Re: AW: AW: SSL doesn't work in Tomcat 4.1.14, possible 4.1.13
break down the problem, to the combination of my hostage enviroment and the introspection setting of sSLImplementation in the CoyoteConnector. Some additional information is that i use tomcat as complete http server ( external ports 80/443) without root rights and priviliges. Now my questions, why i need this patch to run https to get connection on port 443? cvs server: Diffing . Index: CoyoteConnector.java === RCS file: /home/cvspublic/jakarta-tomcat-connectors/coyote/src/java/org/apache/coyote/tomcat4/CoyoteConnector.java,v retrieving revision 1.17 diff -r1.17 CoyoteConnector.java 998c998 sSLImplementation, --- sslImplementation, cu Torsten Fohrer On Saturday 09 November 2002 14:10, Torsten Fohrer wrote: For a clean tomcat install i download a clean tomcat-4.1.14-LE-jdk14 binary, configure it like the howto said it. After starting tomcat i run nmap on my machine. Here the output of catalina run and nmap: -- catalina Using CATALINA_BASE: /home/tfohrer/develop/jakarta-tomcat-4.1.14-LE-jdk14 Using CATALINA_HOME: /home/tfohrer/develop/jakarta-tomcat-4.1.14-LE-jdk14 Using CATALINA_TMPDIR: /home/tfohrer/develop/jakarta-tomcat-4.1.14-LE-jdk14/temp Using JAVA_HOME: /usr/local/java 09.11.2002 14:05:27 org.apache.commons.modeler.Registry loadRegistry INFO: Loading registry information 09.11.2002 14:05:27 org.apache.commons.modeler.Registry getRegistry INFO: Creating new Registry instance 09.11.2002 14:05:27 org.apache.commons.modeler.Registry getServer INFO: Creating MBeanServer 09.11.2002 14:05:28 org.apache.coyote.http11.Http11Protocol init INFO: Initializing Coyote HTTP/1.1 on port 8080 09.11.2002 14:05:28 org.apache.coyote.http11.Http11Protocol init INFO: Initializing Coyote HTTP/1.1 on port 8443 Starting service Tomcat-Standalone Apache Tomcat/4.1.14-LE-jdk14 09.11.2002 14:05:36 org.apache.coyote.http11.Http11Protocol start INFO: Starting Coyote HTTP/1.1 on port 8080 09.11.2002 14:05:36 org.apache.coyote.http11.Http11Protocol start INFO: Starting Coyote HTTP/1.1 on port 8443 09.11.2002 14:05:36 org.apache.jk.common.ChannelSocket init INFO: JK2: ajp13 listening on tcp port 8009 09.11.2002 14:05:36 org.apache.jk.server.JkMain start INFO: Jk running ID=0 time=3/39 config=/home/tfohrer/develop/jakarta-tomcat-4.1.14-LE-jdk14/conf/jk2.proper ties - nmap Starting nmap V. 3.00 ( www.insecure.org/nmap/ ) Interesting ports on localhost (127.0.0.1): (The 1592 ports scanned but not shown below are in state: closed) Port State Service 25/tcp opensmtp 53/tcp opendomain 8080/tcp openhttp-proxy -- On Friday 08 November 2002 18:49, Torsten Fohrer wrote: I have yesterday and today migrate a system to 4.1.14, from 4.0.4 tomcat with own patches. After some work with migrating the patches, and finally testing there. It seems that tomcat doesn't start/creates the SSL ServerSocket. after some search in the cvs tree, i see that the CoyoteConnector doesn't set socketFactory in CoyoteProtocol. I added the code again, and it works :-. It can be either the wrong naming of sslImplementation, or perhaps : the missing socketFactory. Index: coyote/src/java/org/apache/coyote/tomcat4/CoyoteConnector.java === RCS file: /home/cvspublic/jakarta-tomcat-connectors/coyote/src/java/org/apache/coyo te / tomcat4/CoyoteConnector.java,v retrieving revision 1.17 diff -r1.17 CoyoteConnector.java 996a997,998 IntrospectionUtils.setProperty(protocolHandler, socketFactory, ssf.getSocketFactoryName()); 998c1000 sSLImplementation, --- sslImplementation, Torsten -Ursprüngliche Nachricht- Von: Remy Maucherat [mailto:remm;apache.org] Gesendet: Freitag, 8. November 2002 17:11 An: Tomcat Developers List Betreff: Re: AW: SSL doesn't work in Tomcat 4.1.14, possible 4.1.13 Torsten Fohrer wrote: Found the error, the socketFactory isn't set in CoyoteConnecter, for the CoyoteProtocoll Handler I'm sorry, but what exactly doesn't work ? SSL works very well with 4.1.12+. Your patch doesn't make sense (and I can't understand your first message, which doesn't help convincing me). Rémy -- To unsubscribe, e-mail: mailto:tomcat-dev-unsubscribe;jakarta.apache.org For additional commands, e-mail: mailto:tomcat-dev-help;jakarta.apache.org -- To unsubscribe, e-mail: mailto:tomcat-dev-unsubscribe;jakarta.apache.org For additional commands, e-mail: mailto:tomcat-dev-help;jakarta.apache.org -- To unsubscribe, e-mail
Re: AW: AW: SSL doesn't work in Tomcat 4.1.14, possible 4.1.13
Torsten Fohrer wrote: break down the problem, to the combination of my hostage enviroment and the introspection setting of sSLImplementation in the CoyoteConnector. Some additional information is that i use tomcat as complete http server ( external ports 80/443) without root rights and priviliges. Now my questions, why i need this patch to run https to get connection on port 443? Ok, that patch does make some sense. The original value does work fine for me. The method in the handler is setSSLImplementation, that explains the weird case. Rémy -- To unsubscribe, e-mail: mailto:tomcat-dev-unsubscribe;jakarta.apache.org For additional commands, e-mail: mailto:tomcat-dev-help;jakarta.apache.org
Re: AW: AW: SSL doesn't work in Tomcat 4.1.14, possible 4.1.13
For a clean tomcat install i download a clean tomcat-4.1.14-LE-jdk14 binary, configure it like the howto said it. After starting tomcat i run nmap on my machine. Here the output of catalina run and nmap: -- catalina Using CATALINA_BASE: /home/tfohrer/develop/jakarta-tomcat-4.1.14-LE-jdk14 Using CATALINA_HOME: /home/tfohrer/develop/jakarta-tomcat-4.1.14-LE-jdk14 Using CATALINA_TMPDIR: /home/tfohrer/develop/jakarta-tomcat-4.1.14-LE-jdk14/temp Using JAVA_HOME: /usr/local/java 09.11.2002 14:05:27 org.apache.commons.modeler.Registry loadRegistry INFO: Loading registry information 09.11.2002 14:05:27 org.apache.commons.modeler.Registry getRegistry INFO: Creating new Registry instance 09.11.2002 14:05:27 org.apache.commons.modeler.Registry getServer INFO: Creating MBeanServer 09.11.2002 14:05:28 org.apache.coyote.http11.Http11Protocol init INFO: Initializing Coyote HTTP/1.1 on port 8080 09.11.2002 14:05:28 org.apache.coyote.http11.Http11Protocol init INFO: Initializing Coyote HTTP/1.1 on port 8443 Starting service Tomcat-Standalone Apache Tomcat/4.1.14-LE-jdk14 09.11.2002 14:05:36 org.apache.coyote.http11.Http11Protocol start INFO: Starting Coyote HTTP/1.1 on port 8080 09.11.2002 14:05:36 org.apache.coyote.http11.Http11Protocol start INFO: Starting Coyote HTTP/1.1 on port 8443 09.11.2002 14:05:36 org.apache.jk.common.ChannelSocket init INFO: JK2: ajp13 listening on tcp port 8009 09.11.2002 14:05:36 org.apache.jk.server.JkMain start INFO: Jk running ID=0 time=3/39 config=/home/tfohrer/develop/jakarta-tomcat-4.1.14-LE-jdk14/conf/jk2.properties - nmap Starting nmap V. 3.00 ( www.insecure.org/nmap/ ) Interesting ports on localhost (127.0.0.1): (The 1592 ports scanned but not shown below are in state: closed) Port State Service 25/tcp opensmtp 53/tcp opendomain 8080/tcp openhttp-proxy -- On Friday 08 November 2002 18:49, Torsten Fohrer wrote: I have yesterday and today migrate a system to 4.1.14, from 4.0.4 tomcat with own patches. After some work with migrating the patches, and finally testing there. It seems that tomcat doesn't start/creates the SSL ServerSocket. after some search in the cvs tree, i see that the CoyoteConnector doesn't set socketFactory in CoyoteProtocol. I added the code again, and it works :-. It can be either the wrong naming of sslImplementation, or perhaps the missing socketFactory. Index: coyote/src/java/org/apache/coyote/tomcat4/CoyoteConnector.java === RCS file: /home/cvspublic/jakarta-tomcat-connectors/coyote/src/java/org/apache/coyote / tomcat4/CoyoteConnector.java,v retrieving revision 1.17 diff -r1.17 CoyoteConnector.java 996a997,998 IntrospectionUtils.setProperty(protocolHandler, socketFactory, ssf.getSocketFactoryName()); 998c1000 sSLImplementation, --- sslImplementation, Torsten -Ursprüngliche Nachricht- Von: Remy Maucherat [mailto:remm;apache.org] Gesendet: Freitag, 8. November 2002 17:11 An: Tomcat Developers List Betreff: Re: AW: SSL doesn't work in Tomcat 4.1.14, possible 4.1.13 Torsten Fohrer wrote: Found the error, the socketFactory isn't set in CoyoteConnecter, for the CoyoteProtocoll Handler I'm sorry, but what exactly doesn't work ? SSL works very well with 4.1.12+. Your patch doesn't make sense (and I can't understand your first message, which doesn't help convincing me). Rémy -- To unsubscribe, e-mail: mailto:tomcat-dev-unsubscribe;jakarta.apache.org For additional commands, e-mail: mailto:tomcat-dev-help;jakarta.apache.org -- To unsubscribe, e-mail: mailto:tomcat-dev-unsubscribe;jakarta.apache.org For additional commands, e-mail: mailto:tomcat-dev-help;jakarta.apache.org -- To unsubscribe, e-mail: mailto:tomcat-dev-unsubscribe;jakarta.apache.org For additional commands, e-mail: mailto:tomcat-dev-help;jakarta.apache.org