/bin/openssl x509 -req -days 365
> -in localhost-csr -signkey localhost-key -out localhost-crt
>
> cat localhost-key localhost-crt > localhost-rsa-cert.pem
>
> cat localhost-rsa-cert.pem > localhost-rsa-chain.pem
>
> cat localhost-rsa-key > localhost-rsa-key-mod.pem
>
> /usr/local/Cellar/openssl/1.0.2l/bin/openssl rsa -in
> localhost-rsa-key-mod.pem -out localhost-rsa-key.pem
>
>
> 6. Uncomment the http/2 connector with protocol
> “org.apache.coyote.http11.Http11AprProtocol” in the
> "apache-tomcat-8.5.15/conf/server.xml"
>
>
> 7. Tomcat native installation
>
> Extract “apache-tomcat-8.5.15/bin/tomcat-native.tar.gz”
>
> Go into folder
> “apache-tomcat-8.5.15/bin/tomcat-native-1.2.12-src/native”
>
> Run “./configure --with-apr=/usr/local/Cellar/apr/1.5.2_3/
> --with-ssl=/usr/local/Cellar/openssl/1.0.2l”
>
> Run “make”
>
>
> 8. Create a setenv.sh file within the <tomcat>/bin folder and add
> lines:
>
> LD_LIBRARY_PATH=$LD_LIBRARY_PATH:/usr/local/Cellar/apr/1.5.2_3/libexec
/lib:/Applications/apache-tomcat-8.5.15/bin/tomcat-native-1.2.12-src/nat
ive/.libs
>
>
> JAVA_OPTS="-Djava.library.path=/usr/local/Cellar/apr/1.5.2_3/libexec/l
ib:/Applications/apache-tomcat-8.5.15/bin/tomcat-native-1.2.12-src/nativ
e/.libs"
>
>
>
> 9. Start Server
>
>
> * Note1: The paths might be adjusted according to the version of
> openssl / apr / tomcat-native / tomcat version
>
>
> Logs:
>
> 01-Jun-2017 09:32:46.551 INFO [main]
> org.apache.catalina.core.AprLifecycleListener.lifecycleEvent Loaded
> APR based Apache Tomcat Native library [1.2.12] using APR version
> [1.5.2].
>
> 01-Jun-2017 09:32:46.551 INFO [main]
> org.apache.catalina.core.AprLifecycleListener.lifecycleEvent APR
> capabilities: IPv6 [true], sendfile [true], accept filters [false],
> random [true].
>
> 01-Jun-2017 09:32:46.551 INFO [main]
> org.apache.catalina.core.AprLifecycleListener.lifecycleEvent
> APR/OpenSSL configuration: useAprConnector [false], useOpenSSL
> [true]
>
> 01-Jun-2017 09:32:46.556 INFO [main]
> org.apache.catalina.core.AprLifecycleListener.initializeSSL
> OpenSSL successfully initialized [OpenSSL 1.0.2l 25 May 2017]
>
>
> My question regarding this guide: Is there anything which might be
> changed or is bad practice?
Everything looks good to me.
Whenever I try to build tcnative on my Mac, I find that XCode has
broken some kind of symlink somewhere that I need to correct in order
to use clang from the CLI. Some notes about how to work-around that
would be good.
- -chris
-----BEGIN PGP SIGNATURE-----
Comment: GPGTools - http://gpgtools.org
Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/
iQIcBAEBCAAGBQJZMCXKAAoJEBzwKT+lPKRY7x8P/jvES/2Z5MZOWcq2mHabGkxu
PDPoi9X+gdWet/ucMToyuI0gHoJe9s51RsqWRn5T4jW+XuOmjgKEpgTM2+qbDwpB
q3T/ZFWL31YMFwJ3YFOD6MZzQ89MqfK8pLvJ7pIzXjYLWL+8gaAfBXAwg7lmdLr/
TM5fnl5lwzEw9sTdkNZ+o1bIjbs4PkpxKP7X3vZylnwRVKrP/5q3NQirBiXuG/Dn
RMlhjAfepog24L/Wja/DAQVgq4EjHfh9KvxytN1WHO7o9x6d9seBCm5PtR+6If3B
GxvGSfd47AcbA/T2nUnSAPLrGQheUCWw31StFvsNY1n2z6/6iISabRzxHLL3JPf4
7Qr92AKt9FVFDlzfHlzYWp+zoRcDX+ApjFUUpeMsp/+ZFDzXbZ/0zRu6J+wnDvMF
CYRVkv42ct9wXJjEk2WYUint9Hn2xj5BLGMIRk0xFBohFLHMb6eYDeKoAoWGUG/L
T4HSt7cfW2NWV84TdewfIN2u2fr9Hkpm8QohB0FcFHJ8LSRUXHcdtFRuE25XBnum
RyQkkpKpaBEsVdZ17EBEX1Kh29Apa7HgpeJ7KCiLHoGkf+OUmYnr3Qm9Tv6zdRWo
jousTeghGf0/nolys0/+zLkR/lDtjB19r/H2hav7dP7NGxaCio2V2CyWqLwyOcMu
QkfKDlXIohfm3W9L+m1E
=X9UM
-----END PGP SIGNATURE-----
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org