You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@tomcat.apache.org by Massimo Chirivì - Ict Consultant <in...@massimochirivi.net> on 2012/02/12 16:14:50 UTC
TOMCAT with multiple sites (one on https, others on http)
i have a server with TOMCAT and i want to configure multiple sites,
i can configure one site on https and others sites on http
thank
Re: TOMCAT with multiple sites (one on https, others on http)
Posted by "David N. Smith" <da...@cornell.edu>.
On Feb 12, 2012, at 10:31 AM, "Massimo Chirivì - Ict Consultant" <in...@massimochirivi.net> wrote:
> excuse me!
> i have a server with TOMCAT and i want to configure multiple sites,
> i can configure one site on https and others sites on http?
>
> thank
>
>
Forgive me if I'm wrong, but it sounds like you meant "Can I configure one site on https and the others on http?"
The simple answer is yes. Simplest is to configure two connectors -- one http and one https. Of course all the apps will be available on all connectors. Don't know if you wanted specific apps on specific IPs/protocols. I'm sure that's possible but the config is more complicated.
-- David
>
>
> 2012/2/12 André Warnier <aw...@ice-sa.com>
>
>> Massimo Chirivě - Ict Consultant wrote:
>>
>>> i have a server with TOMCAT and i want to configure multiple sites,
>>> i can configure one site on https and others sites on http
>>> thank
>>>
>>> Good for you.
>> Do you also have a question ?
>>
>>
>> ------------------------------**------------------------------**---------
>> To unsubscribe, e-mail: users-unsubscribe@tomcat.**apache.org<us...@tomcat.apache.org>
>> For additional commands, e-mail: users-help@tomcat.apache.org
>>
>>
Re: TOMCAT with multiple sites (one on https, others on http)
Posted by Massimo Chirivì - Ict Consultant <in...@massimochirivi.net>.
> What version of Tomcat are you using?
6.0.16
>
> What *exactly* does 'not ok' mean?
The https site is not responding
>
> Are there any errors in the log files?
NO, I have Stop and Start TOMCAT, the log files Catalina.2012-08-07.txt is
attach
>
> Can you describe the symptoms of the error?
When i submit http://www.sito1.net or http://www.site2.net is work
correctly
when i submit https://www.sito3.net is not responding.
the configuration in the server.xml is correctly?
2012/8/7 mchirivi [via Tomcat] <ml...@n6.nabble.com>
> > What version of Tomcat are you using?
>
> 6.0.16
>
> >
> > What *exactly* does 'not ok' mean?
>
> The https site is not responding
> >
> > Are there any errors in the log files?
>
> NO, I have Stop and Start TOMCAT, the log files Catalina.2012-08-07.txt is
> attach
> >
> > Can you describe the symptoms of the error?
>
> When i submit http://www.sito1.net or http://www.site2.net is work
> correctly
> when i submit https://www.sito3.net is not responding.
>
> the configuration in the server.xml is correctly?
>
>
> ------------------------------
> If you reply to this email, your message will be added to the discussion
> below:
>
> http://tomcat.10.n6.nabble.com/TOMCAT-with-multiple-sites-one-on-https-others-on-http-tp4462105p4984916.html
> To unsubscribe from TOMCAT with multiple sites (one on https, others on
> http), click here<http://tomcat.10.n6.nabble.com/template/NamlServlet.jtp?macro=unsubscribe_by_code&node=4462105&code=aW5mb0BtYXNzaW1vY2hpcml2aS5uZXR8NDQ2MjEwNXwxMTc5MDcxMzk2>
> .
> NAML<http://tomcat.10.n6.nabble.com/template/NamlServlet.jtp?macro=macro_viewer&id=instant_html%21nabble%3Aemail.naml&base=nabble.naml.namespaces.BasicNamespace-nabble.view.web.template.NabbleNamespace-nabble.view.web.template.NodeNamespace&breadcrumbs=notify_subscribers%21nabble%3Aemail.naml-instant_emails%21nabble%3Aemail.naml-send_instant_email%21nabble%3Aemail.naml>
>
Re: TOMCAT with multiple sites (one on https, others on http)
Posted by chris derham <ch...@derham.me.uk>.
>
> I have configured the server.xml to run a few sites with HTTP and HTTPS,
> HTTP sites work correctly, that HTTPS is not responding, can not display
> the page
>
> Massimo Chirivì
>
> Massimo,
Pid's reply was asking you to answer some specific questions. You appear to
have only answered the first one of them by irony only.
The people on the list will need all of these specific questions answered
in order to help you any further. Here is the list once again in case you
have lost the previous email
Chris
> Are you just repeating the same question over & over?
>
> Have you read the documents provided previously?
>
> What version of Tomcat are you using?
>
> What *exactly* does 'not ok' mean?
>
> Are there any errors in the log files?
>
> Can you describe the symptoms of the error?
>
> Have you ever read & comprehended:
>
> http://www.catb.org/esr/faqs/smart-questions.html
Re: TOMCAT with multiple sites (one on https, others on http)
Posted by Massimo Chirivì - Ict Consultant <in...@massimochirivi.net>.
I have configured the server.xml to run a few sites with HTTP and HTTPS,
HTTP sites work correctly, that HTTPS is not responding, can not display
the page
Massimo Chirivì
--------------------------------------------------------------------------------------------------------
2012/8/7 Pid <pi...@pidster.com>
> On 03/08/2012 17:35, Massimo Chirivì - Ict Consultant wrote:
> > *this is my server.xml, *
> > *the sites on the http is ok, but the site on the https is not ok?*
> > *thank you for help*
>
> Are you just repeating the same question over & over?
>
> Have you read the documents provided previously?
>
> What version of Tomcat are you using?
>
> What *exactly* does 'not ok' mean?
>
> Are there any errors in the log files?
>
> Can you describe the symptoms of the error?
>
> Have you ever read & comprehended:
>
> http://www.catb.org/esr/faqs/smart-questions.html
>
>
> p
>
>
> > <?xml version='1.0' encoding='utf-8'?>
> >
> > <Server port="8005" shutdown="SHUTDOWN">
> >
> > <Listener className="org.apache.catalina.core.AprLifecycleListener"
> > SSLEngine="on" />
> > <Listener className="org.apache.catalina.core.JasperListener" />
> > <Listener
> className="org.apache.catalina.mbeans.ServerLifecycleListener"
> > />
> > <Listener
> > className="org.apache.catalina.mbeans.GlobalResourcesLifecycleListener"
> />
> >
> > <GlobalNamingResources>
> > <Resource name="UserDatabase" auth="Container"
> > type="org.apache.catalina.UserDatabase"
> > description="User database that can be updated and saved"
> >
> factory="org.apache.catalina.users.MemoryUserDatabaseFactory"
> > pathname="conf/tomcat-users.xml" />
> > </GlobalNamingResources>
> >
> > <Service name="Catalina">
> >
> >
> > <Connector port="80" protocol="HTTP/1.1"
> > connectionTimeout="20000"
> > redirectPort="443" />
> >
> > <Connector port="8009" protocol="AJP/1.3" redirectPort="443" />
> >
> >
> > <Engine name="Catalina" defaultHost="localhost">
> >
> > <Realm className="org.apache.catalina.realm.UserDatabaseRealm"
> > resourceName="UserDatabase"/>
> >
> > <Host name="localhost" appBase="webapps"
> > unpackWARs="true" autoDeploy="true"
> > xmlValidation="false" xmlNamespaceAware="false">
> > </Host>
> >
> > <Host name="www.site1.it" debug="0" unpackWARs="true">
> > <Logger className="org.apache.catalina.logger.FileLogger"
> > directory="logs" prefix="virtual_log1." suffix=".txt"
> > timestamp="true"/>
> > <Context path="" docBase="/webapps/site1" debug="0"
> > reloadable="true"/>
>
> Context definitions in server.xml is very strongly discouraged and
> considered poor practice.
>
>
> > <Valve className="org.apache.catalina.valves.AccessLogValve"
> > directory="logs" prefix="virtual_log." suffix=".txt"
> > pattern="common"/>
> > </Host>
> >
> >
> > <Host name="www.site2.net" debug="0" unpackWARs="true" >
> > <Logger className="org.apache.catalina.logger.FileLogger"
> > directory="logs" prefix="virtual_log29." suffix=".txt"
> > timestamp="true"/>
>
> There is no logger in Tomcat 7.0.
>
>
> > <Context path="" docBase="/webapps/site2" debug="0"
> > reloadable="true"/>
> > <Valve className="org.apache.catalina.valves.AccessLogValve"
> > directory="logs" prefix="virtual_log." suffix=".txt"
> > pattern="common"/>
> > </Host>
> >
> > </Engine>
> > </Service>
> >
> >
> > <Service name="Catalinassl">
> >
> > <Engine name="Catalinassl" defaultHost="localhost">
> > <Connector port="443" maxHttpHeaderSize="8192" maxThreads="150"
> > minSpareThreads="25" maxSpareThreads="75" enableLookups="false"
> > disableUploadTimeout="true" acceptCount="100" scheme="https"
> secure="true"
> > SSLEnabled="true" clientAuth="false" sslProtocol="TLS"
> keyAlias="bancomed"
> > keystoreFile="C:\Program Files\Java\jre1.5.0_15\bin\site3.jks"
> > keypass="xxxx" />
> >
> > <Host name="www.site3.net" debug="0" unpackWARs="true">
> > <Logger className="org.apache.catalina.logger.FileLogger"
> > directory="logs" prefix="virtual_log29." suffix=".txt"
> > timestamp="true"/>
>
> There is no logger in Tomcat 7.0.
>
> > <Context path="" docBase="/webapps/site3" debug="0"
> > reloadable="true"/>
>
> Context definitions in server.xml is very strongly discouraged and
> considered poor practice.
>
>
> > <Valve className="org.apache.catalina.valves.AccessLogValve"
> > directory="logs" prefix="virtual_log." suffix=".txt"
> > pattern="common"/>
> > </Host>
> > </Engine>
> >
> > </Service>
> >
> >
> >
> > </Server>
> >
> > Massimo Chirivì
> >
> >
> >
> >
> >
> > 2012/2/12 Caldarale, Charles R <Ch...@unisys.com>
> >
> >> From: mchirivi.ict@gmail.com [mailto:mchirivi.ict@gmail.com] On Behalf
> Of
> >> Massimo Chirivì - Ict Consultant
> >> Subject: Re: TOMCAT with multiple sites (one on https, others on http)
> >>
> >> i have a server with TOMCAT and i want to configure multiple sites,
> >> i can configure one site on https and others sites on http?
> >>
> >> 1) Read the servlet spec, especially section 13, security.
> >>
> >> 2) Read the Tomcat doc for SSL and <Connector>:
> >> http://tomcat.apache.org/tomcat-7.0-doc/ssl-howto.html
> >> http://tomcat.apache.org/tomcat-7.0-doc/config/http.html
> >>
> >> 3) Read the Wiki for virtual hosts:
> >>
> >>
> http://wiki.apache.org/tomcat/HowTo#How_do_I_set_up_Tomcat_virtual_hosts_in_a_development_environment.3F
> >>
> >> - Chuck
> >>
> >>
> >> THIS COMMUNICATION MAY CONTAIN CONFIDENTIAL AND/OR OTHERWISE PROPRIETARY
> >> MATERIAL and is thus for use only by the intended recipient. If you
> >> received this in error, please contact the sender and delete the e-mail
> and
> >> its attachments from all computers.
> >>
> >>
> >
>
>
> --
>
> [key:62590808]
>
>
Re: TOMCAT with multiple sites (one on https, others on http)
Posted by Mark Eggers <it...@yahoo.com>.
Comments inline - see ==== COMMENT ====
On 8/7/2012 9:52 AM, Massimo Chirivì - Ict Consultant wrote:
> i HAVE CORRECT THIS ERROR, <CONNECTOR> NOW IS OUT THE <ENGINE>
>
> now the log files write:
> 7-ago-2012 18.42.52 org.apache.catalina.core.AprLifecycleListener init
> INFO: Loaded APR based Apache Tomcat Native library 1.1.10.
> 7-ago-2012 18.42.52 org.apache.catalina.core.AprLifecycleListener init
> INFO: APR capabilities: IPv6 [false], sendfile [true], accept filters
> [false], random [true].
==== COMMENT ====
You're using the APR (native libraries). You are trying to configure
your connector with the Java SSL configuration. This won't work.
See the following:
http://tomcat.apache.org/tomcat-6.0-doc/ssl-howto.html#Configuration
In particular:
<Connector
port="8443" maxThreads="200"
scheme="https" secure="true" SSLEnabled="true"
SSLCertificateFile="/usr/local/ssl/server.crt"
SSLCertificateKeyFile="/usr/local/ssl/server.pem"
clientAuth="optional" SSLProtocol="TLSv1"/>
Note that the format for the certificate (and key) is different for the
two connectors.
==== COMMENT ====
> 7-ago-2012 18.42.53 org.apache.coyote.http11.Http11AprProtocol init
> INFO: Initializing Coyote HTTP/1.1 on http-80
> 7-ago-2012 18.42.53 org.apache.coyote.ajp.AjpAprProtocol init
> INFO: Initializing Coyote AJP/1.3 on ajp-8009
> 7-ago-2012 18.42.53 org.apache.coyote.http11.Http11AprProtocol init
> GRAVE: Error initializing endpoint
> java.lang.Exception: No Certificate file specified
> at org.apache.tomcat.jni.SSLContext.setCertificate(Native Method)
> at org.apache.tomcat.util.net.AprEndpoint.init(AprEndpoint.java:684)
> at
> org.apache.coyote.http11.Http11AprProtocol.init(Http11AprProtocol.java:107)
> at org.apache.catalina.connector.Connector.initialize(Connector.java:1058)
> at
> org.apache.catalina.core.StandardService.initialize(StandardService.java:677)
> at
> org.apache.catalina.core.StandardServer.initialize(StandardServer.java:795)
> at org.apache.catalina.startup.Catalina.load(Catalina.java:530)
> at org.apache.catalina.startup.Catalina.load(Catalina.java:550)
> at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
> at sun.reflect.NativeMethodAccessorImpl.invoke(Unknown Source)
> at sun.reflect.DelegatingMethodAccessorImpl.invoke(Unknown Source)
> at java.lang.reflect.Method.invoke(Unknown Source)
> at org.apache.catalina.startup.Bootstrap.load(Bootstrap.java:260)
> at org.apache.catalina.startup.Bootstrap.main(Bootstrap.java:412)
> 7-ago-2012 18.42.53 org.apache.catalina.startup.Catalina load
> GRAVE: Catalina.start
> LifecycleException: Protocol handler initialization failed:
> java.lang.Exception: No Certificate file specified
> at org.apache.catalina.connector.Connector.initialize(Connector.java:1060)
> at
> org.apache.catalina.core.StandardService.initialize(StandardService.java:677)
> at
> org.apache.catalina.core.StandardServer.initialize(StandardServer.java:795)
> at org.apache.catalina.startup.Catalina.load(Catalina.java:530)
> at org.apache.catalina.startup.Catalina.load(Catalina.java:550)
> at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
> at sun.reflect.NativeMethodAccessorImpl.invoke(Unknown Source)
> at sun.reflect.DelegatingMethodAccessorImpl.invoke(Unknown Source)
> at java.lang.reflect.Method.invoke(Unknown Source)
> at org.apache.catalina.startup.Bootstrap.load(Bootstrap.java:260)
> at org.apache.catalina.startup.Bootstrap.main(Bootstrap.java:412)
> 7-ago-2012 18.42.53 org.apache.catalina.startup.Catalina load
> INFO: Initialization processed in 2236 ms
> 7-ago-2012 18.42.53 org.apache.catalina.realm.JAASRealm setContainer
> INFO: Set JAAS app name Catalinassl
> 7-ago-2012 18.42.53 org.apache.catalina.core.StandardService start
> INFO: Starting service Catalina
> 7-ago-2012 18.42.53 org.apache.catalina.core.StandardEngine start
> INFO: Starting Servlet Engine: Apache Tomcat/6.0.16
>
>
>
> 2012/8/7 Terence M. Bandoian <te...@tmbsw.com>
>
>> On 1:59 PM, Massimo Chirivě - Ict Consultant wrote:
>>
>>> What version of Tomcat are you using?
>>>>
>>> 6.0.16
>>>
>>> What *exactly* does 'not ok' mean?
>>>>
>>> The https site is not responding
>>>
>>>> Are there any errors in the log files?
>>>>
>>> NO, I have Stop and Start TOMCAT, the log files Catalina.2012-08-07.txt is
>>> attach
>>>
>>>> Can you describe the symptoms of the error?
>>>>
>>> When i submit http://www.sito1.net or http://www.site2.net is work
>>> correctly
>>> when i submit https://www.sito3.net is not responding.
>>>
>>> the configuration in the server.xml is correctly?
>>>
>>>
>>> 2012/8/7 Pid<pi...@pidster.com>
>>>
>>> On 03/08/2012 17:35, Massimo Chirivě - Ict Consultant wrote:
>>>>
>>>>> *this is my server.xml, *
>>>>> *the sites on the http is ok, but the site on the https is not ok?*
>>>>> *thank you for help*
>>>>>
>>>> Are you just repeating the same question over& over?
>>>>
>>>>
>>>> Have you read the documents provided previously?
>>>>
>>>> What version of Tomcat are you using?
>>>>
>>>> What *exactly* does 'not ok' mean?
>>>>
>>>> Are there any errors in the log files?
>>>>
>>>> Can you describe the symptoms of the error?
>>>>
>>>> Have you ever read& comprehended:
>>>>
>>>>
>>>> http://www.catb.org/esr/faqs/**smart-questions.html<http://www.catb.org/esr/faqs/smart-questions.html>
>>>>
>>>>
>>>> p
>>>>
>>>>
==== COMMENT ====
I'm not going to try and inject my comments concerning the server.xml
issues. Instead, I'll make a few general comments (amplifying other
comments) and then point you to the Wiki article that exists on the
Tomcat site.
1. There is no such thing as a Logger element
2. Do not put <Context> elements in your server.xml
3. For the default context, name your war file ROOT.war
a. do not use a null path - in general the path attribute is wrong
b. case IS important, even on Windows
4. Do NOT overlap appBase directories for virtual hosts
a. You will get multiple deployments
b. You will have memory issues
Please read and follow the Wiki document below for setting up virtual
hosts. I know it says development, but this same structure works well
for production. I use it to run a large number of production sites.
Coupled with CATALINA_HOME / CATALINA_BASE and some custom Ant scripts,
I have complete flexibility, and I can provision environments in about 5
minutes. I'm working on reducing that time.
Here's the link (again) :
http://wiki.apache.org/tomcat/TomcatDevelopmentVirtualHosts
Also, please tell me you are not using the following JRE:
C:\Program Files\Java\jre1.5.0_15
This is ancient, unsupported, has lots of security issues, and is in
general asking for trouble.
Upgrade at least to the latest 1.6.0 release.
==== COMMENT ====
>>>> <?xml version='1.0' encoding='utf-8'?>
>>>>>
>>>>> <Server port="8005" shutdown="SHUTDOWN">
>>>>>
>>>>> <Listener className="org.apache.**catalina.core.**
>>>>> AprLifecycleListener"
>>>>> SSLEngine="on" />
>>>>> <Listener className="org.apache.**catalina.core.JasperListener" />
>>>>> <Listener
>>>>>
>>>> className="org.apache.**catalina.mbeans.**ServerLifecycleListener"
>>>>
>>>>> />
>>>>> <Listener
>>>>> className="org.apache.**catalina.mbeans.**
>>>>> GlobalResourcesLifecycleListen**er"
>>>>>
>>>> />
>>>>
>>>>> <GlobalNamingResources>
>>>>> <Resource name="UserDatabase" auth="Container"
>>>>> type="org.apache.catalina.**UserDatabase"
>>>>> description="User database that can be updated and saved"
>>>>>
>>>>> factory="org.apache.catalina.**users.**MemoryUserDatabaseFactory"
>>>>
>>>>> pathname="conf/tomcat-users.**xml" />
>>>>> </GlobalNamingResources>
>>>>>
>>>>> <Service name="Catalina">
>>>>>
>>>>>
>>>>> <Connector port="80" protocol="HTTP/1.1"
>>>>> connectionTimeout="20000"
>>>>> redirectPort="443" />
>>>>>
>>>>> <Connector port="8009" protocol="AJP/1.3" redirectPort="443" />
>>>>>
>>>>>
>>>>> <Engine name="Catalina" defaultHost="localhost">
>>>>>
>>>>> <Realm className="org.apache.**catalina.realm.**
>>>>> UserDatabaseRealm"
>>>>> resourceName="UserDatabase"/>
>>>>>
>>>>> <Host name="localhost" appBase="webapps"
>>>>> unpackWARs="true" autoDeploy="true"
>>>>> xmlValidation="false" xmlNamespaceAware="false">
>>>>> </Host>
>>>>>
>>>>> <Host name="www.site1.it" debug="0" unpackWARs="true">
>>>>> <Logger className="org.apache.**catalina.logger.FileLogger"
>>>>> directory="logs" prefix="virtual_log1." suffix=".txt"
>>>>> timestamp="true"/>
>>>>> <Context path="" docBase="/webapps/site1" debug="0"
>>>>> reloadable="true"/>
>>>>>
>>>> Context definitions in server.xml is very strongly discouraged and
>>>> considered poor practice.
>>>>
>>>>
>>>> <Valve className="org.apache.**catalina.valves.**
>>>>> AccessLogValve"
>>>>> directory="logs" prefix="virtual_log." suffix=".txt"
>>>>> pattern="common"/>
>>>>> </Host>
>>>>>
>>>>>
>>>>> <Host name="www.site2.net" debug="0" unpackWARs="true">
>>>>> <Logger className="org.apache.**catalina.logger.FileLogger"
>>>>> directory="logs" prefix="virtual_log29."
>>>>> suffix=".txt"
>>>>> timestamp="true"/>
>>>>>
>>>> There is no logger in Tomcat 7.0.
>>>>
>>>>
>>>> <Context path="" docBase="/webapps/site2" debug="0"
>>>>> reloadable="true"/>
>>>>> <Valve className="org.apache.**catalina.valves.**
>>>>> AccessLogValve"
>>>>> directory="logs" prefix="virtual_log." suffix=".txt"
>>>>> pattern="common"/>
>>>>> </Host>
>>>>>
>>>>> </Engine>
>>>>> </Service>
>>>>>
>>>>>
>>>>> <Service name="Catalinassl">
>>>>>
>>>>> <Engine name="Catalinassl" defaultHost="localhost">
>>>>> <Connector port="443" maxHttpHeaderSize="8192" maxThreads="150"
>>>>> minSpareThreads="25" maxSpareThreads="75" enableLookups="false"
>>>>> disableUploadTimeout="true" acceptCount="100" scheme="https"
>>>>>
>>>> secure="true"
>>>>
>>>>> SSLEnabled="true" clientAuth="false" sslProtocol="TLS"
>>>>>
>>>> keyAlias="bancomed"
>>>>
>>>>> keystoreFile="C:\Program Files\Java\jre1.5.0_15\bin\**site3.jks"
>>>>> keypass="xxxx" />
>>>>>
>>>>> <Host name="www.site3.net" debug="0" unpackWARs="true">
>>>>> <Logger className="org.apache.**catalina.logger.FileLogger"
>>>>> directory="logs" prefix="virtual_log29."
>>>>> suffix=".txt"
>>>>> timestamp="true"/>
>>>>>
>>>> There is no logger in Tomcat 7.0.
>>>>
>>>> <Context path="" docBase="/webapps/site3" debug="0"
>>>>> reloadable="true"/>
>>>>>
>>>> Context definitions in server.xml is very strongly discouraged and
>>>> considered poor practice.
>>>>
>>>>
>>>> <Valve className="org.apache.**catalina.valves.**
>>>>> AccessLogValve"
>>>>> directory="logs" prefix="virtual_log." suffix=".txt"
>>>>> pattern="common"/>
>>>>> </Host>
>>>>> </Engine>
>>>>>
>>>>> </Service>
>>>>>
>>>>>
>>>>>
>>>>> </Server>
>>>>>
>>>>> Massimo Chirivě
>>>>>
>>>>>
>>>>>
>>>>>
>>>>>
>>>>>
>>>>> 2012/2/12 Caldarale, Charles R<Ch...@unisys.com>
>>>>>
>>>>> From: mchirivi.ict@gmail.com [mailto:mchirivi.ict@gmail.com**] On
>>>>>> Behalf
>>>>>>
>>>>> Of
>>>>
>>>>> Massimo Chirivě - Ict Consultant
>>>>>>
>>>>>> Subject: Re: TOMCAT with multiple sites (one on https, others on http)
>>>>>>
>>>>>> i have a server with TOMCAT and i want to configure multiple sites,
>>>>>> i can configure one site on https and others sites on http?
>>>>>>
>>>>>> 1) Read the servlet spec, especially section 13, security.
>>>>>>
>>>>>> 2) Read the Tomcat doc for SSL and<Connector>:
>>>>>> http://tomcat.apache.org/**tomcat-7.0-doc/ssl-howto.html<http://tomcat.apache.org/tomcat-7.0-doc/ssl-howto.html>
>>>>>> http://tomcat.apache.org/**tomcat-7.0-doc/config/http.**html<http://tomcat.apache.org/tomcat-7.0-doc/config/http.html>
>>>>>>
>>>>>> 3) Read the Wiki for virtual hosts:
>>>>>>
>>>>>>
>>>>>> http://wiki.apache.org/tomcat/**HowTo#How_do_I_set_up_Tomcat_**
>>>> virtual_hosts_in_a_**development_environment.3F<http://wiki.apache.org/tomcat/HowTo#How_do_I_set_up_Tomcat_virtual_hosts_in_a_development_environment.3F>
>>>>
>>>>> - Chuck
>>>>>>
>>>>>
>>
>> Hi, Massimo-
>>
>> Is it valid to nest a <Connector> element inside an <Engine> element?
>>
>> -Terence Bandoian
Sorry for being lazy and not cleaning up the rest of this post. However,
I'm not terribly motivated when I don't see commensurate effort from the
original poster.
. . . . just my 2 cents.
/mde/
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org
Re: [OT] TOMCAT with multiple sites (one on https, others on http)
Posted by Christopher Schultz <ch...@christopherschultz.net>.
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Massimo,
On 8/9/12 4:18 PM, Christopher Schultz wrote:
> Massimo, aiuda noi aiudiamote.
Wow. Just re-read that. Awful Italian-ish. Should have been:
Massimo, aiutarci ad aiutarti.
I was never very good at reflexive conjugation (and multiple verbs in
a sentence). Basically, I'm capable of negotiating the purchase of
prosciutto by the tenth-kilo in Italian, which is all you really need.
Well, you never need anything as small as a tenth-kilo, but that's
besides the point.
- -chris
-----BEGIN PGP SIGNATURE-----
Version: GnuPG/MacGPG2 v2.0.17 (Darwin)
Comment: GPGTools - http://gpgtools.org
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/
iEYEARECAAYFAlAkLWAACgkQ9CaO5/Lv0PAUXACeIV8ELLRuxfDJAKmJSCWfmDAx
CH4AnifhN8/yIbLRgobabrqLa8rFwcrs
=4Bhu
-----END PGP SIGNATURE-----
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org
Re: TOMCAT with multiple sites (one on https, others on http)
Posted by Mark Eggers <it...@yahoo.com>.
On 8/9/2012 1:18 PM, Christopher Schultz wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> Mark,
>
> On 8/9/12 3:46 PM, Mark Eggers wrote:
>> 3. You are using the wrong SSL Connector configuration
>>
>> From other logs, you are loading the APR native libraries. See
>
> To be fair, he did (claim to) switch to the HttpNioConnector at some
> point, which will use the JSSE configuration.
>
> All your other comments are spot on.
>
> Massimo, aiuda noi aiudiamote.
>
> - -chris
Yep, I see that in the Connector configuration now.
I apologize for that Massimo . . . I need to read things a bit more slowly.
/mde/
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org
Re: TOMCAT with multiple sites (one on https, others on http)
Posted by Christopher Schultz <ch...@christopherschultz.net>.
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Mark,
On 8/9/12 3:46 PM, Mark Eggers wrote:
> 3. You are using the wrong SSL Connector configuration
>
> From other logs, you are loading the APR native libraries. See
To be fair, he did (claim to) switch to the HttpNioConnector at some
point, which will use the JSSE configuration.
All your other comments are spot on.
Massimo, aiuda noi aiudiamote.
- -chris
-----BEGIN PGP SIGNATURE-----
Version: GnuPG/MacGPG2 v2.0.17 (Darwin)
Comment: GPGTools - http://gpgtools.org
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/
iEYEARECAAYFAlAkGzIACgkQ9CaO5/Lv0PA+RgCdH4EZByRSxHDcYkqa12ivhKGj
x9kAnA6txx/VWIOLUmZj8LIPtZRVrk4T
=aysg
-----END PGP SIGNATURE-----
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org
Re: TOMCAT with multiple sites (one on https, others on http)
Posted by Mark Eggers <it...@yahoo.com>.
On 8/9/2012 10:59 AM, Massimo Chirivì - Ict Consultant wrote:
> i attach the correct file, but on the server tomcat the file was corrected
> but the problem remains.
This file has numerous problems.
You have been pointed at the documentation.
You have had several people point out the problems.
You have not incorporated any of the fixes that several people have
recommended that you implement.
1. Your Host setup is at best not in keeping with good practices
http://wiki.apache.org/tomcat/TomcatDevelopmentVirtualHosts
2. You have Context elements in your server.xml
Again, this is not a good practice
3. You are using the wrong SSL Connector configuration
From other logs, you are loading the APR native libraries. See
http://tomcat.apache.org/tomcat-7.0-doc/ssl-howto.html#Configuration
4. You have deleted a lot of the Listeners from the stock server.xml
Here's what you should do.
1. Start with a clean server.xml from tomcat.apache.org
2. Follow this document to set up virtual hosts
http://wiki.apache.org/tomcat/TomcatDevelopmentVirtualHosts
3. Add a second Service by copying the first Service and changing the
name
4. In the second service:
a. Delete the AJP Connector
b. Delete the HTTP 1.1 Connector
c. Add the SSL Connector following
http://tomcat.apache.org/tomcat-7.0-doc/ssl-howto.html#Configuration
5. Do NOT add any Context elements in server.xml
6. Use ROOT.war for each virtual host default application
a. Package your default application into a war file
b. Name it ROOT.war (case is important)
c. Place it in the appBase for the targeted virtual host
7. Do not add Logger elements, or other "stuff" you think is necessary
Do these steps, and post the resulting server.xml file (without
comments), inline (no attachments). The list normally strips attachments.
Your current server.xml file basically needs a complete rewrite.
/mde/
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org
Re: TOMCAT with multiple sites (one on https, others on http)
Posted by Massimo Chirivì - Ict Consultant <in...@massimochirivi.net>.
i attach the correct file, but on the server tomcat the file was corrected
but the problem remains.
2012/8/9 Mark Eggers <it...@yahoo.com>
> On 8/9/2012 8:29 AM, Massimo Chirivě - Ict Consultant wrote:
>
>> Attached file is my server.xml, the service catalina with all virtual host
>> work correctly, the service catalinassl is not working
>> the subfolders of the folder /catalinassl/site3 are empty.
>> you kindly tell me the changes to make in server.xml
>> I'm not understanding
>> thank
>>
>> Massimo Chirivě
>>
>
> Massimo,
>
> I'm not sure if this is a language problem or some other problem. I don't
> speak Italian, but maybe someone else on the list does.
>
> I can empathize with language barriers (I've had to struggle with
> documentation written in Bahasa - which i know zero about). Maybe you have
> a team mate that can help translate the Tomcat documentation and Wiki
> article into Italian?
>
> A point of clarification about path names.
>
> File path names beginning with / are absolute path names. This means that
> when you write /webapps/site1, you are referring to a directory from the
> root of the file system - ie., /webapps/site1.
>
> File path names not beginning with a / are relative path names. This means
> that the path names are relative to some base path.
>
> In Tomcat, the base path starts at $CATALINA_BASE. This is where Tomcat is
> run from (gets a bit more complicated with distribution repackaging). For
> example, if I install and run Tomcat from:
>
> /home/mdeggers/Apache/apache-**tomcat-6.0.35
>
> Then $CATALINA_BASE becomes
>
> /home/mdeggers/Apache/apache-**tomcat-6.0.35
>
> A relative path name of "webapps" then becomes:
>
> /home/mdeggers/Apache/apache-**tomcat-6.0.35/webapps
>
> as an absolute path name in this particular sense.
>
> So in your case, you need to have directories /webapps/site1,
> /webapps/site2, and /conf/site3 at the root of your file system. This is
> not a good thing.
>
> That being said, you have not made any of the changes recommended by:
>
> 1) The documentation
> 2) The cited Wiki article
> 3) Several patient people on the mailing list
>
> For your particular question, please note the following Context elements
> (again, this is very bad practice).
>
> A. In Service Catalina
>
> Host element with name="site1"
> <Context path="" docBase="/webapps/site1" debug="0" reloadable="true"/>
>
> Host element with name="site2"
> <Context path="" docBase="/webapps/site2" debug="0" reloadable="true"/>
>
> B. In Service Catalinassl
>
> Host element with name="site1"
> <Context path="" docBase="/webapps/site1" debug="0" reloadable="true"/>
>
> As you can see, there is NO site3 Host element in any part of your
> server.xml. Therefore, there should be nothing in CATALINA_BASE/conf/**Catalinassl/site3.
> There should also be nothing in CATALINA_BASE/work/**Catalinassl/site3.
>
> /Catalinassl/site3 makes no sense as a path.
>
> The path to the keystore file has nothing to do with where the appBase is
> (or docBase).
>
> You are still using the wrong connector configuration for SSL. If you are
> loading the APR native libraries (and the logs you posted indicated that
> you are), you need to use the appropriate OpenSSL-style connector
> configuration (and certificate files).
>
> I've posted the relevant portion of the server.xml for SSL from the online
> documentation in this thread before.
>
> . . . . fresh out of cents (or sense)
> /mde/
>
>
> ------------------------------**------------------------------**---------
> To unsubscribe, e-mail: users-unsubscribe@tomcat.**apache.org<us...@tomcat.apache.org>
> For additional commands, e-mail: users-help@tomcat.apache.org
>
>
Re: TOMCAT with multiple sites (one on https, others on http)
Posted by Mark Eggers <it...@yahoo.com>.
On 8/9/2012 8:29 AM, Massimo Chirivì - Ict Consultant wrote:
> Attached file is my server.xml, the service catalina with all virtual host
> work correctly, the service catalinassl is not working
> the subfolders of the folder /catalinassl/site3 are empty.
> you kindly tell me the changes to make in server.xml
> I'm not understanding
> thank
>
> Massimo Chirivì
Massimo,
I'm not sure if this is a language problem or some other problem. I
don't speak Italian, but maybe someone else on the list does.
I can empathize with language barriers (I've had to struggle with
documentation written in Bahasa - which i know zero about). Maybe you
have a team mate that can help translate the Tomcat documentation and
Wiki article into Italian?
A point of clarification about path names.
File path names beginning with / are absolute path names. This means
that when you write /webapps/site1, you are referring to a directory
from the root of the file system - ie., /webapps/site1.
File path names not beginning with a / are relative path names. This
means that the path names are relative to some base path.
In Tomcat, the base path starts at $CATALINA_BASE. This is where Tomcat
is run from (gets a bit more complicated with distribution repackaging).
For example, if I install and run Tomcat from:
/home/mdeggers/Apache/apache-tomcat-6.0.35
Then $CATALINA_BASE becomes
/home/mdeggers/Apache/apache-tomcat-6.0.35
A relative path name of "webapps" then becomes:
/home/mdeggers/Apache/apache-tomcat-6.0.35/webapps
as an absolute path name in this particular sense.
So in your case, you need to have directories /webapps/site1,
/webapps/site2, and /conf/site3 at the root of your file system. This is
not a good thing.
That being said, you have not made any of the changes recommended by:
1) The documentation
2) The cited Wiki article
3) Several patient people on the mailing list
For your particular question, please note the following Context elements
(again, this is very bad practice).
A. In Service Catalina
Host element with name="site1"
<Context path="" docBase="/webapps/site1" debug="0" reloadable="true"/>
Host element with name="site2"
<Context path="" docBase="/webapps/site2" debug="0" reloadable="true"/>
B. In Service Catalinassl
Host element with name="site1"
<Context path="" docBase="/webapps/site1" debug="0" reloadable="true"/>
As you can see, there is NO site3 Host element in any part of your
server.xml. Therefore, there should be nothing in
CATALINA_BASE/conf/Catalinassl/site3. There should also be nothing in
CATALINA_BASE/work/Catalinassl/site3.
/Catalinassl/site3 makes no sense as a path.
The path to the keystore file has nothing to do with where the appBase
is (or docBase).
You are still using the wrong connector configuration for SSL. If you
are loading the APR native libraries (and the logs you posted indicated
that you are), you need to use the appropriate OpenSSL-style connector
configuration (and certificate files).
I've posted the relevant portion of the server.xml for SSL from the
online documentation in this thread before.
. . . . fresh out of cents (or sense)
/mde/
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org
Re: TOMCAT with multiple sites (one on https, others on http)
Posted by Massimo Chirivì - Ict Consultant <in...@massimochirivi.net>.
Attached file is my server.xml, the service catalina with all virtual host
work correctly, the service catalinassl is not working
the subfolders of the folder /catalinassl/site3 are empty.
you kindly tell me the changes to make in server.xml
I'm not understanding
thank
Massimo Chirivì
--------------------------------------------------------------------------------------------------------
2012/8/9 Mark Eggers-2 [via Tomcat] <ml...@n6.nabble.com>
> See comment inline.
>
> On 8/9/2012 6:58 AM, Massimo Chirivì - Ict Consultant wrote:
>
> > i have correct the server.xml, but into the folder catalinassl there is
> > www.site3.net, but all child folders are empty,
> > - with netstat the https is up
> >
> ----------------------------------------------------------------------------------
>
> > <Service name="Catalinassl">
> >
> > <Connector port="443"
> protocol="org.apache.coyote.http11.Http11NioProtocol"
> > maxHttpHeaderSize="8192" maxThreads="150" enableLookups="false"
> > disableUploadTimeout="true" acceptCount="100" scheme="https"
> secure="true"
> > SSLEnabled="true" clientAuth="false" sslProtocol="TLS"
> > keystoreFile="/conf/site3" keypass="qwertyuiop" />
> >
> > <Engine name="Catalinassl" defaultHost="localhost">
> > <Host name="www.site3.net" debug="1" unpackWARs="true">
> > <Logger className="org.apache.catalina.logger.FileLogger"
> > directory="logs" prefix="virtual_log29."
> suffix=".txt"
> > timestamp="true"/>
> > <Context path="" docBase="/webapps/site3" debug="0"
> > reloadable="true"/>
> > <Valve className="org.apache.catalina.valves.AccessLogValve"
> > directory="logs" prefix="virtual_log." suffix=".txt"
> > pattern="common"/>
> > </Host>
> > </Engine>
> > </Service>
> > </Server>
> >
> ----------------------------------------------------------------------------------
>
>
> No, you have not corrected your server.xml. You are ignoring everyone's
> recommendations and the Wiki document which lays out in great detail how
> to set up virtual hosts.
>
> Please read and follow this Wiki document.
>
> http://wiki.apache.org/tomcat/TomcatDevelopmentVirtualHosts
>
> Your paths (/webapps/site3, etc.) make absolutely NO sense unless you
> have a directory at the ROOT of your file system called /webapps/site3.
>
> /mde/
>
> >
> > 2012/8/8 Christopher Schultz-2 [via Tomcat] <
> > [hidden email] <http://user/SendEmail.jtp?type=node&node=4985056&i=0>>
> >
> >> -----BEGIN PGP SIGNED MESSAGE-----
> >> Hash: SHA1
> >>
> >> Martin,
> >>
> >> On 8/7/12 1:12 PM, Martin Gainty wrote:
> >>>
> >>> <snip>INFO: Initializing Coyote AJP/1.3 on ajp-8009
> >>>> 7-ago-2012 18.42.53 org.apache.coyote.http11.Http11AprProtocol
> >>>> init GRAVE: Error initializing endpoint java.lang.Exception: No
> >>>> Certificate file specified
> >>>
> >>> </snip> client request on Port 8009 wont pass through *until* you
> >>> get the Certificate from the site administrator
> >>
> >> It appears that the OP is not using AJP at all, so your response does
> >> not help.
> >>
> >> - -chris
> >> -----BEGIN PGP SIGNATURE-----
> >> Version: GnuPG/MacGPG2 v2.0.17 (Darwin)
> >> Comment: GPGTools - http://gpgtools.org
> >> Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/
> >>
> >> iEYEARECAAYFAlAh3REACgkQ9CaO5/Lv0PCmjgCgogIeyhqfRIP96KuDOWz7Q7gI
> >> /t8AoKDKdMSHsNKwCuF+k2cZvVmadex7
> >> =42Bh
> >> -----END PGP SIGNATURE-----
> >>
> >> ---------------------------------------------------------------------
> >> To unsubscribe, e-mail: [hidden email]<
> http://user/SendEmail.jtp?type=node&node=4984981&i=0>
> >> For additional commands, e-mail: [hidden email]<
> http://user/SendEmail.jtp?type=node&node=4984981&i=1>
> >>
> >>
> >>
> >> ------------------------------
> >> If you reply to this email, your message will be added to the
> discussion
> >> below:
> >>
> >>
> http://tomcat.10.n6.nabble.com/TOMCAT-with-multiple-sites-one-on-https-others-on-http-tp4462105p4984981.html
> >> To unsubscribe from TOMCAT with multiple sites (one on https, others
> on
> >> http), click here<
>
> >> .
> >> NAML<
> http://tomcat.10.n6.nabble.com/template/NamlServlet.jtp?macro=macro_viewer&id=instant_html%21nabble%3Aemail.naml&base=nabble.naml.namespaces.BasicNamespace-nabble.view.web.template.NabbleNamespace-nabble.view.web.template.NodeNamespace&breadcrumbs=notify_subscribers%21nabble%3Aemail.naml-instant_emails%21nabble%3Aemail.naml-send_instant_email%21nabble%3Aemail.naml>
>
> >>
> >
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: [hidden email]<http://user/SendEmail.jtp?type=node&node=4985056&i=1>
> For additional commands, e-mail: [hidden email]<http://user/SendEmail.jtp?type=node&node=4985056&i=2>
>
>
>
> ------------------------------
> If you reply to this email, your message will be added to the discussion
> below:
>
> http://tomcat.10.n6.nabble.com/TOMCAT-with-multiple-sites-one-on-https-others-on-http-tp4462105p4985056.html
> To unsubscribe from TOMCAT with multiple sites (one on https, others on
> http), click here<http://tomcat.10.n6.nabble.com/template/NamlServlet.jtp?macro=unsubscribe_by_code&node=4462105&code=aW5mb0BtYXNzaW1vY2hpcml2aS5uZXR8NDQ2MjEwNXwxMTc5MDcxMzk2>
> .
> NAML<http://tomcat.10.n6.nabble.com/template/NamlServlet.jtp?macro=macro_viewer&id=instant_html%21nabble%3Aemail.naml&base=nabble.naml.namespaces.BasicNamespace-nabble.view.web.template.NabbleNamespace-nabble.view.web.template.NodeNamespace&breadcrumbs=notify_subscribers%21nabble%3Aemail.naml-instant_emails%21nabble%3Aemail.naml-send_instant_email%21nabble%3Aemail.naml>
>
Re: TOMCAT with multiple sites (one on https, others on http)
Posted by Mark Eggers <it...@yahoo.com>.
See comment inline.
On 8/9/2012 6:58 AM, Massimo Chirivì - Ict Consultant wrote:
> i have correct the server.xml, but into the folder catalinassl there is
> www.site3.net, but all child folders are empty,
> - with netstat the https is up
> ----------------------------------------------------------------------------------
> <Service name="Catalinassl">
>
> <Connector port="443" protocol="org.apache.coyote.http11.Http11NioProtocol"
> maxHttpHeaderSize="8192" maxThreads="150" enableLookups="false"
> disableUploadTimeout="true" acceptCount="100" scheme="https" secure="true"
> SSLEnabled="true" clientAuth="false" sslProtocol="TLS"
> keystoreFile="/conf/site3" keypass="qwertyuiop" />
>
> <Engine name="Catalinassl" defaultHost="localhost">
> <Host name="www.site3.net" debug="1" unpackWARs="true">
> <Logger className="org.apache.catalina.logger.FileLogger"
> directory="logs" prefix="virtual_log29." suffix=".txt"
> timestamp="true"/>
> <Context path="" docBase="/webapps/site3" debug="0"
> reloadable="true"/>
> <Valve className="org.apache.catalina.valves.AccessLogValve"
> directory="logs" prefix="virtual_log." suffix=".txt"
> pattern="common"/>
> </Host>
> </Engine>
> </Service>
> </Server>
> ----------------------------------------------------------------------------------
No, you have not corrected your server.xml. You are ignoring everyone's
recommendations and the Wiki document which lays out in great detail how
to set up virtual hosts.
Please read and follow this Wiki document.
http://wiki.apache.org/tomcat/TomcatDevelopmentVirtualHosts
Your paths (/webapps/site3, etc.) make absolutely NO sense unless you
have a directory at the ROOT of your file system called /webapps/site3.
/mde/
>
> 2012/8/8 Christopher Schultz-2 [via Tomcat] <
> ml-node+s10n4984981h29@n6.nabble.com>
>
>> -----BEGIN PGP SIGNED MESSAGE-----
>> Hash: SHA1
>>
>> Martin,
>>
>> On 8/7/12 1:12 PM, Martin Gainty wrote:
>>>
>>> <snip>INFO: Initializing Coyote AJP/1.3 on ajp-8009
>>>> 7-ago-2012 18.42.53 org.apache.coyote.http11.Http11AprProtocol
>>>> init GRAVE: Error initializing endpoint java.lang.Exception: No
>>>> Certificate file specified
>>>
>>> </snip> client request on Port 8009 wont pass through *until* you
>>> get the Certificate from the site administrator
>>
>> It appears that the OP is not using AJP at all, so your response does
>> not help.
>>
>> - -chris
>> -----BEGIN PGP SIGNATURE-----
>> Version: GnuPG/MacGPG2 v2.0.17 (Darwin)
>> Comment: GPGTools - http://gpgtools.org
>> Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/
>>
>> iEYEARECAAYFAlAh3REACgkQ9CaO5/Lv0PCmjgCgogIeyhqfRIP96KuDOWz7Q7gI
>> /t8AoKDKdMSHsNKwCuF+k2cZvVmadex7
>> =42Bh
>> -----END PGP SIGNATURE-----
>>
>> ---------------------------------------------------------------------
>> To unsubscribe, e-mail: [hidden email]<http://user/SendEmail.jtp?type=node&node=4984981&i=0>
>> For additional commands, e-mail: [hidden email]<http://user/SendEmail.jtp?type=node&node=4984981&i=1>
>>
>>
>>
>> ------------------------------
>> If you reply to this email, your message will be added to the discussion
>> below:
>>
>> http://tomcat.10.n6.nabble.com/TOMCAT-with-multiple-sites-one-on-https-others-on-http-tp4462105p4984981.html
>> To unsubscribe from TOMCAT with multiple sites (one on https, others on
>> http), click here<http://tomcat.10.n6.nabble.com/template/NamlServlet.jtp?macro=unsubscribe_by_code&node=4462105&code=aW5mb0BtYXNzaW1vY2hpcml2aS5uZXR8NDQ2MjEwNXwxMTc5MDcxMzk2>
>> .
>> NAML<http://tomcat.10.n6.nabble.com/template/NamlServlet.jtp?macro=macro_viewer&id=instant_html%21nabble%3Aemail.naml&base=nabble.naml.namespaces.BasicNamespace-nabble.view.web.template.NabbleNamespace-nabble.view.web.template.NodeNamespace&breadcrumbs=notify_subscribers%21nabble%3Aemail.naml-instant_emails%21nabble%3Aemail.naml-send_instant_email%21nabble%3Aemail.naml>
>>
>
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org
Re: TOMCAT with multiple sites (one on https, others on http)
Posted by Massimo Chirivì - Ict Consultant <in...@massimochirivi.net>.
i have correct the server.xml, but into the folder catalinassl there is
www.site3.net, but all child folders are empty,
- with netstat the https is up
----------------------------------------------------------------------------------
<Service name="Catalinassl">
<Connector port="443" protocol="org.apache.coyote.http11.Http11NioProtocol"
maxHttpHeaderSize="8192" maxThreads="150" enableLookups="false"
disableUploadTimeout="true" acceptCount="100" scheme="https" secure="true"
SSLEnabled="true" clientAuth="false" sslProtocol="TLS"
keystoreFile="/conf/site3" keypass="qwertyuiop" />
<Engine name="Catalinassl" defaultHost="localhost">
<Host name="www.site3.net" debug="1" unpackWARs="true">
<Logger className="org.apache.catalina.logger.FileLogger"
directory="logs" prefix="virtual_log29." suffix=".txt"
timestamp="true"/>
<Context path="" docBase="/webapps/site3" debug="0"
reloadable="true"/>
<Valve className="org.apache.catalina.valves.AccessLogValve"
directory="logs" prefix="virtual_log." suffix=".txt"
pattern="common"/>
</Host>
</Engine>
</Service>
</Server>
----------------------------------------------------------------------------------
2012/8/8 Christopher Schultz-2 [via Tomcat] <
ml-node+s10n4984981h29@n6.nabble.com>
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> Martin,
>
> On 8/7/12 1:12 PM, Martin Gainty wrote:
> >
> > <snip>INFO: Initializing Coyote AJP/1.3 on ajp-8009
> >> 7-ago-2012 18.42.53 org.apache.coyote.http11.Http11AprProtocol
> >> init GRAVE: Error initializing endpoint java.lang.Exception: No
> >> Certificate file specified
> >
> > </snip> client request on Port 8009 wont pass through *until* you
> > get the Certificate from the site administrator
>
> It appears that the OP is not using AJP at all, so your response does
> not help.
>
> - -chris
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG/MacGPG2 v2.0.17 (Darwin)
> Comment: GPGTools - http://gpgtools.org
> Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/
>
> iEYEARECAAYFAlAh3REACgkQ9CaO5/Lv0PCmjgCgogIeyhqfRIP96KuDOWz7Q7gI
> /t8AoKDKdMSHsNKwCuF+k2cZvVmadex7
> =42Bh
> -----END PGP SIGNATURE-----
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: [hidden email]<http://user/SendEmail.jtp?type=node&node=4984981&i=0>
> For additional commands, e-mail: [hidden email]<http://user/SendEmail.jtp?type=node&node=4984981&i=1>
>
>
>
> ------------------------------
> If you reply to this email, your message will be added to the discussion
> below:
>
> http://tomcat.10.n6.nabble.com/TOMCAT-with-multiple-sites-one-on-https-others-on-http-tp4462105p4984981.html
> To unsubscribe from TOMCAT with multiple sites (one on https, others on
> http), click here<http://tomcat.10.n6.nabble.com/template/NamlServlet.jtp?macro=unsubscribe_by_code&node=4462105&code=aW5mb0BtYXNzaW1vY2hpcml2aS5uZXR8NDQ2MjEwNXwxMTc5MDcxMzk2>
> .
> NAML<http://tomcat.10.n6.nabble.com/template/NamlServlet.jtp?macro=macro_viewer&id=instant_html%21nabble%3Aemail.naml&base=nabble.naml.namespaces.BasicNamespace-nabble.view.web.template.NabbleNamespace-nabble.view.web.template.NodeNamespace&breadcrumbs=notify_subscribers%21nabble%3Aemail.naml-instant_emails%21nabble%3Aemail.naml-send_instant_email%21nabble%3Aemail.naml>
>
Re: TOMCAT with multiple sites (one on https, others on http)
Posted by Christopher Schultz <ch...@christopherschultz.net>.
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Martin,
On 8/7/12 1:12 PM, Martin Gainty wrote:
>
> <snip>INFO: Initializing Coyote AJP/1.3 on ajp-8009
>> 7-ago-2012 18.42.53 org.apache.coyote.http11.Http11AprProtocol
>> init GRAVE: Error initializing endpoint java.lang.Exception: No
>> Certificate file specified
>
> </snip> client request on Port 8009 wont pass through *until* you
> get the Certificate from the site administrator
It appears that the OP is not using AJP at all, so your response does
not help.
- -chris
-----BEGIN PGP SIGNATURE-----
Version: GnuPG/MacGPG2 v2.0.17 (Darwin)
Comment: GPGTools - http://gpgtools.org
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/
iEYEARECAAYFAlAh3REACgkQ9CaO5/Lv0PCmjgCgogIeyhqfRIP96KuDOWz7Q7gI
/t8AoKDKdMSHsNKwCuF+k2cZvVmadex7
=42Bh
-----END PGP SIGNATURE-----
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org
RE: TOMCAT with multiple sites (one on https, others on http)
Posted by Martin Gainty <mg...@hotmail.com>.
<snip>INFO: Initializing Coyote AJP/1.3 on ajp-8009
> 7-ago-2012 18.42.53 org.apache.coyote.http11.Http11AprProtocol init
> GRAVE: Error initializing endpoint
> java.lang.Exception: No Certificate file specified
</snip> client request on Port 8009 wont pass through *until* you get the Certificate from the site administrator
Martin
______________________________________________
Verzicht und Vertraulichkeitanmerkung
Diese Nachricht ist vertraulich. Sollten Sie nicht der vorgesehene Empfaenger sein, so bitten wir hoeflich um eine Mitteilung. Jede unbefugte Weiterleitung oder Fertigung einer Kopie ist unzulaessig. Diese Nachricht dient lediglich dem Austausch von Informationen und entfaltet keine rechtliche Bindungswirkung. Aufgrund der leichten Manipulierbarkeit von E-Mails koennen wir keine Haftung fuer den Inhalt uebernehmen.
> Date: Tue, 7 Aug 2012 18:52:27 +0200
> Subject: Re: TOMCAT with multiple sites (one on https, others on http)
> From: info@massimochirivi.net
> To: users@tomcat.apache.org
>
> i HAVE CORRECT THIS ERROR, <CONNECTOR> NOW IS OUT THE <ENGINE>
>
> now the log files write:
> 7-ago-2012 18.42.52 org.apache.catalina.core.AprLifecycleListener init
> INFO: Loaded APR based Apache Tomcat Native library 1.1.10.
> 7-ago-2012 18.42.52 org.apache.catalina.core.AprLifecycleListener init
> INFO: APR capabilities: IPv6 [false], sendfile [true], accept filters
> [false], random [true].
> 7-ago-2012 18.42.53 org.apache.coyote.http11.Http11AprProtocol init
> INFO: Initializing Coyote HTTP/1.1 on http-80
> 7-ago-2012 18.42.53 org.apache.coyote.ajp.AjpAprProtocol init
> INFO: Initializing Coyote AJP/1.3 on ajp-8009
> 7-ago-2012 18.42.53 org.apache.coyote.http11.Http11AprProtocol init
> GRAVE: Error initializing endpoint
> java.lang.Exception: No Certificate file specified
> at org.apache.tomcat.jni.SSLContext.setCertificate(Native Method)
> at org.apache.tomcat.util.net.AprEndpoint.init(AprEndpoint.java:684)
> at
> org.apache.coyote.http11.Http11AprProtocol.init(Http11AprProtocol.java:107)
> at org.apache.catalina.connector.Connector.initialize(Connector.java:1058)
> at
> org.apache.catalina.core.StandardService.initialize(StandardService.java:677)
> at
> org.apache.catalina.core.StandardServer.initialize(StandardServer.java:795)
> at org.apache.catalina.startup.Catalina.load(Catalina.java:530)
> at org.apache.catalina.startup.Catalina.load(Catalina.java:550)
> at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
> at sun.reflect.NativeMethodAccessorImpl.invoke(Unknown Source)
> at sun.reflect.DelegatingMethodAccessorImpl.invoke(Unknown Source)
> at java.lang.reflect.Method.invoke(Unknown Source)
> at org.apache.catalina.startup.Bootstrap.load(Bootstrap.java:260)
> at org.apache.catalina.startup.Bootstrap.main(Bootstrap.java:412)
> 7-ago-2012 18.42.53 org.apache.catalina.startup.Catalina load
> GRAVE: Catalina.start
> LifecycleException: Protocol handler initialization failed:
> java.lang.Exception: No Certificate file specified
> at org.apache.catalina.connector.Connector.initialize(Connector.java:1060)
> at
> org.apache.catalina.core.StandardService.initialize(StandardService.java:677)
> at
> org.apache.catalina.core.StandardServer.initialize(StandardServer.java:795)
> at org.apache.catalina.startup.Catalina.load(Catalina.java:530)
> at org.apache.catalina.startup.Catalina.load(Catalina.java:550)
> at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
> at sun.reflect.NativeMethodAccessorImpl.invoke(Unknown Source)
> at sun.reflect.DelegatingMethodAccessorImpl.invoke(Unknown Source)
> at java.lang.reflect.Method.invoke(Unknown Source)
> at org.apache.catalina.startup.Bootstrap.load(Bootstrap.java:260)
> at org.apache.catalina.startup.Bootstrap.main(Bootstrap.java:412)
> 7-ago-2012 18.42.53 org.apache.catalina.startup.Catalina load
> INFO: Initialization processed in 2236 ms
> 7-ago-2012 18.42.53 org.apache.catalina.realm.JAASRealm setContainer
> INFO: Set JAAS app name Catalinassl
> 7-ago-2012 18.42.53 org.apache.catalina.core.StandardService start
> INFO: Starting service Catalina
> 7-ago-2012 18.42.53 org.apache.catalina.core.StandardEngine start
> INFO: Starting Servlet Engine: Apache Tomcat/6.0.16
>
>
>
> 2012/8/7 Terence M. Bandoian <te...@tmbsw.com>
>
> > On 1:59 PM, Massimo Chirivě - Ict Consultant wrote:
> >
> >> What version of Tomcat are you using?
> >>>
> >> 6.0.16
> >>
> >> What *exactly* does 'not ok' mean?
> >>>
> >> The https site is not responding
> >>
> >>> Are there any errors in the log files?
> >>>
> >> NO, I have Stop and Start TOMCAT, the log files Catalina.2012-08-07.txt is
> >> attach
> >>
> >>> Can you describe the symptoms of the error?
> >>>
> >> When i submit http://www.sito1.net or http://www.site2.net is work
> >> correctly
> >> when i submit https://www.sito3.net is not responding.
> >>
> >> the configuration in the server.xml is correctly?
> >>
> >>
> >> 2012/8/7 Pid<pi...@pidster.com>
> >>
> >> On 03/08/2012 17:35, Massimo Chirivě - Ict Consultant wrote:
> >>>
> >>>> *this is my server.xml, *
> >>>> *the sites on the http is ok, but the site on the https is not ok?*
> >>>> *thank you for help*
> >>>>
> >>> Are you just repeating the same question over& over?
> >>>
> >>>
> >>> Have you read the documents provided previously?
> >>>
> >>> What version of Tomcat are you using?
> >>>
> >>> What *exactly* does 'not ok' mean?
> >>>
> >>> Are there any errors in the log files?
> >>>
> >>> Can you describe the symptoms of the error?
> >>>
> >>> Have you ever read& comprehended:
> >>>
> >>>
> >>> http://www.catb.org/esr/faqs/**smart-questions.html<http://www.catb.org/esr/faqs/smart-questions.html>
> >>>
> >>>
> >>> p
> >>>
> >>>
> >>> <?xml version='1.0' encoding='utf-8'?>
> >>>>
> >>>> <Server port="8005" shutdown="SHUTDOWN">
> >>>>
> >>>> <Listener className="org.apache.**catalina.core.**
> >>>> AprLifecycleListener"
> >>>> SSLEngine="on" />
> >>>> <Listener className="org.apache.**catalina.core.JasperListener" />
> >>>> <Listener
> >>>>
> >>> className="org.apache.**catalina.mbeans.**ServerLifecycleListener"
> >>>
> >>>> />
> >>>> <Listener
> >>>> className="org.apache.**catalina.mbeans.**
> >>>> GlobalResourcesLifecycleListen**er"
> >>>>
> >>> />
> >>>
> >>>> <GlobalNamingResources>
> >>>> <Resource name="UserDatabase" auth="Container"
> >>>> type="org.apache.catalina.**UserDatabase"
> >>>> description="User database that can be updated and saved"
> >>>>
> >>>> factory="org.apache.catalina.**users.**MemoryUserDatabaseFactory"
> >>>
> >>>> pathname="conf/tomcat-users.**xml" />
> >>>> </GlobalNamingResources>
> >>>>
> >>>> <Service name="Catalina">
> >>>>
> >>>>
> >>>> <Connector port="80" protocol="HTTP/1.1"
> >>>> connectionTimeout="20000"
> >>>> redirectPort="443" />
> >>>>
> >>>> <Connector port="8009" protocol="AJP/1.3" redirectPort="443" />
> >>>>
> >>>>
> >>>> <Engine name="Catalina" defaultHost="localhost">
> >>>>
> >>>> <Realm className="org.apache.**catalina.realm.**
> >>>> UserDatabaseRealm"
> >>>> resourceName="UserDatabase"/>
> >>>>
> >>>> <Host name="localhost" appBase="webapps"
> >>>> unpackWARs="true" autoDeploy="true"
> >>>> xmlValidation="false" xmlNamespaceAware="false">
> >>>> </Host>
> >>>>
> >>>> <Host name="www.site1.it" debug="0" unpackWARs="true">
> >>>> <Logger className="org.apache.**catalina.logger.FileLogger"
> >>>> directory="logs" prefix="virtual_log1." suffix=".txt"
> >>>> timestamp="true"/>
> >>>> <Context path="" docBase="/webapps/site1" debug="0"
> >>>> reloadable="true"/>
> >>>>
> >>> Context definitions in server.xml is very strongly discouraged and
> >>> considered poor practice.
> >>>
> >>>
> >>> <Valve className="org.apache.**catalina.valves.**
> >>>> AccessLogValve"
> >>>> directory="logs" prefix="virtual_log." suffix=".txt"
> >>>> pattern="common"/>
> >>>> </Host>
> >>>>
> >>>>
> >>>> <Host name="www.site2.net" debug="0" unpackWARs="true">
> >>>> <Logger className="org.apache.**catalina.logger.FileLogger"
> >>>> directory="logs" prefix="virtual_log29."
> >>>> suffix=".txt"
> >>>> timestamp="true"/>
> >>>>
> >>> There is no logger in Tomcat 7.0.
> >>>
> >>>
> >>> <Context path="" docBase="/webapps/site2" debug="0"
> >>>> reloadable="true"/>
> >>>> <Valve className="org.apache.**catalina.valves.**
> >>>> AccessLogValve"
> >>>> directory="logs" prefix="virtual_log." suffix=".txt"
> >>>> pattern="common"/>
> >>>> </Host>
> >>>>
> >>>> </Engine>
> >>>> </Service>
> >>>>
> >>>>
> >>>> <Service name="Catalinassl">
> >>>>
> >>>> <Engine name="Catalinassl" defaultHost="localhost">
> >>>> <Connector port="443" maxHttpHeaderSize="8192" maxThreads="150"
> >>>> minSpareThreads="25" maxSpareThreads="75" enableLookups="false"
> >>>> disableUploadTimeout="true" acceptCount="100" scheme="https"
> >>>>
> >>> secure="true"
> >>>
> >>>> SSLEnabled="true" clientAuth="false" sslProtocol="TLS"
> >>>>
> >>> keyAlias="bancomed"
> >>>
> >>>> keystoreFile="C:\Program Files\Java\jre1.5.0_15\bin\**site3.jks"
> >>>> keypass="xxxx" />
> >>>>
> >>>> <Host name="www.site3.net" debug="0" unpackWARs="true">
> >>>> <Logger className="org.apache.**catalina.logger.FileLogger"
> >>>> directory="logs" prefix="virtual_log29."
> >>>> suffix=".txt"
> >>>> timestamp="true"/>
> >>>>
> >>> There is no logger in Tomcat 7.0.
> >>>
> >>> <Context path="" docBase="/webapps/site3" debug="0"
> >>>> reloadable="true"/>
> >>>>
> >>> Context definitions in server.xml is very strongly discouraged and
> >>> considered poor practice.
> >>>
> >>>
> >>> <Valve className="org.apache.**catalina.valves.**
> >>>> AccessLogValve"
> >>>> directory="logs" prefix="virtual_log." suffix=".txt"
> >>>> pattern="common"/>
> >>>> </Host>
> >>>> </Engine>
> >>>>
> >>>> </Service>
> >>>>
> >>>>
> >>>>
> >>>> </Server>
> >>>>
> >>>> Massimo Chirivě
> >>>>
> >>>>
> >>>>
> >>>>
> >>>>
> >>>>
> >>>> 2012/2/12 Caldarale, Charles R<Ch...@unisys.com>
> >>>>
> >>>> From: mchirivi.ict@gmail.com [mailto:mchirivi.ict@gmail.com**] On
> >>>>> Behalf
> >>>>>
> >>>> Of
> >>>
> >>>> Massimo Chirivě - Ict Consultant
> >>>>>
> >>>>> Subject: Re: TOMCAT with multiple sites (one on https, others on http)
> >>>>>
> >>>>> i have a server with TOMCAT and i want to configure multiple sites,
> >>>>> i can configure one site on https and others sites on http?
> >>>>>
> >>>>> 1) Read the servlet spec, especially section 13, security.
> >>>>>
> >>>>> 2) Read the Tomcat doc for SSL and<Connector>:
> >>>>> http://tomcat.apache.org/**tomcat-7.0-doc/ssl-howto.html<http://tomcat.apache.org/tomcat-7.0-doc/ssl-howto.html>
> >>>>> http://tomcat.apache.org/**tomcat-7.0-doc/config/http.**html<http://tomcat.apache.org/tomcat-7.0-doc/config/http.html>
> >>>>>
> >>>>> 3) Read the Wiki for virtual hosts:
> >>>>>
> >>>>>
> >>>>> http://wiki.apache.org/tomcat/**HowTo#How_do_I_set_up_Tomcat_**
> >>> virtual_hosts_in_a_**development_environment.3F<http://wiki.apache.org/tomcat/HowTo#How_do_I_set_up_Tomcat_virtual_hosts_in_a_development_environment.3F>
> >>>
> >>>> - Chuck
> >>>>>
> >>>>
> >
> > Hi, Massimo-
> >
> > Is it valid to nest a <Connector> element inside an <Engine> element?
> >
> > -Terence Bandoian
> >
> >
> > ------------------------------**------------------------------**---------
> > To unsubscribe, e-mail: users-unsubscribe@tomcat.**apache.org<us...@tomcat.apache.org>
> >
> > For additional commands, e-mail: users-help@tomcat.apache.org
> >
> >
Re: TOMCAT with multiple sites (one on https, others on http)
Posted by Christopher Schultz <ch...@christopherschultz.net>.
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Massimo,
On 8/7/12 12:52 PM, Massimo Chirivì - Ict Consultant wrote:
> i HAVE CORRECT THIS ERROR, <CONNECTOR> NOW IS OUT THE <ENGINE>
>
> now the log files write: 7-ago-2012 18.42.52
> org.apache.catalina.core.AprLifecycleListener init INFO: Loaded APR
> based Apache Tomcat Native library 1.1.10. 7-ago-2012 18.42.52
> org.apache.catalina.core.AprLifecycleListener init INFO: APR
> capabilities: IPv6 [false], sendfile [true], accept filters
> [false], random [true]. 7-ago-2012 18.42.53
> org.apache.coyote.http11.Http11AprProtocol init INFO: Initializing
> Coyote HTTP/1.1 on http-80 7-ago-2012 18.42.53
> org.apache.coyote.ajp.AjpAprProtocol init INFO: Initializing Coyote
> AJP/1.3 on ajp-8009 7-ago-2012 18.42.53
> org.apache.coyote.http11.Http11AprProtocol init GRAVE: Error
> initializing endpoint java.lang.Exception: No Certificate file
> specified at org.apache.tomcat.jni.SSLContext.setCertificate(Native
> Method) at
> org.apache.tomcat.util.net.AprEndpoint.init(AprEndpoint.java:684)
...and there is the problem: you need to use APR configuration and not
JSSE configuration in your <Connector>.
Specifically, don't use keystoreFile, etc. Instead, use
SSLCertificateFile, etc. See
http://tomcat.apache.org/tomcat-6.0-doc/apr.html#HTTPS for reference.
Unfortunately, you have (likely) gone through the grueling procedure
of dealing with Java keystores and now you can use the much simpler
PEM files that OpenSSL (via APR) use.
- -chris
-----BEGIN PGP SIGNATURE-----
Version: GnuPG/MacGPG2 v2.0.17 (Darwin)
Comment: GPGTools - http://gpgtools.org
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/
iEYEARECAAYFAlAh3LEACgkQ9CaO5/Lv0PBjWgCdFgnZMuHCwmGwm4+lFl+mPJ9N
8KUAni+epVauSTrMFa8NHQXudBbPAYOA
=t4Zt
-----END PGP SIGNATURE-----
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org
Re: TOMCAT with multiple sites (one on https, others on http)
Posted by Massimo Chirivì - Ict Consultant <in...@massimochirivi.net>.
i HAVE CORRECT THIS ERROR, <CONNECTOR> NOW IS OUT THE <ENGINE>
now the log files write:
7-ago-2012 18.42.52 org.apache.catalina.core.AprLifecycleListener init
INFO: Loaded APR based Apache Tomcat Native library 1.1.10.
7-ago-2012 18.42.52 org.apache.catalina.core.AprLifecycleListener init
INFO: APR capabilities: IPv6 [false], sendfile [true], accept filters
[false], random [true].
7-ago-2012 18.42.53 org.apache.coyote.http11.Http11AprProtocol init
INFO: Initializing Coyote HTTP/1.1 on http-80
7-ago-2012 18.42.53 org.apache.coyote.ajp.AjpAprProtocol init
INFO: Initializing Coyote AJP/1.3 on ajp-8009
7-ago-2012 18.42.53 org.apache.coyote.http11.Http11AprProtocol init
GRAVE: Error initializing endpoint
java.lang.Exception: No Certificate file specified
at org.apache.tomcat.jni.SSLContext.setCertificate(Native Method)
at org.apache.tomcat.util.net.AprEndpoint.init(AprEndpoint.java:684)
at
org.apache.coyote.http11.Http11AprProtocol.init(Http11AprProtocol.java:107)
at org.apache.catalina.connector.Connector.initialize(Connector.java:1058)
at
org.apache.catalina.core.StandardService.initialize(StandardService.java:677)
at
org.apache.catalina.core.StandardServer.initialize(StandardServer.java:795)
at org.apache.catalina.startup.Catalina.load(Catalina.java:530)
at org.apache.catalina.startup.Catalina.load(Catalina.java:550)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(Unknown Source)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(Unknown Source)
at java.lang.reflect.Method.invoke(Unknown Source)
at org.apache.catalina.startup.Bootstrap.load(Bootstrap.java:260)
at org.apache.catalina.startup.Bootstrap.main(Bootstrap.java:412)
7-ago-2012 18.42.53 org.apache.catalina.startup.Catalina load
GRAVE: Catalina.start
LifecycleException: Protocol handler initialization failed:
java.lang.Exception: No Certificate file specified
at org.apache.catalina.connector.Connector.initialize(Connector.java:1060)
at
org.apache.catalina.core.StandardService.initialize(StandardService.java:677)
at
org.apache.catalina.core.StandardServer.initialize(StandardServer.java:795)
at org.apache.catalina.startup.Catalina.load(Catalina.java:530)
at org.apache.catalina.startup.Catalina.load(Catalina.java:550)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(Unknown Source)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(Unknown Source)
at java.lang.reflect.Method.invoke(Unknown Source)
at org.apache.catalina.startup.Bootstrap.load(Bootstrap.java:260)
at org.apache.catalina.startup.Bootstrap.main(Bootstrap.java:412)
7-ago-2012 18.42.53 org.apache.catalina.startup.Catalina load
INFO: Initialization processed in 2236 ms
7-ago-2012 18.42.53 org.apache.catalina.realm.JAASRealm setContainer
INFO: Set JAAS app name Catalinassl
7-ago-2012 18.42.53 org.apache.catalina.core.StandardService start
INFO: Starting service Catalina
7-ago-2012 18.42.53 org.apache.catalina.core.StandardEngine start
INFO: Starting Servlet Engine: Apache Tomcat/6.0.16
2012/8/7 Terence M. Bandoian <te...@tmbsw.com>
> On 1:59 PM, Massimo Chirivě - Ict Consultant wrote:
>
>> What version of Tomcat are you using?
>>>
>> 6.0.16
>>
>> What *exactly* does 'not ok' mean?
>>>
>> The https site is not responding
>>
>>> Are there any errors in the log files?
>>>
>> NO, I have Stop and Start TOMCAT, the log files Catalina.2012-08-07.txt is
>> attach
>>
>>> Can you describe the symptoms of the error?
>>>
>> When i submit http://www.sito1.net or http://www.site2.net is work
>> correctly
>> when i submit https://www.sito3.net is not responding.
>>
>> the configuration in the server.xml is correctly?
>>
>>
>> 2012/8/7 Pid<pi...@pidster.com>
>>
>> On 03/08/2012 17:35, Massimo Chirivě - Ict Consultant wrote:
>>>
>>>> *this is my server.xml, *
>>>> *the sites on the http is ok, but the site on the https is not ok?*
>>>> *thank you for help*
>>>>
>>> Are you just repeating the same question over& over?
>>>
>>>
>>> Have you read the documents provided previously?
>>>
>>> What version of Tomcat are you using?
>>>
>>> What *exactly* does 'not ok' mean?
>>>
>>> Are there any errors in the log files?
>>>
>>> Can you describe the symptoms of the error?
>>>
>>> Have you ever read& comprehended:
>>>
>>>
>>> http://www.catb.org/esr/faqs/**smart-questions.html<http://www.catb.org/esr/faqs/smart-questions.html>
>>>
>>>
>>> p
>>>
>>>
>>> <?xml version='1.0' encoding='utf-8'?>
>>>>
>>>> <Server port="8005" shutdown="SHUTDOWN">
>>>>
>>>> <Listener className="org.apache.**catalina.core.**
>>>> AprLifecycleListener"
>>>> SSLEngine="on" />
>>>> <Listener className="org.apache.**catalina.core.JasperListener" />
>>>> <Listener
>>>>
>>> className="org.apache.**catalina.mbeans.**ServerLifecycleListener"
>>>
>>>> />
>>>> <Listener
>>>> className="org.apache.**catalina.mbeans.**
>>>> GlobalResourcesLifecycleListen**er"
>>>>
>>> />
>>>
>>>> <GlobalNamingResources>
>>>> <Resource name="UserDatabase" auth="Container"
>>>> type="org.apache.catalina.**UserDatabase"
>>>> description="User database that can be updated and saved"
>>>>
>>>> factory="org.apache.catalina.**users.**MemoryUserDatabaseFactory"
>>>
>>>> pathname="conf/tomcat-users.**xml" />
>>>> </GlobalNamingResources>
>>>>
>>>> <Service name="Catalina">
>>>>
>>>>
>>>> <Connector port="80" protocol="HTTP/1.1"
>>>> connectionTimeout="20000"
>>>> redirectPort="443" />
>>>>
>>>> <Connector port="8009" protocol="AJP/1.3" redirectPort="443" />
>>>>
>>>>
>>>> <Engine name="Catalina" defaultHost="localhost">
>>>>
>>>> <Realm className="org.apache.**catalina.realm.**
>>>> UserDatabaseRealm"
>>>> resourceName="UserDatabase"/>
>>>>
>>>> <Host name="localhost" appBase="webapps"
>>>> unpackWARs="true" autoDeploy="true"
>>>> xmlValidation="false" xmlNamespaceAware="false">
>>>> </Host>
>>>>
>>>> <Host name="www.site1.it" debug="0" unpackWARs="true">
>>>> <Logger className="org.apache.**catalina.logger.FileLogger"
>>>> directory="logs" prefix="virtual_log1." suffix=".txt"
>>>> timestamp="true"/>
>>>> <Context path="" docBase="/webapps/site1" debug="0"
>>>> reloadable="true"/>
>>>>
>>> Context definitions in server.xml is very strongly discouraged and
>>> considered poor practice.
>>>
>>>
>>> <Valve className="org.apache.**catalina.valves.**
>>>> AccessLogValve"
>>>> directory="logs" prefix="virtual_log." suffix=".txt"
>>>> pattern="common"/>
>>>> </Host>
>>>>
>>>>
>>>> <Host name="www.site2.net" debug="0" unpackWARs="true">
>>>> <Logger className="org.apache.**catalina.logger.FileLogger"
>>>> directory="logs" prefix="virtual_log29."
>>>> suffix=".txt"
>>>> timestamp="true"/>
>>>>
>>> There is no logger in Tomcat 7.0.
>>>
>>>
>>> <Context path="" docBase="/webapps/site2" debug="0"
>>>> reloadable="true"/>
>>>> <Valve className="org.apache.**catalina.valves.**
>>>> AccessLogValve"
>>>> directory="logs" prefix="virtual_log." suffix=".txt"
>>>> pattern="common"/>
>>>> </Host>
>>>>
>>>> </Engine>
>>>> </Service>
>>>>
>>>>
>>>> <Service name="Catalinassl">
>>>>
>>>> <Engine name="Catalinassl" defaultHost="localhost">
>>>> <Connector port="443" maxHttpHeaderSize="8192" maxThreads="150"
>>>> minSpareThreads="25" maxSpareThreads="75" enableLookups="false"
>>>> disableUploadTimeout="true" acceptCount="100" scheme="https"
>>>>
>>> secure="true"
>>>
>>>> SSLEnabled="true" clientAuth="false" sslProtocol="TLS"
>>>>
>>> keyAlias="bancomed"
>>>
>>>> keystoreFile="C:\Program Files\Java\jre1.5.0_15\bin\**site3.jks"
>>>> keypass="xxxx" />
>>>>
>>>> <Host name="www.site3.net" debug="0" unpackWARs="true">
>>>> <Logger className="org.apache.**catalina.logger.FileLogger"
>>>> directory="logs" prefix="virtual_log29."
>>>> suffix=".txt"
>>>> timestamp="true"/>
>>>>
>>> There is no logger in Tomcat 7.0.
>>>
>>> <Context path="" docBase="/webapps/site3" debug="0"
>>>> reloadable="true"/>
>>>>
>>> Context definitions in server.xml is very strongly discouraged and
>>> considered poor practice.
>>>
>>>
>>> <Valve className="org.apache.**catalina.valves.**
>>>> AccessLogValve"
>>>> directory="logs" prefix="virtual_log." suffix=".txt"
>>>> pattern="common"/>
>>>> </Host>
>>>> </Engine>
>>>>
>>>> </Service>
>>>>
>>>>
>>>>
>>>> </Server>
>>>>
>>>> Massimo Chirivě
>>>>
>>>>
>>>>
>>>>
>>>>
>>>>
>>>> 2012/2/12 Caldarale, Charles R<Ch...@unisys.com>
>>>>
>>>> From: mchirivi.ict@gmail.com [mailto:mchirivi.ict@gmail.com**] On
>>>>> Behalf
>>>>>
>>>> Of
>>>
>>>> Massimo Chirivě - Ict Consultant
>>>>>
>>>>> Subject: Re: TOMCAT with multiple sites (one on https, others on http)
>>>>>
>>>>> i have a server with TOMCAT and i want to configure multiple sites,
>>>>> i can configure one site on https and others sites on http?
>>>>>
>>>>> 1) Read the servlet spec, especially section 13, security.
>>>>>
>>>>> 2) Read the Tomcat doc for SSL and<Connector>:
>>>>> http://tomcat.apache.org/**tomcat-7.0-doc/ssl-howto.html<http://tomcat.apache.org/tomcat-7.0-doc/ssl-howto.html>
>>>>> http://tomcat.apache.org/**tomcat-7.0-doc/config/http.**html<http://tomcat.apache.org/tomcat-7.0-doc/config/http.html>
>>>>>
>>>>> 3) Read the Wiki for virtual hosts:
>>>>>
>>>>>
>>>>> http://wiki.apache.org/tomcat/**HowTo#How_do_I_set_up_Tomcat_**
>>> virtual_hosts_in_a_**development_environment.3F<http://wiki.apache.org/tomcat/HowTo#How_do_I_set_up_Tomcat_virtual_hosts_in_a_development_environment.3F>
>>>
>>>> - Chuck
>>>>>
>>>>
>
> Hi, Massimo-
>
> Is it valid to nest a <Connector> element inside an <Engine> element?
>
> -Terence Bandoian
>
>
> ------------------------------**------------------------------**---------
> To unsubscribe, e-mail: users-unsubscribe@tomcat.**apache.org<us...@tomcat.apache.org>
>
> For additional commands, e-mail: users-help@tomcat.apache.org
>
>
Re: TOMCAT with multiple sites (one on https, others on http)
Posted by "Terence M. Bandoian" <te...@tmbsw.com>.
On 1:59 PM, Massimo Chirivì - Ict Consultant wrote:
>> What version of Tomcat are you using?
> 6.0.16
>
>> What *exactly* does 'not ok' mean?
> The https site is not responding
>> Are there any errors in the log files?
> NO, I have Stop and Start TOMCAT, the log files Catalina.2012-08-07.txt is
> attach
>> Can you describe the symptoms of the error?
> When i submit http://www.sito1.net or http://www.site2.net is work
> correctly
> when i submit https://www.sito3.net is not responding.
>
> the configuration in the server.xml is correctly?
>
>
> 2012/8/7 Pid<pi...@pidster.com>
>
>> On 03/08/2012 17:35, Massimo Chirivì - Ict Consultant wrote:
>>> *this is my server.xml, *
>>> *the sites on the http is ok, but the site on the https is not ok?*
>>> *thank you for help*
>> Are you just repeating the same question over& over?
>>
>> Have you read the documents provided previously?
>>
>> What version of Tomcat are you using?
>>
>> What *exactly* does 'not ok' mean?
>>
>> Are there any errors in the log files?
>>
>> Can you describe the symptoms of the error?
>>
>> Have you ever read& comprehended:
>>
>> http://www.catb.org/esr/faqs/smart-questions.html
>>
>>
>> p
>>
>>
>>> <?xml version='1.0' encoding='utf-8'?>
>>>
>>> <Server port="8005" shutdown="SHUTDOWN">
>>>
>>> <Listener className="org.apache.catalina.core.AprLifecycleListener"
>>> SSLEngine="on" />
>>> <Listener className="org.apache.catalina.core.JasperListener" />
>>> <Listener
>> className="org.apache.catalina.mbeans.ServerLifecycleListener"
>>> />
>>> <Listener
>>> className="org.apache.catalina.mbeans.GlobalResourcesLifecycleListener"
>> />
>>> <GlobalNamingResources>
>>> <Resource name="UserDatabase" auth="Container"
>>> type="org.apache.catalina.UserDatabase"
>>> description="User database that can be updated and saved"
>>>
>> factory="org.apache.catalina.users.MemoryUserDatabaseFactory"
>>> pathname="conf/tomcat-users.xml" />
>>> </GlobalNamingResources>
>>>
>>> <Service name="Catalina">
>>>
>>>
>>> <Connector port="80" protocol="HTTP/1.1"
>>> connectionTimeout="20000"
>>> redirectPort="443" />
>>>
>>> <Connector port="8009" protocol="AJP/1.3" redirectPort="443" />
>>>
>>>
>>> <Engine name="Catalina" defaultHost="localhost">
>>>
>>> <Realm className="org.apache.catalina.realm.UserDatabaseRealm"
>>> resourceName="UserDatabase"/>
>>>
>>> <Host name="localhost" appBase="webapps"
>>> unpackWARs="true" autoDeploy="true"
>>> xmlValidation="false" xmlNamespaceAware="false">
>>> </Host>
>>>
>>> <Host name="www.site1.it" debug="0" unpackWARs="true">
>>> <Logger className="org.apache.catalina.logger.FileLogger"
>>> directory="logs" prefix="virtual_log1." suffix=".txt"
>>> timestamp="true"/>
>>> <Context path="" docBase="/webapps/site1" debug="0"
>>> reloadable="true"/>
>> Context definitions in server.xml is very strongly discouraged and
>> considered poor practice.
>>
>>
>>> <Valve className="org.apache.catalina.valves.AccessLogValve"
>>> directory="logs" prefix="virtual_log." suffix=".txt"
>>> pattern="common"/>
>>> </Host>
>>>
>>>
>>> <Host name="www.site2.net" debug="0" unpackWARs="true">
>>> <Logger className="org.apache.catalina.logger.FileLogger"
>>> directory="logs" prefix="virtual_log29." suffix=".txt"
>>> timestamp="true"/>
>> There is no logger in Tomcat 7.0.
>>
>>
>>> <Context path="" docBase="/webapps/site2" debug="0"
>>> reloadable="true"/>
>>> <Valve className="org.apache.catalina.valves.AccessLogValve"
>>> directory="logs" prefix="virtual_log." suffix=".txt"
>>> pattern="common"/>
>>> </Host>
>>>
>>> </Engine>
>>> </Service>
>>>
>>>
>>> <Service name="Catalinassl">
>>>
>>> <Engine name="Catalinassl" defaultHost="localhost">
>>> <Connector port="443" maxHttpHeaderSize="8192" maxThreads="150"
>>> minSpareThreads="25" maxSpareThreads="75" enableLookups="false"
>>> disableUploadTimeout="true" acceptCount="100" scheme="https"
>> secure="true"
>>> SSLEnabled="true" clientAuth="false" sslProtocol="TLS"
>> keyAlias="bancomed"
>>> keystoreFile="C:\Program Files\Java\jre1.5.0_15\bin\site3.jks"
>>> keypass="xxxx" />
>>>
>>> <Host name="www.site3.net" debug="0" unpackWARs="true">
>>> <Logger className="org.apache.catalina.logger.FileLogger"
>>> directory="logs" prefix="virtual_log29." suffix=".txt"
>>> timestamp="true"/>
>> There is no logger in Tomcat 7.0.
>>
>>> <Context path="" docBase="/webapps/site3" debug="0"
>>> reloadable="true"/>
>> Context definitions in server.xml is very strongly discouraged and
>> considered poor practice.
>>
>>
>>> <Valve className="org.apache.catalina.valves.AccessLogValve"
>>> directory="logs" prefix="virtual_log." suffix=".txt"
>>> pattern="common"/>
>>> </Host>
>>> </Engine>
>>>
>>> </Service>
>>>
>>>
>>>
>>> </Server>
>>>
>>> Massimo Chirivì
>>>
>>>
>>>
>>>
>>>
>>> 2012/2/12 Caldarale, Charles R<Ch...@unisys.com>
>>>
>>>> From: mchirivi.ict@gmail.com [mailto:mchirivi.ict@gmail.com] On Behalf
>> Of
>>>> Massimo Chirivì - Ict Consultant
>>>> Subject: Re: TOMCAT with multiple sites (one on https, others on http)
>>>>
>>>> i have a server with TOMCAT and i want to configure multiple sites,
>>>> i can configure one site on https and others sites on http?
>>>>
>>>> 1) Read the servlet spec, especially section 13, security.
>>>>
>>>> 2) Read the Tomcat doc for SSL and<Connector>:
>>>> http://tomcat.apache.org/tomcat-7.0-doc/ssl-howto.html
>>>> http://tomcat.apache.org/tomcat-7.0-doc/config/http.html
>>>>
>>>> 3) Read the Wiki for virtual hosts:
>>>>
>>>>
>> http://wiki.apache.org/tomcat/HowTo#How_do_I_set_up_Tomcat_virtual_hosts_in_a_development_environment.3F
>>>> - Chuck
Hi, Massimo-
Is it valid to nest a <Connector> element inside an <Engine> element?
-Terence Bandoian
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org
Re: TOMCAT with multiple sites (one on https, others on http)
Posted by Massimo Chirivì - Ict Consultant <in...@massimochirivi.net>.
> What version of Tomcat are you using?
6.0.16
>
> What *exactly* does 'not ok' mean?
The https site is not responding
>
> Are there any errors in the log files?
NO, I have Stop and Start TOMCAT, the log files Catalina.2012-08-07.txt is
attach
>
> Can you describe the symptoms of the error?
When i submit http://www.sito1.net or http://www.site2.net is work
correctly
when i submit https://www.sito3.net is not responding.
the configuration in the server.xml is correctly?
2012/8/7 Pid <pi...@pidster.com>
> On 03/08/2012 17:35, Massimo Chirivì - Ict Consultant wrote:
> > *this is my server.xml, *
> > *the sites on the http is ok, but the site on the https is not ok?*
> > *thank you for help*
>
> Are you just repeating the same question over & over?
>
> Have you read the documents provided previously?
>
> What version of Tomcat are you using?
>
> What *exactly* does 'not ok' mean?
>
> Are there any errors in the log files?
>
> Can you describe the symptoms of the error?
>
> Have you ever read & comprehended:
>
> http://www.catb.org/esr/faqs/smart-questions.html
>
>
> p
>
>
> > <?xml version='1.0' encoding='utf-8'?>
> >
> > <Server port="8005" shutdown="SHUTDOWN">
> >
> > <Listener className="org.apache.catalina.core.AprLifecycleListener"
> > SSLEngine="on" />
> > <Listener className="org.apache.catalina.core.JasperListener" />
> > <Listener
> className="org.apache.catalina.mbeans.ServerLifecycleListener"
> > />
> > <Listener
> > className="org.apache.catalina.mbeans.GlobalResourcesLifecycleListener"
> />
> >
> > <GlobalNamingResources>
> > <Resource name="UserDatabase" auth="Container"
> > type="org.apache.catalina.UserDatabase"
> > description="User database that can be updated and saved"
> >
> factory="org.apache.catalina.users.MemoryUserDatabaseFactory"
> > pathname="conf/tomcat-users.xml" />
> > </GlobalNamingResources>
> >
> > <Service name="Catalina">
> >
> >
> > <Connector port="80" protocol="HTTP/1.1"
> > connectionTimeout="20000"
> > redirectPort="443" />
> >
> > <Connector port="8009" protocol="AJP/1.3" redirectPort="443" />
> >
> >
> > <Engine name="Catalina" defaultHost="localhost">
> >
> > <Realm className="org.apache.catalina.realm.UserDatabaseRealm"
> > resourceName="UserDatabase"/>
> >
> > <Host name="localhost" appBase="webapps"
> > unpackWARs="true" autoDeploy="true"
> > xmlValidation="false" xmlNamespaceAware="false">
> > </Host>
> >
> > <Host name="www.site1.it" debug="0" unpackWARs="true">
> > <Logger className="org.apache.catalina.logger.FileLogger"
> > directory="logs" prefix="virtual_log1." suffix=".txt"
> > timestamp="true"/>
> > <Context path="" docBase="/webapps/site1" debug="0"
> > reloadable="true"/>
>
> Context definitions in server.xml is very strongly discouraged and
> considered poor practice.
>
>
> > <Valve className="org.apache.catalina.valves.AccessLogValve"
> > directory="logs" prefix="virtual_log." suffix=".txt"
> > pattern="common"/>
> > </Host>
> >
> >
> > <Host name="www.site2.net" debug="0" unpackWARs="true" >
> > <Logger className="org.apache.catalina.logger.FileLogger"
> > directory="logs" prefix="virtual_log29." suffix=".txt"
> > timestamp="true"/>
>
> There is no logger in Tomcat 7.0.
>
>
> > <Context path="" docBase="/webapps/site2" debug="0"
> > reloadable="true"/>
> > <Valve className="org.apache.catalina.valves.AccessLogValve"
> > directory="logs" prefix="virtual_log." suffix=".txt"
> > pattern="common"/>
> > </Host>
> >
> > </Engine>
> > </Service>
> >
> >
> > <Service name="Catalinassl">
> >
> > <Engine name="Catalinassl" defaultHost="localhost">
> > <Connector port="443" maxHttpHeaderSize="8192" maxThreads="150"
> > minSpareThreads="25" maxSpareThreads="75" enableLookups="false"
> > disableUploadTimeout="true" acceptCount="100" scheme="https"
> secure="true"
> > SSLEnabled="true" clientAuth="false" sslProtocol="TLS"
> keyAlias="bancomed"
> > keystoreFile="C:\Program Files\Java\jre1.5.0_15\bin\site3.jks"
> > keypass="xxxx" />
> >
> > <Host name="www.site3.net" debug="0" unpackWARs="true">
> > <Logger className="org.apache.catalina.logger.FileLogger"
> > directory="logs" prefix="virtual_log29." suffix=".txt"
> > timestamp="true"/>
>
> There is no logger in Tomcat 7.0.
>
> > <Context path="" docBase="/webapps/site3" debug="0"
> > reloadable="true"/>
>
> Context definitions in server.xml is very strongly discouraged and
> considered poor practice.
>
>
> > <Valve className="org.apache.catalina.valves.AccessLogValve"
> > directory="logs" prefix="virtual_log." suffix=".txt"
> > pattern="common"/>
> > </Host>
> > </Engine>
> >
> > </Service>
> >
> >
> >
> > </Server>
> >
> > Massimo Chirivì
> >
> >
> >
> >
> >
> > 2012/2/12 Caldarale, Charles R <Ch...@unisys.com>
> >
> >> From: mchirivi.ict@gmail.com [mailto:mchirivi.ict@gmail.com] On Behalf
> Of
> >> Massimo Chirivì - Ict Consultant
> >> Subject: Re: TOMCAT with multiple sites (one on https, others on http)
> >>
> >> i have a server with TOMCAT and i want to configure multiple sites,
> >> i can configure one site on https and others sites on http?
> >>
> >> 1) Read the servlet spec, especially section 13, security.
> >>
> >> 2) Read the Tomcat doc for SSL and <Connector>:
> >> http://tomcat.apache.org/tomcat-7.0-doc/ssl-howto.html
> >> http://tomcat.apache.org/tomcat-7.0-doc/config/http.html
> >>
> >> 3) Read the Wiki for virtual hosts:
> >>
> >>
> http://wiki.apache.org/tomcat/HowTo#How_do_I_set_up_Tomcat_virtual_hosts_in_a_development_environment.3F
> >>
> >> - Chuck
> >>
> >>
> >> THIS COMMUNICATION MAY CONTAIN CONFIDENTIAL AND/OR OTHERWISE PROPRIETARY
> >> MATERIAL and is thus for use only by the intended recipient. If you
> >> received this in error, please contact the sender and delete the e-mail
> and
> >> its attachments from all computers.
> >>
> >>
> >
>
>
> --
>
> [key:62590808]
>
>
Re: TOMCAT with multiple sites (one on https, others on http)
Posted by Pid <pi...@pidster.com>.
On 03/08/2012 17:35, Massimo Chirivì - Ict Consultant wrote:
> *this is my server.xml, *
> *the sites on the http is ok, but the site on the https is not ok?*
> *thank you for help*
Are you just repeating the same question over & over?
Have you read the documents provided previously?
What version of Tomcat are you using?
What *exactly* does 'not ok' mean?
Are there any errors in the log files?
Can you describe the symptoms of the error?
Have you ever read & comprehended:
http://www.catb.org/esr/faqs/smart-questions.html
p
> <?xml version='1.0' encoding='utf-8'?>
>
> <Server port="8005" shutdown="SHUTDOWN">
>
> <Listener className="org.apache.catalina.core.AprLifecycleListener"
> SSLEngine="on" />
> <Listener className="org.apache.catalina.core.JasperListener" />
> <Listener className="org.apache.catalina.mbeans.ServerLifecycleListener"
> />
> <Listener
> className="org.apache.catalina.mbeans.GlobalResourcesLifecycleListener" />
>
> <GlobalNamingResources>
> <Resource name="UserDatabase" auth="Container"
> type="org.apache.catalina.UserDatabase"
> description="User database that can be updated and saved"
> factory="org.apache.catalina.users.MemoryUserDatabaseFactory"
> pathname="conf/tomcat-users.xml" />
> </GlobalNamingResources>
>
> <Service name="Catalina">
>
>
> <Connector port="80" protocol="HTTP/1.1"
> connectionTimeout="20000"
> redirectPort="443" />
>
> <Connector port="8009" protocol="AJP/1.3" redirectPort="443" />
>
>
> <Engine name="Catalina" defaultHost="localhost">
>
> <Realm className="org.apache.catalina.realm.UserDatabaseRealm"
> resourceName="UserDatabase"/>
>
> <Host name="localhost" appBase="webapps"
> unpackWARs="true" autoDeploy="true"
> xmlValidation="false" xmlNamespaceAware="false">
> </Host>
>
> <Host name="www.site1.it" debug="0" unpackWARs="true">
> <Logger className="org.apache.catalina.logger.FileLogger"
> directory="logs" prefix="virtual_log1." suffix=".txt"
> timestamp="true"/>
> <Context path="" docBase="/webapps/site1" debug="0"
> reloadable="true"/>
Context definitions in server.xml is very strongly discouraged and
considered poor practice.
> <Valve className="org.apache.catalina.valves.AccessLogValve"
> directory="logs" prefix="virtual_log." suffix=".txt"
> pattern="common"/>
> </Host>
>
>
> <Host name="www.site2.net" debug="0" unpackWARs="true" >
> <Logger className="org.apache.catalina.logger.FileLogger"
> directory="logs" prefix="virtual_log29." suffix=".txt"
> timestamp="true"/>
There is no logger in Tomcat 7.0.
> <Context path="" docBase="/webapps/site2" debug="0"
> reloadable="true"/>
> <Valve className="org.apache.catalina.valves.AccessLogValve"
> directory="logs" prefix="virtual_log." suffix=".txt"
> pattern="common"/>
> </Host>
>
> </Engine>
> </Service>
>
>
> <Service name="Catalinassl">
>
> <Engine name="Catalinassl" defaultHost="localhost">
> <Connector port="443" maxHttpHeaderSize="8192" maxThreads="150"
> minSpareThreads="25" maxSpareThreads="75" enableLookups="false"
> disableUploadTimeout="true" acceptCount="100" scheme="https" secure="true"
> SSLEnabled="true" clientAuth="false" sslProtocol="TLS" keyAlias="bancomed"
> keystoreFile="C:\Program Files\Java\jre1.5.0_15\bin\site3.jks"
> keypass="xxxx" />
>
> <Host name="www.site3.net" debug="0" unpackWARs="true">
> <Logger className="org.apache.catalina.logger.FileLogger"
> directory="logs" prefix="virtual_log29." suffix=".txt"
> timestamp="true"/>
There is no logger in Tomcat 7.0.
> <Context path="" docBase="/webapps/site3" debug="0"
> reloadable="true"/>
Context definitions in server.xml is very strongly discouraged and
considered poor practice.
> <Valve className="org.apache.catalina.valves.AccessLogValve"
> directory="logs" prefix="virtual_log." suffix=".txt"
> pattern="common"/>
> </Host>
> </Engine>
>
> </Service>
>
>
>
> </Server>
>
> Massimo Chirivì
>
>
>
>
>
> 2012/2/12 Caldarale, Charles R <Ch...@unisys.com>
>
>> From: mchirivi.ict@gmail.com [mailto:mchirivi.ict@gmail.com] On Behalf Of
>> Massimo Chirivì - Ict Consultant
>> Subject: Re: TOMCAT with multiple sites (one on https, others on http)
>>
>> i have a server with TOMCAT and i want to configure multiple sites,
>> i can configure one site on https and others sites on http?
>>
>> 1) Read the servlet spec, especially section 13, security.
>>
>> 2) Read the Tomcat doc for SSL and <Connector>:
>> http://tomcat.apache.org/tomcat-7.0-doc/ssl-howto.html
>> http://tomcat.apache.org/tomcat-7.0-doc/config/http.html
>>
>> 3) Read the Wiki for virtual hosts:
>>
>> http://wiki.apache.org/tomcat/HowTo#How_do_I_set_up_Tomcat_virtual_hosts_in_a_development_environment.3F
>>
>> - Chuck
>>
>>
>> THIS COMMUNICATION MAY CONTAIN CONFIDENTIAL AND/OR OTHERWISE PROPRIETARY
>> MATERIAL and is thus for use only by the intended recipient. If you
>> received this in error, please contact the sender and delete the e-mail and
>> its attachments from all computers.
>>
>>
>
--
[key:62590808]
Re: TOMCAT with multiple sites (one on https, others on http)
Posted by Massimo Chirivì - Ict Consultant <in...@massimochirivi.net>.
*this is my server.xml, *
*the sites on the http is ok, but the site on the https is not ok?*
*thank you for help*
<?xml version='1.0' encoding='utf-8'?>
<Server port="8005" shutdown="SHUTDOWN">
<Listener className="org.apache.catalina.core.AprLifecycleListener"
SSLEngine="on" />
<Listener className="org.apache.catalina.core.JasperListener" />
<Listener className="org.apache.catalina.mbeans.ServerLifecycleListener"
/>
<Listener
className="org.apache.catalina.mbeans.GlobalResourcesLifecycleListener" />
<GlobalNamingResources>
<Resource name="UserDatabase" auth="Container"
type="org.apache.catalina.UserDatabase"
description="User database that can be updated and saved"
factory="org.apache.catalina.users.MemoryUserDatabaseFactory"
pathname="conf/tomcat-users.xml" />
</GlobalNamingResources>
<Service name="Catalina">
<Connector port="80" protocol="HTTP/1.1"
connectionTimeout="20000"
redirectPort="443" />
<Connector port="8009" protocol="AJP/1.3" redirectPort="443" />
<Engine name="Catalina" defaultHost="localhost">
<Realm className="org.apache.catalina.realm.UserDatabaseRealm"
resourceName="UserDatabase"/>
<Host name="localhost" appBase="webapps"
unpackWARs="true" autoDeploy="true"
xmlValidation="false" xmlNamespaceAware="false">
</Host>
<Host name="www.site1.it" debug="0" unpackWARs="true">
<Logger className="org.apache.catalina.logger.FileLogger"
directory="logs" prefix="virtual_log1." suffix=".txt"
timestamp="true"/>
<Context path="" docBase="/webapps/site1" debug="0"
reloadable="true"/>
<Valve className="org.apache.catalina.valves.AccessLogValve"
directory="logs" prefix="virtual_log." suffix=".txt"
pattern="common"/>
</Host>
<Host name="www.site2.net" debug="0" unpackWARs="true" >
<Logger className="org.apache.catalina.logger.FileLogger"
directory="logs" prefix="virtual_log29." suffix=".txt"
timestamp="true"/>
<Context path="" docBase="/webapps/site2" debug="0"
reloadable="true"/>
<Valve className="org.apache.catalina.valves.AccessLogValve"
directory="logs" prefix="virtual_log." suffix=".txt"
pattern="common"/>
</Host>
</Engine>
</Service>
<Service name="Catalinassl">
<Engine name="Catalinassl" defaultHost="localhost">
<Connector port="443" maxHttpHeaderSize="8192" maxThreads="150"
minSpareThreads="25" maxSpareThreads="75" enableLookups="false"
disableUploadTimeout="true" acceptCount="100" scheme="https" secure="true"
SSLEnabled="true" clientAuth="false" sslProtocol="TLS" keyAlias="bancomed"
keystoreFile="C:\Program Files\Java\jre1.5.0_15\bin\site3.jks"
keypass="xxxx" />
<Host name="www.site3.net" debug="0" unpackWARs="true">
<Logger className="org.apache.catalina.logger.FileLogger"
directory="logs" prefix="virtual_log29." suffix=".txt"
timestamp="true"/>
<Context path="" docBase="/webapps/site3" debug="0"
reloadable="true"/>
<Valve className="org.apache.catalina.valves.AccessLogValve"
directory="logs" prefix="virtual_log." suffix=".txt"
pattern="common"/>
</Host>
</Engine>
</Service>
</Server>
Massimo Chirivì
2012/2/12 Caldarale, Charles R <Ch...@unisys.com>
> From: mchirivi.ict@gmail.com [mailto:mchirivi.ict@gmail.com] On Behalf Of
> Massimo Chirivì - Ict Consultant
> Subject: Re: TOMCAT with multiple sites (one on https, others on http)
>
> i have a server with TOMCAT and i want to configure multiple sites,
> i can configure one site on https and others sites on http?
>
> 1) Read the servlet spec, especially section 13, security.
>
> 2) Read the Tomcat doc for SSL and <Connector>:
> http://tomcat.apache.org/tomcat-7.0-doc/ssl-howto.html
> http://tomcat.apache.org/tomcat-7.0-doc/config/http.html
>
> 3) Read the Wiki for virtual hosts:
>
> http://wiki.apache.org/tomcat/HowTo#How_do_I_set_up_Tomcat_virtual_hosts_in_a_development_environment.3F
>
> - Chuck
>
>
> THIS COMMUNICATION MAY CONTAIN CONFIDENTIAL AND/OR OTHERWISE PROPRIETARY
> MATERIAL and is thus for use only by the intended recipient. If you
> received this in error, please contact the sender and delete the e-mail and
> its attachments from all computers.
>
>
RE: TOMCAT with multiple sites (one on https, others on http)
Posted by "Caldarale, Charles R" <Ch...@unisys.com>.
From: mchirivi.ict@gmail.com [mailto:mchirivi.ict@gmail.com] On Behalf Of Massimo Chirivì - Ict Consultant
Subject: Re: TOMCAT with multiple sites (one on https, others on http)
i have a server with TOMCAT and i want to configure multiple sites,
i can configure one site on https and others sites on http?
1) Read the servlet spec, especially section 13, security.
2) Read the Tomcat doc for SSL and <Connector>:
http://tomcat.apache.org/tomcat-7.0-doc/ssl-howto.html
http://tomcat.apache.org/tomcat-7.0-doc/config/http.html
3) Read the Wiki for virtual hosts:
http://wiki.apache.org/tomcat/HowTo#How_do_I_set_up_Tomcat_virtual_hosts_in_a_development_environment.3F
- Chuck
THIS COMMUNICATION MAY CONTAIN CONFIDENTIAL AND/OR OTHERWISE PROPRIETARY MATERIAL and is thus for use only by the intended recipient. If you received this in error, please contact the sender and delete the e-mail and its attachments from all computers.
Re: TOMCAT with multiple sites (one on https, others on http)
Posted by Massimo Chirivì - Ict Consultant <in...@massimochirivi.net>.
excuse me!
i have a server with TOMCAT and i want to configure multiple sites,
i can configure one site on https and others sites on http?
thank
2012/2/12 André Warnier <aw...@ice-sa.com>
> Massimo Chirivě - Ict Consultant wrote:
>
>> i have a server with TOMCAT and i want to configure multiple sites,
>> i can configure one site on https and others sites on http
>> thank
>>
>> Good for you.
> Do you also have a question ?
>
>
> ------------------------------**------------------------------**---------
> To unsubscribe, e-mail: users-unsubscribe@tomcat.**apache.org<us...@tomcat.apache.org>
> For additional commands, e-mail: users-help@tomcat.apache.org
>
>
Re: TOMCAT with multiple sites (one on https, others on http)
Posted by André Warnier <aw...@ice-sa.com>.
Massimo Chirivì - Ict Consultant wrote:
> i have a server with TOMCAT and i want to configure multiple sites,
> i can configure one site on https and others sites on http
> thank
>
Good for you.
Do you also have a question ?
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org