You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@wicket.apache.org by Tobias Soloschenko <to...@googlemail.com> on 2016/04/02 09:37:15 UTC
Setup Tomcat 9.0.0-M4 with http/2 on Mac OS X 10.11.4
Hi,
I am trying to get http/2 working on Mac OS X 10.11.4 - these are the steps
I used:
1. Install Brew: http://brew.sh/
2. Download Apache Tomcat 9 https://tomcat.apache.org/download-90.cgi
3. Download Xcode command line tools by opening the terminal and execute
“xcode-select —install”
4. Download Xcode from the AppStore
5. Create a symlink for the xctoolchain:
sudo ln -s
/Applications/Xcode.app/Contents/Developer/Toolchains/XcodeDefault.xctoolchain
/Applications/Xcode.app/Contents/Developer/Toolchains/OSX10.11.xctoolchain
6. Install APR and OPENSSL with “brew install openssl” and “brew install
apr”
7. Install tomcat native by extracting bin/tomcat-native.tar.gz and run
“./configure --with-ssl=/usr/local/Cellar/openssl/1.0.2g
--prefix=/Applications/apache-tomcat-9.0.0.M4
--with-apr=/usr/local/Cellar/apr/1.5.2 && make && make install” in
tomcat-native-1.2.5-src/native - see
https://tomcat.apache.org/tomcat-9.0-doc/apr.html
8. export JAVA_OPTS=-Djava.library.path=/usr/local/apr/lib
9. Create pem files in conf folder:
/usr/local/Cellar/openssl/1.0.2g/bin/openssl genrsa -des3 -out
localhost-rsa-key 1024
/usr/local/Cellar/openssl/1.0.2g/bin/openssl genrsa -out localhost-key 1024
/usr/local/Cellar/openssl/1.0.2g/bin/openssl rsa -in localhost-rsa-key -out
localhost-key
/usr/local/Cellar/openssl/1.0.2g/bin/openssl req -new -key localhost-key
-out localhost-csr
/usr/local/Cellar/openssl/1.0.2g/bin/openssl x509 -req -days 365 -in
localhost-csr -signkey localhost-key -out localhost-crt
cat localhost-key localhost-crt > localhost-rsa-cert.pem
cat localhost-rsa-cert.pem > localhost-rsa-chain.pem
cat localhost-rsa-key > localhost-rsa-key.pem
10. Uncomment the http/2 connector in the server.xml
I am currently facing those issues (out of the log):
02-Apr-2016 09:15:13.415 INFO [main]
org.apache.catalina.startup.VersionLoggerListener.log Command line
argument: -Djava.io.tmpdir=/Applications/apache-tomcat-9.0.0.M4/temp
02-Apr-2016 09:15:13.415 INFO [main]
org.apache.catalina.core.AprLifecycleListener.lifecycleEvent Loaded APR
based Apache Tomcat Native library 1.2.5 using APR version 1.4.8.
02-Apr-2016 09:15:13.415 INFO [main]
org.apache.catalina.core.AprLifecycleListener.lifecycleEvent APR
capabilities: IPv6 [true], sendfile [true], accept filters [false], random
[true].
02-Apr-2016 09:15:13.418 SEVERE [main]
org.apache.catalina.core.AprLifecycleListener.lifecycleEvent Failed to
initialize the SSLEngine.
org.apache.tomcat.jni.Error: 70023: This function has not been implemented
on this platform
at org.apache.tomcat.jni.SSL.initialize(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at
sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
at
sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
at java.lang.reflect.Method.invoke(Method.java:497)
at
org.apache.catalina.core.AprLifecycleListener.initializeSSL(AprLifecycleListener.java:284)
at
org.apache.catalina.core.AprLifecycleListener.lifecycleEvent(AprLifecycleListener.java:136)
at
org.apache.catalina.util.LifecycleBase.fireLifecycleEvent(LifecycleBase.java:94)
at
org.apache.catalina.util.LifecycleBase.setStateInternal(LifecycleBase.java:401)
at org.apache.catalina.util.LifecycleBase.init(LifecycleBase.java:104)
at org.apache.catalina.startup.Catalina.load(Catalina.java:606)
at org.apache.catalina.startup.Catalina.load(Catalina.java:629)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at
sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
at
sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
at java.lang.reflect.Method.invoke(Method.java:497)
at org.apache.catalina.startup.Bootstrap.load(Bootstrap.java:311)
at org.apache.catalina.startup.Bootstrap.main(Bootstrap.java:494)
02-Apr-2016 09:15:13.655 INFO [main]
org.apache.coyote.AbstractProtocol.init Initializing ProtocolHandler
["http-nio-8080"]
02-Apr-2016 09:15:13.683 INFO [main]
org.apache.tomcat.util.net.NioSelectorPool.getSharedSelector Using a shared
selector for servlet write/read
02-Apr-2016 09:15:13.686 INFO [main]
org.apache.coyote.http11.AbstractHttp11Protocol.configureUpgradeProtocol
The ["https-apr-8443"] connector has been configured to support negotiation
to [h2] via ALPN
02-Apr-2016 09:15:13.686 INFO [main]
org.apache.coyote.AbstractProtocol.init Initializing ProtocolHandler
["https-apr-8443"]
02-Apr-2016 09:15:13.706 WARNING [main]
org.apache.tomcat.util.net.openssl.OpenSSLEngine.<clinit> Failed getting
cipher list
java.lang.Exception: Not implemented
at org.apache.tomcat.jni.SSL.newSSL(Native Method)
at
org.apache.tomcat.util.net.openssl.OpenSSLEngine.<clinit>(OpenSSLEngine.java:81)
at org.apache.tomcat.util.net.AprEndpoint.bind(AprEndpoint.java:363)
at
org.apache.tomcat.util.net.AbstractEndpoint.init(AbstractEndpoint.java:798)
at org.apache.coyote.AbstractProtocol.init(AbstractProtocol.java:547)
at
org.apache.coyote.http11.AbstractHttp11Protocol.init(AbstractHttp11Protocol.java:66)
at org.apache.catalina.connector.Connector.initInternal(Connector.java:1010)
at org.apache.catalina.util.LifecycleBase.init(LifecycleBase.java:107)
at
org.apache.catalina.core.StandardService.initInternal(StandardService.java:549)
at org.apache.catalina.util.LifecycleBase.init(LifecycleBase.java:107)
at
org.apache.catalina.core.StandardServer.initInternal(StandardServer.java:873)
at org.apache.catalina.util.LifecycleBase.init(LifecycleBase.java:107)
at org.apache.catalina.startup.Catalina.load(Catalina.java:606)
at org.apache.catalina.startup.Catalina.load(Catalina.java:629)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at
sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
at
sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
at java.lang.reflect.Method.invoke(Method.java:497)
at org.apache.catalina.startup.Bootstrap.load(Bootstrap.java:311)
at org.apache.catalina.startup.Bootstrap.main(Bootstrap.java:494)
Any idea? step 9 might be wrong - I never created self signed certs / pems
before
Additional note: I am using jdk1.8.0_66.jdk
Assumption: It might be that the wrong version of ssl is used and not the
one out of: /usr/local/Cellar/openssl/1.0.2g
kind regards
Tobias
Re: Setup Tomcat 9.0.0-M4 with http/2 on Mac OS X 10.11.4
Posted by Martin Grigorov <mg...@apache.org>.
Hi Tobias,
I use 8.5.1-SNAPSHOT for my experiments. 8.5.0 has a known bug (
https://bz.apache.org/bugzilla/show_bug.cgi?id=59210).
This is the important stuff in conf/server.conf:
<Listener className="org.apache.catalina.core.AprLifecycleListener"
SSLEngine="on" *useOpenSSL="true"*/>
<Connector port="8443"
protocol="org.apache.coyote.http11.Http11Nio2Protocol"
maxThreads="150"
SSLEnabled="true"
*
sslImplementationName="org.apache.tomcat.util.net.openssl.OpenSSLImplementation"*
>
* <UpgradeProtocol className="org.apache.coyote.http2.Http2Protocol"
/>*
<SSLHostConfig>
</SSLHostConfig>
</Connector>
This is all I do to use HTTP2 with NIO2 impl + OpenSSL (i.e. not JSSE).
Martin Grigorov
Wicket Training and Consulting
https://twitter.com/mtgrigorov
On Sat, Apr 2, 2016 at 9:37 AM, Tobias Soloschenko <
tobiassoloschenko@googlemail.com> wrote:
> Hi,
>
> I am trying to get http/2 working on Mac OS X 10.11.4 - these are the
> steps I used:
>
> 1. Install Brew: http://brew.sh/
>
> 2. Download Apache Tomcat 9 https://tomcat.apache.org/download-90.cgi
>
> 3. Download Xcode command line tools by opening the terminal and execute
> “xcode-select —install”
>
> 4. Download Xcode from the AppStore
>
> 5. Create a symlink for the xctoolchain:
>
> sudo ln -s
> /Applications/Xcode.app/Contents/Developer/Toolchains/XcodeDefault.xctoolchain
> /Applications/Xcode.app/Contents/Developer/Toolchains/OSX10.11.xctoolchain
>
> 6. Install APR and OPENSSL with “brew install openssl” and “brew install
> apr”
>
> 7. Install tomcat native by extracting bin/tomcat-native.tar.gz and run
> “./configure --with-ssl=/usr/local/Cellar/openssl/1.0.2g
> --prefix=/Applications/apache-tomcat-9.0.0.M4
> --with-apr=/usr/local/Cellar/apr/1.5.2 && make && make install” in
> tomcat-native-1.2.5-src/native - see
>
> https://tomcat.apache.org/tomcat-9.0-doc/apr.html
>
> 8. export JAVA_OPTS=-Djava.library.path=/usr/local/apr/lib
>
> 9. Create pem files in conf folder:
>
> /usr/local/Cellar/openssl/1.0.2g/bin/openssl genrsa -des3 -out
> localhost-rsa-key 1024
>
> /usr/local/Cellar/openssl/1.0.2g/bin/openssl genrsa -out localhost-key 1024
>
> /usr/local/Cellar/openssl/1.0.2g/bin/openssl rsa -in localhost-rsa-key
> -out localhost-key
>
> /usr/local/Cellar/openssl/1.0.2g/bin/openssl req -new -key localhost-key
> -out localhost-csr
>
> /usr/local/Cellar/openssl/1.0.2g/bin/openssl x509 -req -days 365 -in
> localhost-csr -signkey localhost-key -out localhost-crt
>
> cat localhost-key localhost-crt > localhost-rsa-cert.pem
>
> cat localhost-rsa-cert.pem > localhost-rsa-chain.pem
>
> cat localhost-rsa-key > localhost-rsa-key.pem
>
> 10. Uncomment the http/2 connector in the server.xml
>
>
> I am currently facing those issues (out of the log):
>
>
> 02-Apr-2016 09:15:13.415 INFO [main]
> org.apache.catalina.startup.VersionLoggerListener.log Command line
> argument: -Djava.io.tmpdir=/Applications/apache-tomcat-9.0.0.M4/temp
>
> 02-Apr-2016 09:15:13.415 INFO [main]
> org.apache.catalina.core.AprLifecycleListener.lifecycleEvent Loaded APR
> based Apache Tomcat Native library 1.2.5 using APR version 1.4.8.
>
> 02-Apr-2016 09:15:13.415 INFO [main]
> org.apache.catalina.core.AprLifecycleListener.lifecycleEvent APR
> capabilities: IPv6 [true], sendfile [true], accept filters [false], random
> [true].
>
> 02-Apr-2016 09:15:13.418 SEVERE [main]
> org.apache.catalina.core.AprLifecycleListener.lifecycleEvent Failed to
> initialize the SSLEngine.
>
> org.apache.tomcat.jni.Error: 70023: This function has not been
> implemented on this platform
>
> at org.apache.tomcat.jni.SSL.initialize(Native Method)
>
> at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
>
> at
> sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
>
> at
> sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
>
> at java.lang.reflect.Method.invoke(Method.java:497)
>
> at
> org.apache.catalina.core.AprLifecycleListener.initializeSSL(AprLifecycleListener.java:284)
>
> at
> org.apache.catalina.core.AprLifecycleListener.lifecycleEvent(AprLifecycleListener.java:136)
>
> at
> org.apache.catalina.util.LifecycleBase.fireLifecycleEvent(LifecycleBase.java:94)
>
> at
> org.apache.catalina.util.LifecycleBase.setStateInternal(LifecycleBase.java:401)
>
> at org.apache.catalina.util.LifecycleBase.init(LifecycleBase.java:104)
>
> at org.apache.catalina.startup.Catalina.load(Catalina.java:606)
>
> at org.apache.catalina.startup.Catalina.load(Catalina.java:629)
>
> at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
>
> at
> sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
>
> at
> sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
>
> at java.lang.reflect.Method.invoke(Method.java:497)
>
> at org.apache.catalina.startup.Bootstrap.load(Bootstrap.java:311)
>
> at org.apache.catalina.startup.Bootstrap.main(Bootstrap.java:494)
>
>
> 02-Apr-2016 09:15:13.655 INFO [main]
> org.apache.coyote.AbstractProtocol.init Initializing ProtocolHandler
> ["http-nio-8080"]
>
> 02-Apr-2016 09:15:13.683 INFO [main]
> org.apache.tomcat.util.net.NioSelectorPool.getSharedSelector Using a shared
> selector for servlet write/read
>
> 02-Apr-2016 09:15:13.686 INFO [main]
> org.apache.coyote.http11.AbstractHttp11Protocol.configureUpgradeProtocol
> The ["https-apr-8443"] connector has been configured to support negotiation
> to [h2] via ALPN
>
> 02-Apr-2016 09:15:13.686 INFO [main]
> org.apache.coyote.AbstractProtocol.init Initializing ProtocolHandler
> ["https-apr-8443"]
>
> 02-Apr-2016 09:15:13.706 WARNING [main]
> org.apache.tomcat.util.net.openssl.OpenSSLEngine.<clinit> Failed getting
> cipher list
>
> java.lang.Exception: Not implemented
>
> at org.apache.tomcat.jni.SSL.newSSL(Native Method)
>
> at
> org.apache.tomcat.util.net.openssl.OpenSSLEngine.<clinit>(OpenSSLEngine.java:81)
>
> at org.apache.tomcat.util.net.AprEndpoint.bind(AprEndpoint.java:363)
>
> at
> org.apache.tomcat.util.net.AbstractEndpoint.init(AbstractEndpoint.java:798)
>
> at org.apache.coyote.AbstractProtocol.init(AbstractProtocol.java:547)
>
> at
> org.apache.coyote.http11.AbstractHttp11Protocol.init(AbstractHttp11Protocol.java:66)
>
> at
> org.apache.catalina.connector.Connector.initInternal(Connector.java:1010)
>
> at org.apache.catalina.util.LifecycleBase.init(LifecycleBase.java:107)
>
> at
> org.apache.catalina.core.StandardService.initInternal(StandardService.java:549)
>
> at org.apache.catalina.util.LifecycleBase.init(LifecycleBase.java:107)
>
> at
> org.apache.catalina.core.StandardServer.initInternal(StandardServer.java:873)
>
> at org.apache.catalina.util.LifecycleBase.init(LifecycleBase.java:107)
>
> at org.apache.catalina.startup.Catalina.load(Catalina.java:606)
>
> at org.apache.catalina.startup.Catalina.load(Catalina.java:629)
>
> at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
>
> at
> sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
>
> at
> sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
>
> at java.lang.reflect.Method.invoke(Method.java:497)
>
> at org.apache.catalina.startup.Bootstrap.load(Bootstrap.java:311)
>
> at org.apache.catalina.startup.Bootstrap.main(Bootstrap.java:494)
>
> Any idea? step 9 might be wrong - I never created self signed certs / pems
> before
>
> Additional note: I am using jdk1.8.0_66.jdk
>
> Assumption: It might be that the wrong version of ssl is used and not the
> one out of: /usr/local/Cellar/openssl/1.0.2g
>
> kind regards
>
> Tobias
>