You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@tomcat.apache.org by my business mail <mv...@gmail.com> on 2013/03/20 18:41:28 UTC
Tomcat 6.0.20/Windows 2008 R2/SSL Configuration
HI,
I un-commented the SSL section in the server.xml file and added the path
and password to the keystore. But when accessing the
https://localhost:8443/ URL, it just keeps spinning. no error , it just
doesn't seem to connect. This is my first time configuring in w2k8. Is
there something else I'd have to do for this OS?
<Connector port="*8080*" protocol="*HTTP/1.1*"
connectionTimeout="*20000*"redirectPort
="*8443*" disableUploadTimeout="*true*" socketBuffer="*64000*"maxHttpHeaderSize
="*8192*" maxThreads="*150*" enableLookups="*false*" acceptCount="*100*" />
<Connector port="*8443*" protocol="*HTTP/1.1*" SSLEnabled="*true*"maxThreads
="*150*" scheme="*https*" secure="*true*" clientAuth="*false*" sslProtocol="
*TLS*" keystoreFile="*D:/DevCert/dev.keystore*" keystorePass="*password1***"/>
<Connector port="*8009*" protocol="*AJP/1.3*" redirectPort="*8443*" />
Re: Tomcat 6.0.20/Windows 2008 R2/SSL Configuration
Posted by André Warnier <aw...@ice-sa.com>.
Hi my business mail.
Don't top-post.
my business mail wrote:
> On Wed, Mar 20, 2013 at 2:09 PM, David kerber <dc...@verizon.net> wrote:
>
>> On 3/20/2013 2:02 PM, my business mail wrote:
>>
>>> OK, here is the text copied from notepad.
>>>
>>>
>>> <Connector executor="tomcatThreadPool"
>>> port="8080" protocol="HTTP/1.1"
>>> connectionTimeout="20000"
>>> redirectPort="8443" />
>>>
>>>
>>> <Connector port="8442" protocol="HTTP/1.1" SSLEnabled="true"
>>>
>> 8442? Shouldn't it be 8443?
>>
>>
>>
>> maxThreads="150" scheme="https" secure="true"
>>> clientAuth="false" sslProtocol="TLS"
>>> keystoreFile="D:/DevCert/dev.**keystore" keystorePass="password1" />
>>>
>>>
>>> <Connector port="8009" protocol="AJP/1.3" redirectPort="8443" />
>>>
>>>
> So, I know the port numbers can be set to any unused port. I was toggling
> between 8442 and 8443. Neither worked. I just set it back to 8443.
> I feel like it's connecting somehow, because if I put in a port number that
> isn't configured...I get a connection error message.
> Otherwise, the browser icon just keeps spinning...nothing happens.No errors
> at all.
>
Maybe you forgot to open the port in the Windows firewall ?
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org
Re: Tomcat 6.0.20/Windows 2008 R2/SSL Configuration
Posted by my business mail <mv...@gmail.com>.
On Wed, Mar 20, 2013 at 3:38 PM, Mark Eggers <it...@yahoo.com> wrote:
> Comments inline and also I pasted your configuration in from a previous
> email.
>
>
> On 3/20/2013 11:39 AM, my business mail wrote:
>
>> I only added the keystore property not truststore. I was just following
>> what i'd done for tomcat4.1 on w2k3.
>>
>
> In general, don't do this. Tomcat 4.1 (rest its weary code) is long dead,
> and configuration options may have changed. Please read the relevant
> documentation.
>
> For your version of Tomcat (please at least upgrade to 6.0.36), the
> relevant URL is:
>
> http://tomcat.apache.org/**tomcat-6.0-doc/ssl-howto.html#**Configuration<http://tomcat.apache.org/tomcat-6.0-doc/ssl-howto.html#Configuration>
>
>
> Here is the log file. The keystore
>
>> file is DEF in the path indicated, but i see the error below in the
>> catalina file.
>>
>> Mar 20, 2013 2:35:21 PM org.apache.catalina.startup.**
>> SetAllPropertiesRule
>> begin
>> WARNING: [SetAllPropertiesRule]{Server/**Service/Connector} Setting
>> property
>> 'clientAuth' to 'false' did not find a matching property.
>> Mar 20, 2013 2:35:21 PM org.apache.catalina.startup.**
>> SetAllPropertiesRule
>> begin
>> WARNING: [SetAllPropertiesRule]{Server/**Service/Connector} Setting
>> property
>> 'keystoreFile' to 'D:/DevCert/dev.keystore' did not find a matching
>> property.
>> Mar 20, 2013 2:35:21 PM org.apache.catalina.startup.**
>> SetAllPropertiesRule
>> begin
>> WARNING: [SetAllPropertiesRule]{Server/**Service/Connector} Setting
>> property
>> 'keystorePass' to 'password1' did not find a matching property.
>> Mar 20, 2013 2:35:21 PM org.apache.catalina.core.**AprLifecycleListener
>> init
>> INFO: Loaded APR based Apache Tomcat Native library 1.1.20.
>> Mar 20, 2013 2:35:21 PM org.apache.catalina.core.**AprLifecycleListener
>> init
>> INFO: APR capabilities: IPv6 [true], sendfile [true], accept filters
>> [false], random [true].
>>
>
> You are loading the APR libraries. This requires a different connector
> configuration. You have the following:
>
>
> <Connector port="8442" protocol="HTTP/1.1" SSLEnabled="true"
> maxThreads="150" scheme="https" secure="true"
> clientAuth="false" sslProtocol="TLS"
> keystoreFile="D:/DevCert/dev.**keystore"
> keystorePass="password1" />
>
> This appears to be fine for a Java-based SLL connection. You are using
> APR, and its SSL connection is based on OpenSSL. Therefore, you need
> something like the following:
>
> <Connector
> port="8443" maxThreads="200"
> scheme="https" secure="true" SSLEnabled="true"
> SSLCertificateFile="/usr/**local/ssl/server.crt"
> SSLCertificateKeyFile="/usr/**local/ssl/server.pem"
> clientAuth="optional" SSLProtocol="TLSv1"/>
>
> This is copied straight from the documentation cited above (so it's UNIX /
> Linux specific). You'll also need to generate your cert and key files a bit
> differently. Instructions on how to do that are also in the document I
> cited above.
>
> If you don't want to do that (and use Java SSL), then move tcnative-1.dll
> out of your path (renaming it is the easiest way).
>
> If this is a production machine, the native SSL is much faster than
> Java-based SSL (been told that, I front all my SSL stuff with Apache HTTPD
> so I don't know).
>
> So either rename tcnative-1.dll or follow the documentation to use the APR
> configuration.
>
>
> Mar 20, 2013 2:35:22 PM org.apache.coyote.http11.**Http11AprProtocol init
>> INFO: Initializing Coyote HTTP/1.1 on http-8080
>> Mar 20, 2013 2:35:22 PM org.apache.coyote.http11.**Http11AprProtocol init
>> SEVERE: Error initializing endpoint
>> java.lang.Exception: No Certificate file specified or invalid file format
>> at org.apache.tomcat.jni.**SSLContext.setCertificate(**Native
>> Method)
>> at org.apache.tomcat.util.net.**AprEndpoint.init(AprEndpoint.**
>> java:697)
>> at
>> org.apache.coyote.http11.**Http11AprProtocol.init(**
>> Http11AprProtocol.java:107)
>> at
>> org.apache.catalina.connector.**Connector.initialize(**
>> Connector.java:1058)
>> at
>> org.apache.catalina.core.**StandardService.initialize(**
>> StandardService.java:677)
>> at
>> org.apache.catalina.core.**StandardServer.initialize(**
>> StandardServer.java:795)
>> at org.apache.catalina.startup.**Catalina.load(Catalina.java:**535)
>> at org.apache.catalina.startup.**Catalina.load(Catalina.java:**555)
>> at sun.reflect.**NativeMethodAccessorImpl.**invoke0(Native Method)
>> at
>> sun.reflect.**NativeMethodAccessorImpl.**invoke(**
>> NativeMethodAccessorImpl.java:**39)
>> at
>> sun.reflect.**DelegatingMethodAccessorImpl.**invoke(**
>> DelegatingMethodAccessorImpl.**java:25)
>> at java.lang.reflect.Method.**invoke(Method.java:597)
>> at org.apache.catalina.startup.**Bootstrap.load(Bootstrap.java:**
>> 260)
>> at org.apache.catalina.startup.**Bootstrap.main(Bootstrap.java:**
>> 412)
>> Mar 20, 2013 2:35:22 PM org.apache.catalina.startup.**Catalina load
>> SEVERE: Catalina.start
>> LifecycleException: Protocol handler initialization failed:
>> java.lang.Exception: No Certificate file specified or invalid file format
>> at
>> org.apache.catalina.connector.**Connector.initialize(**
>> Connector.java:1060)
>> at
>> org.apache.catalina.core.**StandardService.initialize(**
>> StandardService.java:677)
>> at
>> org.apache.catalina.core.**StandardServer.initialize(**
>> StandardServer.java:795)
>> at org.apache.catalina.startup.**Catalina.load(Catalina.java:**535)
>> at org.apache.catalina.startup.**Catalina.load(Catalina.java:**555)
>> at sun.reflect.**NativeMethodAccessorImpl.**invoke0(Native Method)
>> at
>> sun.reflect.**NativeMethodAccessorImpl.**invoke(**
>> NativeMethodAccessorImpl.java:**39)
>> at
>> sun.reflect.**DelegatingMethodAccessorImpl.**invoke(**
>> DelegatingMethodAccessorImpl.**java:25)
>> at java.lang.reflect.Method.**invoke(Method.java:597)
>> at org.apache.catalina.startup.**Bootstrap.load(Bootstrap.java:**
>> 260)
>> at org.apache.catalina.startup.**Bootstrap.main(Bootstrap.java:**
>> 412)
>> Mar 20, 2013 2:35:22 PM org.apache.catalina.startup.**Catalina load
>> INFO: Initialization processed in 2143 ms
>> Mar 20, 2013 2:35:22 PM org.apache.catalina.core.**StandardService start
>> INFO: Starting service Catalina
>> Mar 20, 2013 2:35:22 PM org.apache.catalina.core.**StandardEngine start
>> INFO: Starting Servlet Engine: Apache Tomcat/6.0.20
>> Mar 20, 2013 2:35:23 PM org.apache.coyote.http11.**Http11AprProtocol
>> start
>> INFO: Starting Coyote HTTP/1.1 on http-8080
>> Mar 20, 2013 2:35:24 PM org.apache.coyote.http11.**Http11AprProtocol
>> start
>> SEVERE: Error starting endpoint
>> java.lang.Exception: Socket bind failed: [730048] Only one usage of each
>> socket address (protocol/network address/port) is normally permitted.
>> at org.apache.tomcat.util.net.**AprEndpoint.init(AprEndpoint.**
>> java:623)
>> at org.apache.tomcat.util.net.**AprEndpoint.start(AprEndpoint.**
>> java:730)
>> at
>> org.apache.coyote.http11.**Http11AprProtocol.start(**
>> Http11AprProtocol.java:137)
>> at org.apache.catalina.connector.**Connector.start(Connector.**
>> java:1131)
>> at
>> org.apache.catalina.core.**StandardService.start(**
>> StandardService.java:531)
>> at
>> org.apache.catalina.core.**StandardServer.start(**
>> StandardServer.java:710)
>> at org.apache.catalina.startup.**Catalina.start(Catalina.java:**583)
>> at sun.reflect.**NativeMethodAccessorImpl.**invoke0(Native Method)
>> at
>> sun.reflect.**NativeMethodAccessorImpl.**invoke(**
>> NativeMethodAccessorImpl.java:**39)
>> at
>> sun.reflect.**DelegatingMethodAccessorImpl.**invoke(**
>> DelegatingMethodAccessorImpl.**java:25)
>> at java.lang.reflect.Method.**invoke(Method.java:597)
>> at org.apache.catalina.startup.**Bootstrap.start(Bootstrap.**
>> java:288)
>> at org.apache.catalina.startup.**Bootstrap.main(Bootstrap.java:**
>> 413)
>> Mar 20, 2013 2:35:24 PM org.apache.catalina.startup.**Catalina start
>> SEVERE: Catalina.start:
>> LifecycleException: service.getName(): "Catalina"; Protocol handler
>> start
>> failed: java.lang.Exception: Socket bind failed: [730048] Only one usage
>> of
>> each socket address (protocol/network address/port) is normally permitted.
>> at org.apache.catalina.connector.**Connector.start(Connector.**
>> java:1138)
>> at
>> org.apache.catalina.core.**StandardService.start(**
>> StandardService.java:531)
>> at
>> org.apache.catalina.core.**StandardServer.start(**
>> StandardServer.java:710)
>> at org.apache.catalina.startup.**Catalina.start(Catalina.java:**583)
>> at sun.reflect.**NativeMethodAccessorImpl.**invoke0(Native Method)
>> at
>> sun.reflect.**NativeMethodAccessorImpl.**invoke(**
>> NativeMethodAccessorImpl.java:**39)
>> at
>> sun.reflect.**DelegatingMethodAccessorImpl.**invoke(**
>> DelegatingMethodAccessorImpl.**java:25)
>> at java.lang.reflect.Method.**invoke(Method.java:597)
>> at org.apache.catalina.startup.**Bootstrap.start(Bootstrap.**
>> java:288)
>> at org.apache.catalina.startup.**Bootstrap.main(Bootstrap.java:**
>> 413)
>> Mar 20, 2013 2:35:24 PM org.apache.catalina.startup.**Catalina start
>> INFO: Server startup in 2023 ms
>>
>>
>> On Wed, Mar 20, 2013 at 2:27 PM, Harris, Jeffrey E. <
>> Jeffrey.Harris@mantech.com> wrote:
>>
>>
>>>
>>> -----Original Message-----
>>>> From: my business mail [mailto:mv.mail3@gmail.com]
>>>> Sent: Wednesday, March 20, 2013 2:18 PM
>>>> To: Tomcat Users List
>>>> Subject: Re: Tomcat 6.0.20/Windows 2008 R2/SSL Configuration
>>>>
>>>> So, I know the port numbers can be set to any unused port. I was
>>>> toggling between 8442 and 8443. Neither worked. I just set it back to
>>>> 8443.
>>>> I feel like it's connecting somehow, because if I put in a port number
>>>> that isn't configured...I get a connection error message.
>>>> Otherwise, the browser icon just keeps spinning...nothing happens.No
>>>> errors at all.
>>>>
>>>> On Wed, Mar 20, 2013 at 2:09 PM, David kerber <dc...@verizon.net>
>>>> wrote:
>>>>
>>>> On 3/20/2013 2:02 PM, my business mail wrote:
>>>>>
>>>>> OK, here is the text copied from notepad.
>>>>>>
>>>>>>
>>>>>> <Connector executor="tomcatThreadPool"
>>>>>> port="8080" protocol="HTTP/1.1"
>>>>>> connectionTimeout="20000"
>>>>>> redirectPort="8443" />
>>>>>>
>>>>>>
>>>>>> <Connector port="8442" protocol="HTTP/1.1" SSLEnabled="true"
>>>>>>
>>>>>>
>>>>> 8442? Shouldn't it be 8443?
>>>>>
>>>>>
>>>>>
>>>>> maxThreads="150" scheme="https" secure="true"
>>>>>
>>>>>> clientAuth="false" sslProtocol="TLS"
>>>>>> keystoreFile="D:/DevCert/dev.****keystore" keystorePass="password1"
>>>>>> />
>>>>>>
>>>>>>
>>>>>> <Connector port="8009" protocol="AJP/1.3" redirectPort="8443"
>>>>>> />
>>>>>>
>>>>>>
>>>>>>
>>>>> ------------------------------****----------------------------**
>>>>> --**-----
>>>>>
>>>> -
>>>>
>>>>> --- To unsubscribe, e-mail:
>>>>> users-unsubscribe@tomcat.**apa**che.org <http://apache.org><users-
>>>>>
>>>> unsubscribe@tomcat.apache.
>>>>
>>>>> org> For additional commands, e-mail: users-help@tomcat.apache.org
>>>>>
>>>>>
>>>>>
>>> I do not see a reference to a truststore:
>>>
>>> truststoreFile=".\conf\myts.**jks"
>>>
>>> The truststore can be the same file as the keystore.
>>>
>>> What do the error logs show?
>>>
>>> Jeffrey Harris
>>>
>>
> . . . . just my two cents.
> /mde/
>
>
> ------------------------------**------------------------------**---------
> To unsubscribe, e-mail: users-unsubscribe@tomcat.**apache.org<us...@tomcat.apache.org>
> For additional commands, e-mail: users-help@tomcat.apache.org
>
> __________________________________________________________
*RESOLVED*
thank you, I renamed the tcnative-1.dll file from the path just as the
comment below indicated. this made it work!
"If you don't want to do that (and use Java SSL), then move tcnative-1.dll
out of your path (renaming it is the easiest way)."
Re: Tomcat 6.0.20/Windows 2008 R2/SSL Configuration
Posted by Mark Eggers <it...@yahoo.com>.
Comments inline and also I pasted your configuration in from a previous
email.
On 3/20/2013 11:39 AM, my business mail wrote:
> I only added the keystore property not truststore. I was just following
> what i'd done for tomcat4.1 on w2k3.
In general, don't do this. Tomcat 4.1 (rest its weary code) is long
dead, and configuration options may have changed. Please read the
relevant documentation.
For your version of Tomcat (please at least upgrade to 6.0.36), the
relevant URL is:
http://tomcat.apache.org/tomcat-6.0-doc/ssl-howto.html#Configuration
Here is the log file. The keystore
> file is DEF in the path indicated, but i see the error below in the
> catalina file.
>
> Mar 20, 2013 2:35:21 PM org.apache.catalina.startup.SetAllPropertiesRule
> begin
> WARNING: [SetAllPropertiesRule]{Server/Service/Connector} Setting property
> 'clientAuth' to 'false' did not find a matching property.
> Mar 20, 2013 2:35:21 PM org.apache.catalina.startup.SetAllPropertiesRule
> begin
> WARNING: [SetAllPropertiesRule]{Server/Service/Connector} Setting property
> 'keystoreFile' to 'D:/DevCert/dev.keystore' did not find a matching
> property.
> Mar 20, 2013 2:35:21 PM org.apache.catalina.startup.SetAllPropertiesRule
> begin
> WARNING: [SetAllPropertiesRule]{Server/Service/Connector} Setting property
> 'keystorePass' to 'password1' did not find a matching property.
> Mar 20, 2013 2:35:21 PM org.apache.catalina.core.AprLifecycleListener init
> INFO: Loaded APR based Apache Tomcat Native library 1.1.20.
> Mar 20, 2013 2:35:21 PM org.apache.catalina.core.AprLifecycleListener init
> INFO: APR capabilities: IPv6 [true], sendfile [true], accept filters
> [false], random [true].
You are loading the APR libraries. This requires a different connector
configuration. You have the following:
<Connector port="8442" protocol="HTTP/1.1" SSLEnabled="true"
maxThreads="150" scheme="https" secure="true"
clientAuth="false" sslProtocol="TLS"
keystoreFile="D:/DevCert/dev.keystore"
keystorePass="password1" />
This appears to be fine for a Java-based SLL connection. You are using
APR, and its SSL connection is based on OpenSSL. Therefore, you need
something like the following:
<Connector
port="8443" maxThreads="200"
scheme="https" secure="true" SSLEnabled="true"
SSLCertificateFile="/usr/local/ssl/server.crt"
SSLCertificateKeyFile="/usr/local/ssl/server.pem"
clientAuth="optional" SSLProtocol="TLSv1"/>
This is copied straight from the documentation cited above (so it's UNIX
/ Linux specific). You'll also need to generate your cert and key files
a bit differently. Instructions on how to do that are also in the
document I cited above.
If you don't want to do that (and use Java SSL), then move
tcnative-1.dll out of your path (renaming it is the easiest way).
If this is a production machine, the native SSL is much faster than
Java-based SSL (been told that, I front all my SSL stuff with Apache
HTTPD so I don't know).
So either rename tcnative-1.dll or follow the documentation to use the
APR configuration.
> Mar 20, 2013 2:35:22 PM org.apache.coyote.http11.Http11AprProtocol init
> INFO: Initializing Coyote HTTP/1.1 on http-8080
> Mar 20, 2013 2:35:22 PM org.apache.coyote.http11.Http11AprProtocol init
> SEVERE: Error initializing endpoint
> java.lang.Exception: No Certificate file specified or invalid file format
> at org.apache.tomcat.jni.SSLContext.setCertificate(Native Method)
> at org.apache.tomcat.util.net.AprEndpoint.init(AprEndpoint.java:697)
> at
> org.apache.coyote.http11.Http11AprProtocol.init(Http11AprProtocol.java:107)
> at
> org.apache.catalina.connector.Connector.initialize(Connector.java:1058)
> at
> org.apache.catalina.core.StandardService.initialize(StandardService.java:677)
> at
> org.apache.catalina.core.StandardServer.initialize(StandardServer.java:795)
> at org.apache.catalina.startup.Catalina.load(Catalina.java:535)
> at org.apache.catalina.startup.Catalina.load(Catalina.java:555)
> at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
> at
> sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
> at
> sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
> at java.lang.reflect.Method.invoke(Method.java:597)
> at org.apache.catalina.startup.Bootstrap.load(Bootstrap.java:260)
> at org.apache.catalina.startup.Bootstrap.main(Bootstrap.java:412)
> Mar 20, 2013 2:35:22 PM org.apache.catalina.startup.Catalina load
> SEVERE: Catalina.start
> LifecycleException: Protocol handler initialization failed:
> java.lang.Exception: No Certificate file specified or invalid file format
> at
> org.apache.catalina.connector.Connector.initialize(Connector.java:1060)
> at
> org.apache.catalina.core.StandardService.initialize(StandardService.java:677)
> at
> org.apache.catalina.core.StandardServer.initialize(StandardServer.java:795)
> at org.apache.catalina.startup.Catalina.load(Catalina.java:535)
> at org.apache.catalina.startup.Catalina.load(Catalina.java:555)
> at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
> at
> sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
> at
> sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
> at java.lang.reflect.Method.invoke(Method.java:597)
> at org.apache.catalina.startup.Bootstrap.load(Bootstrap.java:260)
> at org.apache.catalina.startup.Bootstrap.main(Bootstrap.java:412)
> Mar 20, 2013 2:35:22 PM org.apache.catalina.startup.Catalina load
> INFO: Initialization processed in 2143 ms
> Mar 20, 2013 2:35:22 PM org.apache.catalina.core.StandardService start
> INFO: Starting service Catalina
> Mar 20, 2013 2:35:22 PM org.apache.catalina.core.StandardEngine start
> INFO: Starting Servlet Engine: Apache Tomcat/6.0.20
> Mar 20, 2013 2:35:23 PM org.apache.coyote.http11.Http11AprProtocol start
> INFO: Starting Coyote HTTP/1.1 on http-8080
> Mar 20, 2013 2:35:24 PM org.apache.coyote.http11.Http11AprProtocol start
> SEVERE: Error starting endpoint
> java.lang.Exception: Socket bind failed: [730048] Only one usage of each
> socket address (protocol/network address/port) is normally permitted.
> at org.apache.tomcat.util.net.AprEndpoint.init(AprEndpoint.java:623)
> at org.apache.tomcat.util.net.AprEndpoint.start(AprEndpoint.java:730)
> at
> org.apache.coyote.http11.Http11AprProtocol.start(Http11AprProtocol.java:137)
> at org.apache.catalina.connector.Connector.start(Connector.java:1131)
> at
> org.apache.catalina.core.StandardService.start(StandardService.java:531)
> at
> org.apache.catalina.core.StandardServer.start(StandardServer.java:710)
> at org.apache.catalina.startup.Catalina.start(Catalina.java:583)
> at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
> at
> sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
> at
> sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
> at java.lang.reflect.Method.invoke(Method.java:597)
> at org.apache.catalina.startup.Bootstrap.start(Bootstrap.java:288)
> at org.apache.catalina.startup.Bootstrap.main(Bootstrap.java:413)
> Mar 20, 2013 2:35:24 PM org.apache.catalina.startup.Catalina start
> SEVERE: Catalina.start:
> LifecycleException: service.getName(): "Catalina"; Protocol handler start
> failed: java.lang.Exception: Socket bind failed: [730048] Only one usage of
> each socket address (protocol/network address/port) is normally permitted.
> at org.apache.catalina.connector.Connector.start(Connector.java:1138)
> at
> org.apache.catalina.core.StandardService.start(StandardService.java:531)
> at
> org.apache.catalina.core.StandardServer.start(StandardServer.java:710)
> at org.apache.catalina.startup.Catalina.start(Catalina.java:583)
> at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
> at
> sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
> at
> sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
> at java.lang.reflect.Method.invoke(Method.java:597)
> at org.apache.catalina.startup.Bootstrap.start(Bootstrap.java:288)
> at org.apache.catalina.startup.Bootstrap.main(Bootstrap.java:413)
> Mar 20, 2013 2:35:24 PM org.apache.catalina.startup.Catalina start
> INFO: Server startup in 2023 ms
>
>
> On Wed, Mar 20, 2013 at 2:27 PM, Harris, Jeffrey E. <
> Jeffrey.Harris@mantech.com> wrote:
>
>>
>>
>>> -----Original Message-----
>>> From: my business mail [mailto:mv.mail3@gmail.com]
>>> Sent: Wednesday, March 20, 2013 2:18 PM
>>> To: Tomcat Users List
>>> Subject: Re: Tomcat 6.0.20/Windows 2008 R2/SSL Configuration
>>>
>>> So, I know the port numbers can be set to any unused port. I was
>>> toggling between 8442 and 8443. Neither worked. I just set it back to
>>> 8443.
>>> I feel like it's connecting somehow, because if I put in a port number
>>> that isn't configured...I get a connection error message.
>>> Otherwise, the browser icon just keeps spinning...nothing happens.No
>>> errors at all.
>>>
>>> On Wed, Mar 20, 2013 at 2:09 PM, David kerber <dc...@verizon.net>
>>> wrote:
>>>
>>>> On 3/20/2013 2:02 PM, my business mail wrote:
>>>>
>>>>> OK, here is the text copied from notepad.
>>>>>
>>>>>
>>>>> <Connector executor="tomcatThreadPool"
>>>>> port="8080" protocol="HTTP/1.1"
>>>>> connectionTimeout="20000"
>>>>> redirectPort="8443" />
>>>>>
>>>>>
>>>>> <Connector port="8442" protocol="HTTP/1.1" SSLEnabled="true"
>>>>>
>>>>
>>>> 8442? Shouldn't it be 8443?
>>>>
>>>>
>>>>
>>>> maxThreads="150" scheme="https" secure="true"
>>>>> clientAuth="false" sslProtocol="TLS"
>>>>> keystoreFile="D:/DevCert/dev.**keystore" keystorePass="password1" />
>>>>>
>>>>>
>>>>> <Connector port="8009" protocol="AJP/1.3" redirectPort="8443"
>>>>> />
>>>>>
>>>>>
>>>>
>>>> ------------------------------**------------------------------**-----
>>> -
>>>> --- To unsubscribe, e-mail:
>>>> users-unsubscribe@tomcat.**apache.org<users-
>>> unsubscribe@tomcat.apache.
>>>> org> For additional commands, e-mail: users-help@tomcat.apache.org
>>>>
>>>>
>>
>> I do not see a reference to a truststore:
>>
>> truststoreFile=".\conf\myts.jks"
>>
>> The truststore can be the same file as the keystore.
>>
>> What do the error logs show?
>>
>> Jeffrey Harris
. . . . just my two cents.
/mde/
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org
Re: Tomcat 6.0.20/Windows 2008 R2/SSL Configuration
Posted by Cédric Couralet <ce...@gmail.com>.
2013/3/20 Harris, Jeffrey E. <Je...@mantech.com>:
>
>> -----Original Message-----
>> From: my business mail [mailto:mv.mail3@gmail.com]
>> Sent: Wednesday, March 20, 2013 2:39 PM
>> To: Tomcat Users List
>> Subject: Re: Tomcat 6.0.20/Windows 2008 R2/SSL Configuration
>>
>> I only added the keystore property not truststore. I was just following
>> what i'd done for tomcat4.1 on w2k3. Here is the log file. The
>> keystore file is DEF in the path indicated, but i see the error below
>> in the catalina file.
>>
>> Mar 20, 2013 2:35:21 PM
>> org.apache.catalina.startup.SetAllPropertiesRule
>> begin
>> WARNING: [SetAllPropertiesRule]{Server/Service/Connector} Setting
>> property 'clientAuth' to 'false' did not find a matching property.
>> Mar 20, 2013 2:35:21 PM
>> org.apache.catalina.startup.SetAllPropertiesRule
>> begin
> One problem is that Tomcat is not finding your keystore file or loading your
> certificates. This can be because you entered the wrong path or file name,
> specified the wrong password, or there is a problem with the actual content
> of your keystore file.
>
Or maybe you are using APR with respect to SSL?
The configuration is a little different .
Can you try by replacing protocol="HTTP/1.1" with
protocol=org.apache.coyote.http11.Http11Protocol in your SSL
connector?
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org
RE: Tomcat 6.0.20/Windows 2008 R2/SSL Configuration
Posted by "Harris, Jeffrey E." <Je...@ManTech.com>.
> -----Original Message-----
> From: my business mail [mailto:mv.mail3@gmail.com]
> Sent: Wednesday, March 20, 2013 2:39 PM
> To: Tomcat Users List
> Subject: Re: Tomcat 6.0.20/Windows 2008 R2/SSL Configuration
>
> I only added the keystore property not truststore. I was just following
> what i'd done for tomcat4.1 on w2k3. Here is the log file. The
> keystore file is DEF in the path indicated, but i see the error below
> in the catalina file.
>
> Mar 20, 2013 2:35:21 PM
> org.apache.catalina.startup.SetAllPropertiesRule
> begin
> WARNING: [SetAllPropertiesRule]{Server/Service/Connector} Setting
> property 'clientAuth' to 'false' did not find a matching property.
> Mar 20, 2013 2:35:21 PM
> org.apache.catalina.startup.SetAllPropertiesRule
> begin
> WARNING: [SetAllPropertiesRule]{Server/Service/Connector} Setting
> property 'keystoreFile' to 'D:/DevCert/dev.keystore' did not find a
> matching property.
> Mar 20, 2013 2:35:21 PM
> org.apache.catalina.startup.SetAllPropertiesRule
> begin
> WARNING: [SetAllPropertiesRule]{Server/Service/Connector} Setting
> property 'keystorePass' to 'password1' did not find a matching
> property.
> Mar 20, 2013 2:35:21 PM org.apache.catalina.core.AprLifecycleListener
> init
> INFO: Loaded APR based Apache Tomcat Native library 1.1.20.
> Mar 20, 2013 2:35:21 PM org.apache.catalina.core.AprLifecycleListener
> init
> INFO: APR capabilities: IPv6 [true], sendfile [true], accept filters
> [false], random [true].
> Mar 20, 2013 2:35:22 PM org.apache.coyote.http11.Http11AprProtocol init
> INFO: Initializing Coyote HTTP/1.1 on http-8080 Mar 20, 2013 2:35:22 PM
> org.apache.coyote.http11.Http11AprProtocol init
> SEVERE: Error initializing endpoint
> java.lang.Exception: No Certificate file specified or invalid file
> format
> at org.apache.tomcat.jni.SSLContext.setCertificate(Native Method)
> at
> org.apache.tomcat.util.net.AprEndpoint.init(AprEndpoint.java:697)
> at
> org.apache.coyote.http11.Http11AprProtocol.init(Http11AprProtocol.java:
> 107)
> at
> org.apache.catalina.connector.Connector.initialize(Connector.java:1058)
> at
> org.apache.catalina.core.StandardService.initialize(StandardService.jav
> a:677)
> at
> org.apache.catalina.core.StandardServer.initialize(StandardServer.java:
> 795)
> at org.apache.catalina.startup.Catalina.load(Catalina.java:535)
> at org.apache.catalina.startup.Catalina.load(Catalina.java:555)
> at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
> at
> sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.ja
> va:39)
> at
> sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccesso
> rImpl.java:25)
> at java.lang.reflect.Method.invoke(Method.java:597)
> at org.apache.catalina.startup.Bootstrap.load(Bootstrap.java:260)
> at org.apache.catalina.startup.Bootstrap.main(Bootstrap.java:412)
> Mar 20, 2013 2:35:22 PM org.apache.catalina.startup.Catalina load
> SEVERE: Catalina.start
> LifecycleException: Protocol handler initialization failed:
> java.lang.Exception: No Certificate file specified or invalid file
> format
> at
> org.apache.catalina.connector.Connector.initialize(Connector.java:1060)
> at
> org.apache.catalina.core.StandardService.initialize(StandardService.jav
> a:677)
> at
> org.apache.catalina.core.StandardServer.initialize(StandardServer.java:
> 795)
> at org.apache.catalina.startup.Catalina.load(Catalina.java:535)
> at org.apache.catalina.startup.Catalina.load(Catalina.java:555)
> at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
> at
> sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.ja
> va:39)
> at
> sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccesso
> rImpl.java:25)
> at java.lang.reflect.Method.invoke(Method.java:597)
> at org.apache.catalina.startup.Bootstrap.load(Bootstrap.java:260)
> at org.apache.catalina.startup.Bootstrap.main(Bootstrap.java:412)
> Mar 20, 2013 2:35:22 PM org.apache.catalina.startup.Catalina load
> INFO: Initialization processed in 2143 ms Mar 20, 2013 2:35:22 PM
> org.apache.catalina.core.StandardService start
> INFO: Starting service Catalina
> Mar 20, 2013 2:35:22 PM org.apache.catalina.core.StandardEngine start
> INFO: Starting Servlet Engine: Apache Tomcat/6.0.20 Mar 20, 2013
> 2:35:23 PM org.apache.coyote.http11.Http11AprProtocol start
> INFO: Starting Coyote HTTP/1.1 on http-8080 Mar 20, 2013 2:35:24 PM
> org.apache.coyote.http11.Http11AprProtocol start
> SEVERE: Error starting endpoint
> java.lang.Exception: Socket bind failed: [730048] Only one usage of
> each socket address (protocol/network address/port) is normally
> permitted.
> at
> org.apache.tomcat.util.net.AprEndpoint.init(AprEndpoint.java:623)
> at
> org.apache.tomcat.util.net.AprEndpoint.start(AprEndpoint.java:730)
> at
> org.apache.coyote.http11.Http11AprProtocol.start(Http11AprProtocol.java
> :137)
> at
> org.apache.catalina.connector.Connector.start(Connector.java:1131)
> at
> org.apache.catalina.core.StandardService.start(StandardService.java:531
> )
> at
> org.apache.catalina.core.StandardServer.start(StandardServer.java:710)
> at org.apache.catalina.startup.Catalina.start(Catalina.java:583)
> at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
> at
> sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.ja
> va:39)
> at
> sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccesso
> rImpl.java:25)
> at java.lang.reflect.Method.invoke(Method.java:597)
> at org.apache.catalina.startup.Bootstrap.start(Bootstrap.java:288)
> at org.apache.catalina.startup.Bootstrap.main(Bootstrap.java:413)
> Mar 20, 2013 2:35:24 PM org.apache.catalina.startup.Catalina start
> SEVERE: Catalina.start:
> LifecycleException: service.getName(): "Catalina"; Protocol handler
> start
> failed: java.lang.Exception: Socket bind failed: [730048] Only one
> usage of each socket address (protocol/network address/port) is
> normally permitted.
> at
> org.apache.catalina.connector.Connector.start(Connector.java:1138)
> at
> org.apache.catalina.core.StandardService.start(StandardService.java:531
> )
> at
> org.apache.catalina.core.StandardServer.start(StandardServer.java:710)
> at org.apache.catalina.startup.Catalina.start(Catalina.java:583)
> at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
> at
> sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.ja
> va:39)
> at
> sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccesso
> rImpl.java:25)
> at java.lang.reflect.Method.invoke(Method.java:597)
> at org.apache.catalina.startup.Bootstrap.start(Bootstrap.java:288)
> at org.apache.catalina.startup.Bootstrap.main(Bootstrap.java:413)
> Mar 20, 2013 2:35:24 PM org.apache.catalina.startup.Catalina start
> INFO: Server startup in 2023 ms
>
>
> On Wed, Mar 20, 2013 at 2:27 PM, Harris, Jeffrey E. <
> Jeffrey.Harris@mantech.com> wrote:
>
> >
> >
> > > -----Original Message-----
> > > From: my business mail [mailto:mv.mail3@gmail.com]
> > > Sent: Wednesday, March 20, 2013 2:18 PM
> > > To: Tomcat Users List
> > > Subject: Re: Tomcat 6.0.20/Windows 2008 R2/SSL Configuration
> > >
> > > So, I know the port numbers can be set to any unused port. I was
> > > toggling between 8442 and 8443. Neither worked. I just set it back
> > > to 8443.
> > > I feel like it's connecting somehow, because if I put in a port
> > > number that isn't configured...I get a connection error message.
> > > Otherwise, the browser icon just keeps spinning...nothing
> happens.No
> > > errors at all.
> > >
> > > On Wed, Mar 20, 2013 at 2:09 PM, David kerber
> <dc...@verizon.net>
> > > wrote:
> > >
> > > > On 3/20/2013 2:02 PM, my business mail wrote:
> > > >
> > > >> OK, here is the text copied from notepad.
> > > >>
> > > >>
> > > >> <Connector executor="tomcatThreadPool"
> > > >> port="8080" protocol="HTTP/1.1"
> > > >> connectionTimeout="20000"
> > > >> redirectPort="8443" />
> > > >>
> > > >>
> > > >> <Connector port="8442" protocol="HTTP/1.1"
> SSLEnabled="true"
> > > >>
> > > >
> > > > 8442? Shouldn't it be 8443?
> > > >
> > > >
> > > >
> > > > maxThreads="150" scheme="https" secure="true"
> > > >> clientAuth="false" sslProtocol="TLS"
> > > >> keystoreFile="D:/DevCert/dev.**keystore"
> keystorePass="password1"
> > > >> />
> > > >>
> > > >>
> > > >> <Connector port="8009" protocol="AJP/1.3"
> redirectPort="8443"
> > > >> />
> > > >>
> > > >>
> > > >
> > > > ------------------------------**------------------------------**-
> -
> > > > ---
> > > -
> > > > --- To unsubscribe, e-mail:
> > > > users-unsubscribe@tomcat.**apache.org<users-
> > > unsubscribe@tomcat.apache.
> > > > org> For additional commands, e-mail: users-
> help@tomcat.apache.org
> > > >
> > > >
> >
> > I do not see a reference to a truststore:
> >
> > truststoreFile=".\conf\myts.jks"
> >
> > The truststore can be the same file as the keystore.
> >
> > What do the error logs show?
> >
> > Jeffrey Harris
> >
One problem is that Tomcat is not finding your keystore file or loading your
certificates. This can be because you entered the wrong path or file name,
specified the wrong password, or there is a problem with the actual content
of your keystore file.
Jeffrey Harris
This e-mail and any attachments are intended only for the use of the addressee(s) named herein and may contain proprietary information. If you are not the intended recipient of this e-mail or believe that you received this email in error, please take immediate action to notify the sender of the apparent error by reply e-mail; permanently delete the e-mail and any attachments from your computer; and do not disseminate, distribute, use, or copy this message and any attachments.
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org
Re: Tomcat 6.0.20/Windows 2008 R2/SSL Configuration
Posted by my business mail <mv...@gmail.com>.
I only added the keystore property not truststore. I was just following
what i'd done for tomcat4.1 on w2k3. Here is the log file. The keystore
file is DEF in the path indicated, but i see the error below in the
catalina file.
Mar 20, 2013 2:35:21 PM org.apache.catalina.startup.SetAllPropertiesRule
begin
WARNING: [SetAllPropertiesRule]{Server/Service/Connector} Setting property
'clientAuth' to 'false' did not find a matching property.
Mar 20, 2013 2:35:21 PM org.apache.catalina.startup.SetAllPropertiesRule
begin
WARNING: [SetAllPropertiesRule]{Server/Service/Connector} Setting property
'keystoreFile' to 'D:/DevCert/dev.keystore' did not find a matching
property.
Mar 20, 2013 2:35:21 PM org.apache.catalina.startup.SetAllPropertiesRule
begin
WARNING: [SetAllPropertiesRule]{Server/Service/Connector} Setting property
'keystorePass' to 'password1' did not find a matching property.
Mar 20, 2013 2:35:21 PM org.apache.catalina.core.AprLifecycleListener init
INFO: Loaded APR based Apache Tomcat Native library 1.1.20.
Mar 20, 2013 2:35:21 PM org.apache.catalina.core.AprLifecycleListener init
INFO: APR capabilities: IPv6 [true], sendfile [true], accept filters
[false], random [true].
Mar 20, 2013 2:35:22 PM org.apache.coyote.http11.Http11AprProtocol init
INFO: Initializing Coyote HTTP/1.1 on http-8080
Mar 20, 2013 2:35:22 PM org.apache.coyote.http11.Http11AprProtocol init
SEVERE: Error initializing endpoint
java.lang.Exception: No Certificate file specified or invalid file format
at org.apache.tomcat.jni.SSLContext.setCertificate(Native Method)
at org.apache.tomcat.util.net.AprEndpoint.init(AprEndpoint.java:697)
at
org.apache.coyote.http11.Http11AprProtocol.init(Http11AprProtocol.java:107)
at
org.apache.catalina.connector.Connector.initialize(Connector.java:1058)
at
org.apache.catalina.core.StandardService.initialize(StandardService.java:677)
at
org.apache.catalina.core.StandardServer.initialize(StandardServer.java:795)
at org.apache.catalina.startup.Catalina.load(Catalina.java:535)
at org.apache.catalina.startup.Catalina.load(Catalina.java:555)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at
sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
at
sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
at java.lang.reflect.Method.invoke(Method.java:597)
at org.apache.catalina.startup.Bootstrap.load(Bootstrap.java:260)
at org.apache.catalina.startup.Bootstrap.main(Bootstrap.java:412)
Mar 20, 2013 2:35:22 PM org.apache.catalina.startup.Catalina load
SEVERE: Catalina.start
LifecycleException: Protocol handler initialization failed:
java.lang.Exception: No Certificate file specified or invalid file format
at
org.apache.catalina.connector.Connector.initialize(Connector.java:1060)
at
org.apache.catalina.core.StandardService.initialize(StandardService.java:677)
at
org.apache.catalina.core.StandardServer.initialize(StandardServer.java:795)
at org.apache.catalina.startup.Catalina.load(Catalina.java:535)
at org.apache.catalina.startup.Catalina.load(Catalina.java:555)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at
sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
at
sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
at java.lang.reflect.Method.invoke(Method.java:597)
at org.apache.catalina.startup.Bootstrap.load(Bootstrap.java:260)
at org.apache.catalina.startup.Bootstrap.main(Bootstrap.java:412)
Mar 20, 2013 2:35:22 PM org.apache.catalina.startup.Catalina load
INFO: Initialization processed in 2143 ms
Mar 20, 2013 2:35:22 PM org.apache.catalina.core.StandardService start
INFO: Starting service Catalina
Mar 20, 2013 2:35:22 PM org.apache.catalina.core.StandardEngine start
INFO: Starting Servlet Engine: Apache Tomcat/6.0.20
Mar 20, 2013 2:35:23 PM org.apache.coyote.http11.Http11AprProtocol start
INFO: Starting Coyote HTTP/1.1 on http-8080
Mar 20, 2013 2:35:24 PM org.apache.coyote.http11.Http11AprProtocol start
SEVERE: Error starting endpoint
java.lang.Exception: Socket bind failed: [730048] Only one usage of each
socket address (protocol/network address/port) is normally permitted.
at org.apache.tomcat.util.net.AprEndpoint.init(AprEndpoint.java:623)
at org.apache.tomcat.util.net.AprEndpoint.start(AprEndpoint.java:730)
at
org.apache.coyote.http11.Http11AprProtocol.start(Http11AprProtocol.java:137)
at org.apache.catalina.connector.Connector.start(Connector.java:1131)
at
org.apache.catalina.core.StandardService.start(StandardService.java:531)
at
org.apache.catalina.core.StandardServer.start(StandardServer.java:710)
at org.apache.catalina.startup.Catalina.start(Catalina.java:583)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at
sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
at
sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
at java.lang.reflect.Method.invoke(Method.java:597)
at org.apache.catalina.startup.Bootstrap.start(Bootstrap.java:288)
at org.apache.catalina.startup.Bootstrap.main(Bootstrap.java:413)
Mar 20, 2013 2:35:24 PM org.apache.catalina.startup.Catalina start
SEVERE: Catalina.start:
LifecycleException: service.getName(): "Catalina"; Protocol handler start
failed: java.lang.Exception: Socket bind failed: [730048] Only one usage of
each socket address (protocol/network address/port) is normally permitted.
at org.apache.catalina.connector.Connector.start(Connector.java:1138)
at
org.apache.catalina.core.StandardService.start(StandardService.java:531)
at
org.apache.catalina.core.StandardServer.start(StandardServer.java:710)
at org.apache.catalina.startup.Catalina.start(Catalina.java:583)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at
sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
at
sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
at java.lang.reflect.Method.invoke(Method.java:597)
at org.apache.catalina.startup.Bootstrap.start(Bootstrap.java:288)
at org.apache.catalina.startup.Bootstrap.main(Bootstrap.java:413)
Mar 20, 2013 2:35:24 PM org.apache.catalina.startup.Catalina start
INFO: Server startup in 2023 ms
On Wed, Mar 20, 2013 at 2:27 PM, Harris, Jeffrey E. <
Jeffrey.Harris@mantech.com> wrote:
>
>
> > -----Original Message-----
> > From: my business mail [mailto:mv.mail3@gmail.com]
> > Sent: Wednesday, March 20, 2013 2:18 PM
> > To: Tomcat Users List
> > Subject: Re: Tomcat 6.0.20/Windows 2008 R2/SSL Configuration
> >
> > So, I know the port numbers can be set to any unused port. I was
> > toggling between 8442 and 8443. Neither worked. I just set it back to
> > 8443.
> > I feel like it's connecting somehow, because if I put in a port number
> > that isn't configured...I get a connection error message.
> > Otherwise, the browser icon just keeps spinning...nothing happens.No
> > errors at all.
> >
> > On Wed, Mar 20, 2013 at 2:09 PM, David kerber <dc...@verizon.net>
> > wrote:
> >
> > > On 3/20/2013 2:02 PM, my business mail wrote:
> > >
> > >> OK, here is the text copied from notepad.
> > >>
> > >>
> > >> <Connector executor="tomcatThreadPool"
> > >> port="8080" protocol="HTTP/1.1"
> > >> connectionTimeout="20000"
> > >> redirectPort="8443" />
> > >>
> > >>
> > >> <Connector port="8442" protocol="HTTP/1.1" SSLEnabled="true"
> > >>
> > >
> > > 8442? Shouldn't it be 8443?
> > >
> > >
> > >
> > > maxThreads="150" scheme="https" secure="true"
> > >> clientAuth="false" sslProtocol="TLS"
> > >> keystoreFile="D:/DevCert/dev.**keystore" keystorePass="password1" />
> > >>
> > >>
> > >> <Connector port="8009" protocol="AJP/1.3" redirectPort="8443"
> > >> />
> > >>
> > >>
> > >
> > > ------------------------------**------------------------------**-----
> > -
> > > --- To unsubscribe, e-mail:
> > > users-unsubscribe@tomcat.**apache.org<users-
> > unsubscribe@tomcat.apache.
> > > org> For additional commands, e-mail: users-help@tomcat.apache.org
> > >
> > >
>
> I do not see a reference to a truststore:
>
> truststoreFile=".\conf\myts.jks"
>
> The truststore can be the same file as the keystore.
>
> What do the error logs show?
>
> Jeffrey Harris
>
> This e-mail and any attachments are intended only for the use of the
> addressee(s) named herein and may contain proprietary information. If you
> are not the intended recipient of this e-mail or believe that you received
> this email in error, please take immediate action to notify the sender of
> the apparent error by reply e-mail; permanently delete the e-mail and any
> attachments from your computer; and do not disseminate, distribute, use, or
> copy this message and any attachments.
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
> For additional commands, e-mail: users-help@tomcat.apache.org
>
>
RE: Tomcat 6.0.20/Windows 2008 R2/SSL Configuration
Posted by "Harris, Jeffrey E." <Je...@ManTech.com>.
> -----Original Message-----
> From: my business mail [mailto:mv.mail3@gmail.com]
> Sent: Wednesday, March 20, 2013 2:18 PM
> To: Tomcat Users List
> Subject: Re: Tomcat 6.0.20/Windows 2008 R2/SSL Configuration
>
> So, I know the port numbers can be set to any unused port. I was
> toggling between 8442 and 8443. Neither worked. I just set it back to
> 8443.
> I feel like it's connecting somehow, because if I put in a port number
> that isn't configured...I get a connection error message.
> Otherwise, the browser icon just keeps spinning...nothing happens.No
> errors at all.
>
> On Wed, Mar 20, 2013 at 2:09 PM, David kerber <dc...@verizon.net>
> wrote:
>
> > On 3/20/2013 2:02 PM, my business mail wrote:
> >
> >> OK, here is the text copied from notepad.
> >>
> >>
> >> <Connector executor="tomcatThreadPool"
> >> port="8080" protocol="HTTP/1.1"
> >> connectionTimeout="20000"
> >> redirectPort="8443" />
> >>
> >>
> >> <Connector port="8442" protocol="HTTP/1.1" SSLEnabled="true"
> >>
> >
> > 8442? Shouldn't it be 8443?
> >
> >
> >
> > maxThreads="150" scheme="https" secure="true"
> >> clientAuth="false" sslProtocol="TLS"
> >> keystoreFile="D:/DevCert/dev.**keystore" keystorePass="password1" />
> >>
> >>
> >> <Connector port="8009" protocol="AJP/1.3" redirectPort="8443"
> >> />
> >>
> >>
> >
> > ------------------------------**------------------------------**-----
> -
> > --- To unsubscribe, e-mail:
> > users-unsubscribe@tomcat.**apache.org<users-
> unsubscribe@tomcat.apache.
> > org> For additional commands, e-mail: users-help@tomcat.apache.org
> >
> >
I do not see a reference to a truststore:
truststoreFile=".\conf\myts.jks"
The truststore can be the same file as the keystore.
What do the error logs show?
Jeffrey Harris
This e-mail and any attachments are intended only for the use of the addressee(s) named herein and may contain proprietary information. If you are not the intended recipient of this e-mail or believe that you received this email in error, please take immediate action to notify the sender of the apparent error by reply e-mail; permanently delete the e-mail and any attachments from your computer; and do not disseminate, distribute, use, or copy this message and any attachments.
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org
Re: Tomcat 6.0.20/Windows 2008 R2/SSL Configuration
Posted by my business mail <mv...@gmail.com>.
So, I know the port numbers can be set to any unused port. I was toggling
between 8442 and 8443. Neither worked. I just set it back to 8443.
I feel like it's connecting somehow, because if I put in a port number that
isn't configured...I get a connection error message.
Otherwise, the browser icon just keeps spinning...nothing happens.No errors
at all.
On Wed, Mar 20, 2013 at 2:09 PM, David kerber <dc...@verizon.net> wrote:
> On 3/20/2013 2:02 PM, my business mail wrote:
>
>> OK, here is the text copied from notepad.
>>
>>
>> <Connector executor="tomcatThreadPool"
>> port="8080" protocol="HTTP/1.1"
>> connectionTimeout="20000"
>> redirectPort="8443" />
>>
>>
>> <Connector port="8442" protocol="HTTP/1.1" SSLEnabled="true"
>>
>
> 8442? Shouldn't it be 8443?
>
>
>
> maxThreads="150" scheme="https" secure="true"
>> clientAuth="false" sslProtocol="TLS"
>> keystoreFile="D:/DevCert/dev.**keystore" keystorePass="password1" />
>>
>>
>> <Connector port="8009" protocol="AJP/1.3" redirectPort="8443" />
>>
>>
>
> ------------------------------**------------------------------**---------
> To unsubscribe, e-mail: users-unsubscribe@tomcat.**apache.org<us...@tomcat.apache.org>
> For additional commands, e-mail: users-help@tomcat.apache.org
>
>
Re: Tomcat 6.0.20/Windows 2008 R2/SSL Configuration
Posted by David kerber <dc...@verizon.net>.
On 3/20/2013 2:02 PM, my business mail wrote:
> OK, here is the text copied from notepad.
>
>
> <Connector executor="tomcatThreadPool"
> port="8080" protocol="HTTP/1.1"
> connectionTimeout="20000"
> redirectPort="8443" />
>
>
> <Connector port="8442" protocol="HTTP/1.1" SSLEnabled="true"
8442? Shouldn't it be 8443?
> maxThreads="150" scheme="https" secure="true"
> clientAuth="false" sslProtocol="TLS"
> keystoreFile="D:/DevCert/dev.keystore" keystorePass="password1" />
>
>
> <Connector port="8009" protocol="AJP/1.3" redirectPort="8443" />
>
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org
Re: Tomcat 6.0.20/Windows 2008 R2/SSL Configuration
Posted by my business mail <mv...@gmail.com>.
OK, here is the text copied from notepad.
<Connector executor="tomcatThreadPool"
port="8080" protocol="HTTP/1.1"
connectionTimeout="20000"
redirectPort="8443" />
<Connector port="8442" protocol="HTTP/1.1" SSLEnabled="true"
maxThreads="150" scheme="https" secure="true"
clientAuth="false" sslProtocol="TLS"
keystoreFile="D:/DevCert/dev.keystore" keystorePass="password1" />
<Connector port="8009" protocol="AJP/1.3" redirectPort="8443" />
Re: Tomcat 6.0.20/Windows 2008 R2/SSL Configuration
Posted by David kerber <dc...@verizon.net>.
On 3/20/2013 1:41 PM, my business mail wrote:
> HI,
> I un-commented the SSL section in the server.xml file and added the path
> and password to the keystore. But when accessing the
> https://localhost:8443/ URL, it just keeps spinning. no error , it just
> doesn't seem to connect. This is my first time configuring in w2k8. Is
> there something else I'd have to do for this OS?
>
>
> <Connector port="*8080*" protocol="*HTTP/1.1*"
> connectionTimeout="*20000*"redirectPort
> ="*8443*" disableUploadTimeout="*true*" socketBuffer="*64000*"maxHttpHeaderSize
> ="*8192*" maxThreads="*150*" enableLookups="*false*" acceptCount="*100*" />
>
> <Connector port="*8443*" protocol="*HTTP/1.1*" SSLEnabled="*true*"maxThreads
> ="*150*" scheme="*https*" secure="*true*" clientAuth="*false*" sslProtocol="
> *TLS*" keystoreFile="*D:/DevCert/dev.keystore*" keystorePass="*password1***"/>
> <Connector port="*8009*" protocol="*AJP/1.3*" redirectPort="*8443*" />
>
Why don't you just copy and paste this section without any additional
formatting, bold, stars etc, so we can see if you might have a typo in
it. For one thing, does there need to be a space before "maxThreads"?
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org