You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@tomcat.apache.org by Mark Thomas <ma...@apache.org> on 2017/10/31 07:23:44 UTC
Re: apr
On 30/10/2017 17:49, Cheltenham, Chris wrote:
> Hello Everyone,
>
> Using OpenSSL 1.0.2k-fips
>
> I am trying to install the apr.
>
> I used several different versions of APR 1.4 through 1.6
>
> Then I compiled tnative 1.1.16, 1.2.x
The latest release of the 1.1.x line is 1.1.34.
Given 1.2.x is a drop-in replacement for 1.1.x and that 1.1.x is
unlikely to see another release, everyone should be using 1.2.x at this
point.
> When I start tomcat I get the same message each time.
>
> 30-Oct-2017 12:51:14.602 INFO [main]
> org.apache.catalina.core.AprLifecycleListener.lifecycleEvent APR/OpenSSL
> configuration: useAprConnector [false], useOpenSSL [true]
>
> 30-Oct-2017 12:51:14.605 SEVERE [main]
> org.apache.catalina.core.AprLifecycleListener.lifecycleEvent Failed to
> initialize the SSLEngine.
>
> org.apache.tomcat.jni.Error: 70023: This function has not been
> implemented on this platform
That looks like an OpenSSL version prior to 1.0.2 is being used.
Mark
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org
RE: apr
Posted by "Cheltenham, Chris" <cc...@philasd.org>.
Chris ,
I do not think FIPS is necessary , no.
I believe that is some federal govt standard?
Listener is default assuming you are referring to server.xml.
===========================
Thank You;
Chris Cheltenham
Technology Services
The School District of Philadelphia
Work # 215-400-5025
Cell # 215-301-6571
-----Original Message-----
From: Christopher Schultz [mailto:chris@christopherschultz.net]
Sent: Tuesday, October 31, 2017 11:48 AM
To: users@tomcat.apache.org
Subject: Re: apr
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Chris,
On 10/31/17 10:41 AM, Cheltenham, Chris wrote:
> Thanks Mark , but where in the error logs do you see I am building
> against 1.0.1?
>
> 31-Oct-2017 10:40:15.243 INFO [main]
> org.apache.catalina.core.AprLifecycleListener.lifecycleEvent Loaded
> APR based Apache Tomcat Native library [1.2.14] using APR version
> [1.6.3].
Thanks for posting this. It was missing from your initial post. It's always
best to confirm that the software agrees with your expectations :
)
> 31-Oct-2017 10:40:15.243 INFO [main]
> org.apache.catalina.core.AprLifecycleListener.lifecycleEvent APR
> capabilities: IPv6 [true], sendfile [true], accept filters [false],
> random [true]. 31-Oct-2017 10:40:15.248 INFO [main]
> org.apache.catalina.core.AprLifecycleListener.lifecycleEvent
> APR/OpenSSL configuration: useAprConnector [false], useOpenSSL [true]
> 31-Oct-2017 10:40:15.250 SEVERE [main]
> org.apache.catalina.core.AprLifecycleListener.lifecycleEvent Failed to
> initialize the SSLEngine. org.apache.tomcat.jni.Error: 70023:
> This function has not been implemented on this platform
Is there no stack trace?
Are you expecting to use FIPS? What does your listener configuration look
like?
- -chris
-----BEGIN PGP SIGNATURE-----
Comment: GPGTools - http://gpgtools.org
Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/
iQIzBAEBCAAdFiEEMmKgYcQvxMe7tcJcHPApP6U8pFgFAln4m0MACgkQHPApP6U8
pFiHDA/+PjekATbmdHU37BPAFr6A9NkEQJfmIDPHq3+ZTQlo3Ukiphht4SU+TZVf
bLoFTCWB83WBT2u76/Oh210p9yjOq9hgEP6uUWhjjIuNQ2BtWpiJLvGcf5j0HbDH
ILpYt5gIsUvFWt50cu8HkiKXLbW0WtLlgthXQlNwfdwgowL4zj5wz8AXGTcl76uN
vJZVjp6GVhmA/aLPc32emSlSU4kVbpaO+sXcSCaubMoiPgh9g7Esbd0vL4lmK2/i
G0o7eZy0sNNvW1oBXY+VGvqhTTpNH/STjc1PJC86O9kl1uvdTRfSv5mTA+izH/p+
eLYBaz81nuLhRryXe9ZKiAtQ1EX2WzwZTEUso+Huar5Ri2kNy2x3ptsm9ZjY4BNv
wiBoxjfz2K/QNijBsjeLWneBIEqDII2eQ3OB80yLtL6JRBksSI2VKZ+G1ELncUyN
cprGwQgrOOXKBWndFBK6ijgA1K8W9ghsR0HIrR9A375k7TJGBqII7L7F51iGmkC3
DXYPa+9ldj04V1dVM0s0R9Kws7JIEKPLWbOPCNRqmwqLZVmXZR1bRFdGEp2lYujX
yyxv+Lb0enpd1QLFcJk3OqCjt1qgiSZojBdCkXSrb3Bgldsi+MdCupOlDjrSRO5U
EklDHVDWVY2UDcc6Yeap1oO3kthXIqPINyoMSankO1W3mMwDxCA=
=9GjN
-----END PGP SIGNATURE-----
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org
Re: apr
Posted by Christopher Schultz <ch...@christopherschultz.net>.
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Chris,
On 10/31/17 12:18 PM, Cheltenham, Chris wrote:
> I will need some help here.
>
> How do I generate a stack trace?
If you are getting an exception in the log file, I'd expect a stack
trace to accompany it. Something that looks like this:
org.apache.catalina.core.AprLifecycleListener.lifecycleEvent Failed to
initialize the SSLEngine. org.apache.tomcat.jni.Error: 70023:
This function has not been implemented on this platform
Caused by: java.foo.BarException
on Foo.java line 25
on Bar.java line 52
...
It's possible that this particular error doesn't generate a stack
trace. If that's the case, we might need to fix that and get you a
custom version of Tomcat that produces more information. For example,
from the error message, I have no idea what function is being
attempted by that particular part of the code.
> TCAT 8.5.23
Are you using Apache Tomcat or are you using TCAT server (a product
from MuleSoft)?
> Many times I rely on stackoverflow or some web site but too often
> they are usually half assed explanations. Or quarter assed.
Error code 70023 = APR_OS_START_ERROR (20000) + APR_OS_ERRSPACE_SIZE
(50000) + 23 which is likely the "real error" here[1].
APR error 23 is "APR_EABOVEROOT" which has no documentation[2], but
which points to this definition[3]:
"
#define APR_STATUS_IS_EABOVEROOT (s) ((s) == APR_EABOVEROOT)
The given path was above the root path.
"
So... how about that <Listener> configuration?
> Listener is default assuming you are referring to server.xml.
Hmm. Maybe the problem is with a TLS-enabled <Connector> with some
paths in it? Can you please post any APR-based <Connector>s you have,
with any secrets removed?
> I do not think FIPS is necessary , no.
Okay.
> I believe that is some federal govt standard?
Yes, it's a (mostly useless IMO) US federal standard that mandates the
use of certain algorithms and also requires that the code being used
be certified and self-certifying on startup. At first, I thought you
might be having a problem entering FIPS mode, but that seems unlikely
given what I uncovered above.
- -chris
[1]
https://apr.apache.org/docs/apr/1.6/group__apr__errno.html#ga191894048b7
bd0cca3cf0bdff1eb695b
and
https://apr.apache.org/docs/apr/1.6/group__apr__errno.html#gadb8d97e6836
ccdc57b43b6119a5acccf
[2]
https://apr.apache.org/docs/apr/1.6/group___a_p_r___error.html#ga4828cc0
4f97dc7bed691456adf7c073e
[3]
https://apr.apache.org/docs/apr/1.6/group___a_p_r___s_t_a_t_u_s___i_s.ht
ml#ga641527647de2537c1946a0b2ef07e411
-----BEGIN PGP SIGNATURE-----
Comment: GPGTools - http://gpgtools.org
Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/
iQIzBAEBCAAdFiEEMmKgYcQvxMe7tcJcHPApP6U8pFgFAln6HeIACgkQHPApP6U8
pFhRcQ//VRoiHOKqltO7ePUzskqYa7T5DyQkz74OAHqoEK0CW18ktFWm/1gCkT5n
OL2SS3v6ZW56ZxpabczjMkpSy3xu0ABBbgacYg8VXGUxqyjxipf0s6jE2r2VaH4Z
eGkIWStrNe0LwgRp90MkREon+RW82JA5IQdnC2P6PZdwIA7k8JIgkmHYFyJpCDvT
raoILhaAoCFE7hMccZFqFU4T4DpH8+MMQp5obj6gkFoBQlRptSRNXIsLVEDfpHEQ
/WJ/TN040ASXLUpxy5uNx6nP7BzXtylOk3ce00zFZZUVlONZXpBmJkY27tVbfbAe
pRq4osbTSpNI7yET0NdSd5aH+Z3pcUHVD6zdellpT+gL4bRuOkhzmMZMykAYftpj
Hfh+VvdK0QqVKIy4WNHAcHPft96nFE6Cca43pwoydRc2OsstMs2fk2uekLym31KK
46b+BN+cJW4G2VLpZ0Z7H7UslZE04bn4gcX6z2Lm0Rd/+x1/07S1vWN9WcyGyGXJ
kLrriEPVLq82zBELBe/c36VADrkqzGzfzQGouBXSIBlnhGKwZ717QqeiK/3u9goP
9cuu9htXVkghx5kCEThtJIZrWDI497+4vP6KXcmrggEya6odcotljUPOlFmzH2UI
jNcu5vAPp2Yn8pPa+xv7n4MVXWNuXJLBGa/cQkFx6mLXEk2YZqA=
=xpKi
-----END PGP SIGNATURE-----
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org
RE: apr
Posted by "Cheltenham, Chris" <cc...@philasd.org>.
I will need some help here.
How do I generate a stack trace?
TCAT 8.5.23
Many times I rely on stackoverflow or some web site but too often they are
usually half assed explanations.
Or quarter assed.
===========================
Thank You;
Chris Cheltenham
Technology Services
The School District of Philadelphia
Work # 215-400-5025
Cell # 215-301-6571
-----Original Message-----
From: Christopher Schultz [mailto:chris@christopherschultz.net]
Sent: Tuesday, October 31, 2017 11:48 AM
To: users@tomcat.apache.org
Subject: Re: apr
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Chris,
On 10/31/17 10:41 AM, Cheltenham, Chris wrote:
> Thanks Mark , but where in the error logs do you see I am building
> against 1.0.1?
>
> 31-Oct-2017 10:40:15.243 INFO [main]
> org.apache.catalina.core.AprLifecycleListener.lifecycleEvent Loaded
> APR based Apache Tomcat Native library [1.2.14] using APR version
> [1.6.3].
Thanks for posting this. It was missing from your initial post. It's always
best to confirm that the software agrees with your expectations :
)
> 31-Oct-2017 10:40:15.243 INFO [main]
> org.apache.catalina.core.AprLifecycleListener.lifecycleEvent APR
> capabilities: IPv6 [true], sendfile [true], accept filters [false],
> random [true]. 31-Oct-2017 10:40:15.248 INFO [main]
> org.apache.catalina.core.AprLifecycleListener.lifecycleEvent
> APR/OpenSSL configuration: useAprConnector [false], useOpenSSL [true]
> 31-Oct-2017 10:40:15.250 SEVERE [main]
> org.apache.catalina.core.AprLifecycleListener.lifecycleEvent Failed to
> initialize the SSLEngine. org.apache.tomcat.jni.Error: 70023:
> This function has not been implemented on this platform
Is there no stack trace?
Are you expecting to use FIPS? What does your listener configuration look
like?
- -chris
-----BEGIN PGP SIGNATURE-----
Comment: GPGTools - http://gpgtools.org
Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/
iQIzBAEBCAAdFiEEMmKgYcQvxMe7tcJcHPApP6U8pFgFAln4m0MACgkQHPApP6U8
pFiHDA/+PjekATbmdHU37BPAFr6A9NkEQJfmIDPHq3+ZTQlo3Ukiphht4SU+TZVf
bLoFTCWB83WBT2u76/Oh210p9yjOq9hgEP6uUWhjjIuNQ2BtWpiJLvGcf5j0HbDH
ILpYt5gIsUvFWt50cu8HkiKXLbW0WtLlgthXQlNwfdwgowL4zj5wz8AXGTcl76uN
vJZVjp6GVhmA/aLPc32emSlSU4kVbpaO+sXcSCaubMoiPgh9g7Esbd0vL4lmK2/i
G0o7eZy0sNNvW1oBXY+VGvqhTTpNH/STjc1PJC86O9kl1uvdTRfSv5mTA+izH/p+
eLYBaz81nuLhRryXe9ZKiAtQ1EX2WzwZTEUso+Huar5Ri2kNy2x3ptsm9ZjY4BNv
wiBoxjfz2K/QNijBsjeLWneBIEqDII2eQ3OB80yLtL6JRBksSI2VKZ+G1ELncUyN
cprGwQgrOOXKBWndFBK6ijgA1K8W9ghsR0HIrR9A375k7TJGBqII7L7F51iGmkC3
DXYPa+9ldj04V1dVM0s0R9Kws7JIEKPLWbOPCNRqmwqLZVmXZR1bRFdGEp2lYujX
yyxv+Lb0enpd1QLFcJk3OqCjt1qgiSZojBdCkXSrb3Bgldsi+MdCupOlDjrSRO5U
EklDHVDWVY2UDcc6Yeap1oO3kthXIqPINyoMSankO1W3mMwDxCA=
=9GjN
-----END PGP SIGNATURE-----
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org
Re: apr
Posted by Christopher Schultz <ch...@christopherschultz.net>.
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Chris,
On 10/31/17 10:41 AM, Cheltenham, Chris wrote:
> Thanks Mark , but where in the error logs do you see I am building
> against 1.0.1?
>
> 31-Oct-2017 10:40:15.243 INFO [main]
> org.apache.catalina.core.AprLifecycleListener.lifecycleEvent Loaded
> APR based Apache Tomcat Native library [1.2.14] using APR version
> [1.6.3].
Thanks for posting this. It was missing from your initial post. It's
always best to confirm that the software agrees with your expectations :
)
> 31-Oct-2017 10:40:15.243 INFO [main]
> org.apache.catalina.core.AprLifecycleListener.lifecycleEvent APR
> capabilities: IPv6 [true], sendfile [true], accept filters [false],
> random [true]. 31-Oct-2017 10:40:15.248 INFO [main]
> org.apache.catalina.core.AprLifecycleListener.lifecycleEvent
> APR/OpenSSL configuration: useAprConnector [false], useOpenSSL
> [true] 31-Oct-2017 10:40:15.250 SEVERE [main]
> org.apache.catalina.core.AprLifecycleListener.lifecycleEvent Failed
> to initialize the SSLEngine. org.apache.tomcat.jni.Error: 70023:
> This function has not been implemented on this platform
Is there no stack trace?
Are you expecting to use FIPS? What does your listener configuration
look like?
- -chris
-----BEGIN PGP SIGNATURE-----
Comment: GPGTools - http://gpgtools.org
Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/
iQIzBAEBCAAdFiEEMmKgYcQvxMe7tcJcHPApP6U8pFgFAln4m0MACgkQHPApP6U8
pFiHDA/+PjekATbmdHU37BPAFr6A9NkEQJfmIDPHq3+ZTQlo3Ukiphht4SU+TZVf
bLoFTCWB83WBT2u76/Oh210p9yjOq9hgEP6uUWhjjIuNQ2BtWpiJLvGcf5j0HbDH
ILpYt5gIsUvFWt50cu8HkiKXLbW0WtLlgthXQlNwfdwgowL4zj5wz8AXGTcl76uN
vJZVjp6GVhmA/aLPc32emSlSU4kVbpaO+sXcSCaubMoiPgh9g7Esbd0vL4lmK2/i
G0o7eZy0sNNvW1oBXY+VGvqhTTpNH/STjc1PJC86O9kl1uvdTRfSv5mTA+izH/p+
eLYBaz81nuLhRryXe9ZKiAtQ1EX2WzwZTEUso+Huar5Ri2kNy2x3ptsm9ZjY4BNv
wiBoxjfz2K/QNijBsjeLWneBIEqDII2eQ3OB80yLtL6JRBksSI2VKZ+G1ELncUyN
cprGwQgrOOXKBWndFBK6ijgA1K8W9ghsR0HIrR9A375k7TJGBqII7L7F51iGmkC3
DXYPa+9ldj04V1dVM0s0R9Kws7JIEKPLWbOPCNRqmwqLZVmXZR1bRFdGEp2lYujX
yyxv+Lb0enpd1QLFcJk3OqCjt1qgiSZojBdCkXSrb3Bgldsi+MdCupOlDjrSRO5U
EklDHVDWVY2UDcc6Yeap1oO3kthXIqPINyoMSankO1W3mMwDxCA=
=9GjN
-----END PGP SIGNATURE-----
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org
RE: apr
Posted by "Cheltenham, Chris" <cc...@philasd.org>.
Mark,
It’s the openssl that comes with CentoOS 7 so I'm sure its old.
RHEL is usually several version behind the bleeding edge.
It is 1.0.2 k its relatively new and should be ok.
===========================
Thank You;
Chris Cheltenham
Technology Services
The School District of Philadelphia
Work # 215-400-5025
Cell # 215-301-6571
-----Original Message-----
From: Mark Thomas [mailto:markt@apache.org]
Sent: Tuesday, October 31, 2017 12:47 PM
To: Tomcat Users List <us...@tomcat.apache.org>
Subject: Re: apr
On 31/10/17 14:41, Cheltenham, Chris wrote:
> Thanks Mark , but where in the error logs do you see I am building
> against 1.0.1?
<snip/>
> 31-Oct-2017 10:40:15.250 SEVERE [main]
> org.apache.catalina.core.AprLifecycleListener.lifecycleEvent Failed to
> initialize the SSLEngine.
> org.apache.tomcat.jni.Error: 70023: This function has not been
> implemented on this platform
That is what this suggests to me. I guess it is also possible that 1.0.2 has
been compiled with non-default options that excludes features Tomcat needs.
I haven't dug into the source to see.
Mark
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org
Re: apr
Posted by Mark Thomas <ma...@apache.org>.
On 31/10/17 14:41, Cheltenham, Chris wrote:
> Thanks Mark , but where in the error logs do you see I am building against
> 1.0.1?
<snip/>
> 31-Oct-2017 10:40:15.250 SEVERE [main]
> org.apache.catalina.core.AprLifecycleListener.lifecycleEvent Failed to
> initialize the SSLEngine.
> org.apache.tomcat.jni.Error: 70023: This function has not been implemented
> on this platform
That is what this suggests to me. I guess it is also possible that 1.0.2
has been compiled with non-default options that excludes features Tomcat
needs. I haven't dug into the source to see.
Mark
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org
RE: apr
Posted by "Cheltenham, Chris" <cc...@philasd.org>.
Thanks Mark , but where in the error logs do you see I am building against
1.0.1?
31-Oct-2017 10:40:15.243 INFO [main]
org.apache.catalina.core.AprLifecycleListener.lifecycleEvent Loaded APR
based Apache Tomcat Native library [1.2.14] using APR version [1.6.3].
31-Oct-2017 10:40:15.243 INFO [main]
org.apache.catalina.core.AprLifecycleListener.lifecycleEvent APR
capabilities: IPv6 [true], sendfile [true], accept filters [false], random
[true].
31-Oct-2017 10:40:15.248 INFO [main]
org.apache.catalina.core.AprLifecycleListener.lifecycleEvent APR/OpenSSL
configuration: useAprConnector [false], useOpenSSL [true]
31-Oct-2017 10:40:15.250 SEVERE [main]
org.apache.catalina.core.AprLifecycleListener.lifecycleEvent Failed to
initialize the SSLEngine.
org.apache.tomcat.jni.Error: 70023: This function has not been implemented
on this platform
===========================
Thank You;
Chris Cheltenham
Technology Services
The School District of Philadelphia
Work # 215-400-5025
Cell # 215-301-6571
-----Original Message-----
From: Mark Thomas [mailto:markt@apache.org]
Sent: Tuesday, October 31, 2017 10:08 AM
To: Tomcat Users List <us...@tomcat.apache.org>
Subject: Re: apr
On 31/10/17 12:19, Cheltenham, Chris wrote:
> Mark,
>
> I am not sure what you are saying.
>
> I tried apr 1.4.8 through 1.6.2
> With
> Tnative 1.1.16 through 1.2.14
>
> I get the same openssl error every time.
>
> I am using CentOS's install and its 1.0.2k FIPS
>
> I appreciate your help but I don't understand what you are trying to
> tell me.
It appears that you aren't building against the OpenSSL version you think
you are. It looks like you are building against OpenSSL 1.0.1 or earlier. I
can't think of any other reason for you to see the error message you are
seeing.
Other than that, concentrate on using the latest APR and Tomcat Native.
Mark
>
>
>
> ===========================
>
> Thank You;
>
> Chris Cheltenham
> Technology Services
> The School District of Philadelphia
>
> Work # 215-400-5025
> Cell # 215-301-6571
>
> -----Original Message-----
> From: Mark Thomas [mailto:markt@apache.org]
> Sent: Tuesday, October 31, 2017 3:24 AM
> To: Tomcat Users List <us...@tomcat.apache.org>
> Subject: Re: apr
>
> On 30/10/2017 17:49, Cheltenham, Chris wrote:
>> Hello Everyone,
>>
>> Using OpenSSL 1.0.2k-fips
>>
>> I am trying to install the apr.
>>
>> I used several different versions of APR 1.4 through 1.6
>>
>> Then I compiled tnative 1.1.16, 1.2.x
>
> The latest release of the 1.1.x line is 1.1.34.
>
> Given 1.2.x is a drop-in replacement for 1.1.x and that 1.1.x is
> unlikely to see another release, everyone should be using 1.2.x at this
> point.
>
>
>> When I start tomcat I get the same message each time.
>>
>> 30-Oct-2017 12:51:14.602 INFO [main]
>> org.apache.catalina.core.AprLifecycleListener.lifecycleEvent
>> APR/OpenSSL
>> configuration: useAprConnector [false], useOpenSSL [true]
>>
>> 30-Oct-2017 12:51:14.605 SEVERE [main]
>> org.apache.catalina.core.AprLifecycleListener.lifecycleEvent Failed
>> to initialize the SSLEngine.
>>
>> org.apache.tomcat.jni.Error: 70023: This function has not been
>> implemented on this platform
>
> That looks like an OpenSSL version prior to 1.0.2 is being used.
>
> Mark
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
> For additional commands, e-mail: users-help@tomcat.apache.org
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
> For additional commands, e-mail: users-help@tomcat.apache.org
>
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org
Re: apr
Posted by Mark Thomas <ma...@apache.org>.
On 31/10/17 12:19, Cheltenham, Chris wrote:
> Mark,
>
> I am not sure what you are saying.
>
> I tried apr 1.4.8 through 1.6.2
> With
> Tnative 1.1.16 through 1.2.14
>
> I get the same openssl error every time.
>
> I am using CentOS's install and its 1.0.2k FIPS
>
> I appreciate your help but I don't understand what you are trying to tell
> me.
It appears that you aren't building against the OpenSSL version you
think you are. It looks like you are building against OpenSSL 1.0.1 or
earlier. I can't think of any other reason for you to see the error
message you are seeing.
Other than that, concentrate on using the latest APR and Tomcat Native.
Mark
>
>
>
> ===========================
>
> Thank You;
>
> Chris Cheltenham
> Technology Services
> The School District of Philadelphia
>
> Work # 215-400-5025
> Cell # 215-301-6571
>
> -----Original Message-----
> From: Mark Thomas [mailto:markt@apache.org]
> Sent: Tuesday, October 31, 2017 3:24 AM
> To: Tomcat Users List <us...@tomcat.apache.org>
> Subject: Re: apr
>
> On 30/10/2017 17:49, Cheltenham, Chris wrote:
>> Hello Everyone,
>>
>> Using OpenSSL 1.0.2k-fips
>>
>> I am trying to install the apr.
>>
>> I used several different versions of APR 1.4 through 1.6
>>
>> Then I compiled tnative 1.1.16, 1.2.x
>
> The latest release of the 1.1.x line is 1.1.34.
>
> Given 1.2.x is a drop-in replacement for 1.1.x and that 1.1.x is unlikely
> to see another release, everyone should be using 1.2.x at this point.
>
>
>> When I start tomcat I get the same message each time.
>>
>> 30-Oct-2017 12:51:14.602 INFO [main]
>> org.apache.catalina.core.AprLifecycleListener.lifecycleEvent
>> APR/OpenSSL
>> configuration: useAprConnector [false], useOpenSSL [true]
>>
>> 30-Oct-2017 12:51:14.605 SEVERE [main]
>> org.apache.catalina.core.AprLifecycleListener.lifecycleEvent Failed to
>> initialize the SSLEngine.
>>
>> org.apache.tomcat.jni.Error: 70023: This function has not been
>> implemented on this platform
>
> That looks like an OpenSSL version prior to 1.0.2 is being used.
>
> Mark
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
> For additional commands, e-mail: users-help@tomcat.apache.org
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
> For additional commands, e-mail: users-help@tomcat.apache.org
>
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org
RE: apr
Posted by "Cheltenham, Chris" <cc...@philasd.org>.
Mark,
I am not sure what you are saying.
I tried apr 1.4.8 through 1.6.2
With
Tnative 1.1.16 through 1.2.14
I get the same openssl error every time.
I am using CentOS's install and its 1.0.2k FIPS
I appreciate your help but I don't understand what you are trying to tell
me.
===========================
Thank You;
Chris Cheltenham
Technology Services
The School District of Philadelphia
Work # 215-400-5025
Cell # 215-301-6571
-----Original Message-----
From: Mark Thomas [mailto:markt@apache.org]
Sent: Tuesday, October 31, 2017 3:24 AM
To: Tomcat Users List <us...@tomcat.apache.org>
Subject: Re: apr
On 30/10/2017 17:49, Cheltenham, Chris wrote:
> Hello Everyone,
>
> Using OpenSSL 1.0.2k-fips
>
> I am trying to install the apr.
>
> I used several different versions of APR 1.4 through 1.6
>
> Then I compiled tnative 1.1.16, 1.2.x
The latest release of the 1.1.x line is 1.1.34.
Given 1.2.x is a drop-in replacement for 1.1.x and that 1.1.x is unlikely
to see another release, everyone should be using 1.2.x at this point.
> When I start tomcat I get the same message each time.
>
> 30-Oct-2017 12:51:14.602 INFO [main]
> org.apache.catalina.core.AprLifecycleListener.lifecycleEvent
> APR/OpenSSL
> configuration: useAprConnector [false], useOpenSSL [true]
>
> 30-Oct-2017 12:51:14.605 SEVERE [main]
> org.apache.catalina.core.AprLifecycleListener.lifecycleEvent Failed to
> initialize the SSLEngine.
>
> org.apache.tomcat.jni.Error: 70023: This function has not been
> implemented on this platform
That looks like an OpenSSL version prior to 1.0.2 is being used.
Mark
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org