ssl config question
Hi All, I'm relatively new to administering Tomcat. I'm trying to get my application to work over SSL. I've uncommented all the appropriate connectors, created a key using keytool. However, I still can't get to my application over port 443 or 8443. Am I missing something? Thanks in advance for your help. Steve -- To unsubscribe, e-mail: mailto:[EMAIL PROTECTED] For additional commands, e-mail: mailto:[EMAIL PROTECTED]
RE: ssl config question
Please be more specific. Error messages? Anything in the log files? What happens, exactly, when you try to access your application? John Turner [EMAIL PROTECTED] -Original Message- From: Steven Garrett [mailto:[EMAIL PROTECTED]] Sent: Tuesday, September 03, 2002 12:31 PM To: 'Tomcat Users List' Subject: ssl config question Hi All, I'm relatively new to administering Tomcat. I'm trying to get my application to work over SSL. I've uncommented all the appropriate connectors, created a key using keytool. However, I still can't get to my application over port 443 or 8443. Am I missing something? Thanks in advance for your help. Steve -- To unsubscribe, e-mail: mailto:[EMAIL PROTECTED] For additional commands, e-mail: mailto:[EMAIL PROTECTED] -- To unsubscribe, e-mail: mailto:[EMAIL PROTECTED] For additional commands, e-mail: mailto:[EMAIL PROTECTED]
RE: ssl config question
Sorry, I'm using IE version 6.0 All it's saying is my page can't be displayed. And there isn't anything significant in the log files, as far as I can tell. Is there a way to start Tomcat with more verbose logging? All it says is starting background thread. I hope this is more helpful, although I'm sure it isn't. thanks, Steve -Original Message- From: Turner, John [mailto:[EMAIL PROTECTED]] Sent: Tuesday, September 03, 2002 12:33 PM To: 'Tomcat Users List' Subject: RE: ssl config question Please be more specific. Error messages? Anything in the log files? What happens, exactly, when you try to access your application? John Turner [EMAIL PROTECTED] -Original Message- From: Steven Garrett [mailto:[EMAIL PROTECTED]] Sent: Tuesday, September 03, 2002 12:31 PM To: 'Tomcat Users List' Subject: ssl config question Hi All, I'm relatively new to administering Tomcat. I'm trying to get my application to work over SSL. I've uncommented all the appropriate connectors, created a key using keytool. However, I still can't get to my application over port 443 or 8443. Am I missing something? Thanks in advance for your help. Steve -- To unsubscribe, e-mail: mailto:[EMAIL PROTECTED] For additional commands, e-mail: mailto:[EMAIL PROTECTED] -- To unsubscribe, e-mail: mailto:[EMAIL PROTECTED] For additional commands, e-mail: mailto:[EMAIL PROTECTED] -- To unsubscribe, e-mail: mailto:[EMAIL PROTECTED] For additional commands, e-mail: mailto:[EMAIL PROTECTED]
RE: ssl config question
Well, you definitely won't find your application on 443, unless you are running Tomcat as root (ok for development, I guess, but not wise for development). Applications need root to bind to ports under 1024. So, that leaves 8443. Just for confirmation's sake, did you follow the SSL HOWTO? Did you install JSSE? The HOWTO is here: http://jakarta.apache.org/tomcat/tomcat-4.0-doc/ssl-howto.html For logging, you can add debug to your Context/Engine/Host container in server.xml and give it a high number like 10. The default is 0, as described here: http://jakarta.apache.org/tomcat/tomcat-4.0-doc/config/context.html John -Original Message- From: Steven Garrett [mailto:[EMAIL PROTECTED]] Sent: Tuesday, September 03, 2002 12:38 PM To: 'Tomcat Users List' Subject: RE: ssl config question Sorry, I'm using IE version 6.0 All it's saying is my page can't be displayed. And there isn't anything significant in the log files, as far as I can tell. Is there a way to start Tomcat with more verbose logging? All it says is starting background thread. I hope this is more helpful, although I'm sure it isn't. thanks, Steve -Original Message- From: Turner, John [mailto:[EMAIL PROTECTED]] Sent: Tuesday, September 03, 2002 12:33 PM To: 'Tomcat Users List' Subject: RE: ssl config question Please be more specific. Error messages? Anything in the log files? What happens, exactly, when you try to access your application? John Turner [EMAIL PROTECTED] -- To unsubscribe, e-mail: mailto:[EMAIL PROTECTED] For additional commands, e-mail: mailto:[EMAIL PROTECTED]
RE: ssl config question
Oops, that's a typo. It should say running Tomcat as root is unwise for production. :) That's what I get for trying to increase my Project Dolphin average! LOL John -Original Message- From: Turner, John [mailto:[EMAIL PROTECTED]] Sent: Tuesday, September 03, 2002 12:46 PM To: 'Tomcat Users List' Subject: RE: ssl config question Well, you definitely won't find your application on 443, unless you are running Tomcat as root (ok for development, I guess, but not wise for development). Applications need root to bind to ports under 1024. So, that leaves 8443. Just for confirmation's sake, did you follow the SSL HOWTO? Did you install JSSE? The HOWTO is here: http://jakarta.apache.org/tomcat/tomcat-4.0-doc/ssl-howto.html For logging, you can add debug to your Context/Engine/Host container in server.xml and give it a high number like 10. The default is 0, as described here: http://jakarta.apache.org/tomcat/tomcat-4.0-doc/config/context.html John -- To unsubscribe, e-mail: mailto:[EMAIL PROTECTED] For additional commands, e-mail: mailto:[EMAIL PROTECTED]
RE: ssl config question
Yes, I did install jsse and I did follow the directions on the tomcat homepage for configuring ssl. I'll turn the logging on and see what comes of it...I'll be back :) Steve -Original Message- From: Turner, John [mailto:[EMAIL PROTECTED]] Sent: Tuesday, September 03, 2002 12:49 PM To: 'Tomcat Users List' Subject: RE: ssl config question Oops, that's a typo. It should say running Tomcat as root is unwise for production. :) That's what I get for trying to increase my Project Dolphin average! LOL John -Original Message- From: Turner, John [mailto:[EMAIL PROTECTED]] Sent: Tuesday, September 03, 2002 12:46 PM To: 'Tomcat Users List' Subject: RE: ssl config question Well, you definitely won't find your application on 443, unless you are running Tomcat as root (ok for development, I guess, but not wise for development). Applications need root to bind to ports under 1024. So, that leaves 8443. Just for confirmation's sake, did you follow the SSL HOWTO? Did you install JSSE? The HOWTO is here: http://jakarta.apache.org/tomcat/tomcat-4.0-doc/ssl-howto.html For logging, you can add debug to your Context/Engine/Host container in server.xml and give it a high number like 10. The default is 0, as described here: http://jakarta.apache.org/tomcat/tomcat-4.0-doc/config/context.html John -- To unsubscribe, e-mail: mailto:[EMAIL PROTECTED] For additional commands, e-mail: mailto:[EMAIL PROTECTED] -- To unsubscribe, e-mail: mailto:[EMAIL PROTECTED] For additional commands, e-mail: mailto:[EMAIL PROTECTED]
RE: ssl config question
ok, so this is what I see in the logs. It looks to me like the app gets loaded but can't accept requests. Is this a fair assessment or am I totally wrong (which is the more likely case). All suggestions/help are appreciated. To recap the problem. I can see the application using port 8080, but cannot see the appliation over port 8443. I've installed jsse, and have followed the SSL config directions on the tomcat website. Thanks, Steve Localhost log 2002-09-03 14:46:34 invoker: init 2002-09-03 14:46:34 jsp: init 2002-09-03 14:46:35 StandardHost[localhost]: Installing web application at context path /pps from URL file:/usr/local/jakarta- tomcat-4.0.3/webapps/pps 2002-09-03 14:46:35 WebappLoader[/pps]: Deploying class repositories to work directory /usr/local/jakarta-tomcat-4.0.3/work/lo calhost/pps 2002-09-03 14:46:35 StandardManager[/pps]: Seeding random number generator class java.security.SecureRandom 2002-09-03 14:46:35 StandardManager[/pps]: Seeding of random number generator has been completed 2002-09-03 14:46:35 ContextConfig[/pps]: Added certificates - request attribute Valve 2002-09-03 14:46:35 StandardWrapper[/pps:default]: Loading container servlet default 2002-09-03 14:46:35 default: init 2002-09-03 14:46:35 StandardWrapper[/pps:invoker]: Loading container servlet invoker 2002-09-03 14:46:35 invoker: init 2002-09-03 14:46:35 jsp: init From Catalina_log.2002-09-03.txt 2002-09-03 15:20:20 HttpProcessor[8443][4] An incoming request is being assigned 2002-09-03 15:20:20 HttpProcessor[8443][4] The incoming request has been awaited 2002-09-03 15:20:20 HttpProcessor[8443][4] parseConnection: address=/64.24.66.53, port=8443 2002-09-03 15:20:28 HttpProcessor[8443][4] An incoming request is being assigned 2002-09-03 15:20:28 HttpProcessor[8443][4] The incoming request has been awaited 2002-09-03 15:20:28 HttpProcessor[8443][4] parseConnection: address=/64.24.66.53, port=8443 2002-09-03 15:20:29 HttpProcessor[8443][4] An incoming request is being assigned 2002-09-03 15:20:29 HttpProcessor[8443][4] The incoming request has been awaited 2002-09-03 15:20:29 HttpProcessor[8443][4] parseConnection: address=/64.24.66.53, port=8443 2002-09-03 15:20:31 HttpProcessor[8443][4] An incoming request is being assigned 2002-09-03 15:20:31 HttpProcessor[8443][4] The incoming request has been awaited 2002-09-03 15:20:31 HttpProcessor[8443][4] parseConnection: address=/64.24.66.53, port=8443 2002-09-03 15:20:32 HttpProcessor[8443][4] An incoming request is being assigned 2002-09-03 15:20:32 HttpProcessor[8443][4] The incoming request has been awaited 2002-09-03 15:20:32 HttpProcessor[8443][4] parseConnection: address=/64.24.66.53, port=8443 2002-09-03 15:21:30 HttpProcessor[8443][4] An incoming request is being assigned 2002-09-03 15:21:30 HttpProcessor[8443][4] The incoming request has been awaited 2002-09-03 15:21:30 HttpProcessor[8443][4] parseConnection: address=/64.24.66.53, port=8443 2002-09-03 15:21:31 HttpProcessor[8443][4] An incoming request is being assigned 2002-09-03 15:21:31 HttpProcessor[8443][4] The incoming request has been awaited 2002-09-03 15:21:31 HttpProcessor[8443][4] parseConnection: address=/64.24.66.53, port=8443 -Original Message- From: Steven Garrett [mailto:[EMAIL PROTECTED]] Sent: Tuesday, September 03, 2002 12:52 PM To: 'Tomcat Users List' Subject: RE: ssl config question Yes, I did install jsse and I did follow the directions on the tomcat homepage for configuring ssl. I'll turn the logging on and see what comes of it...I'll be back :) Steve -Original Message- From: Turner, John [mailto:[EMAIL PROTECTED]] Sent: Tuesday, September 03, 2002 12:49 PM To: 'Tomcat Users List' Subject: RE: ssl config question Oops, that's a typo. It should say running Tomcat as root is unwise for production. :) That's what I get for trying to increase my Project Dolphin average! LOL John -Original Message- From: Turner, John [mailto:[EMAIL PROTECTED]] Sent: Tuesday, September 03, 2002 12:46 PM To: 'Tomcat Users List' Subject: RE: ssl config question Well, you definitely won't find your application on 443, unless you are running Tomcat as root (ok for development, I guess, but not wise for development). Applications need root to bind to ports under 1024. So, that leaves 8443. Just for confirmation's sake, did you follow the SSL HOWTO? Did you install JSSE? The HOWTO is here: http://jakarta.apache.org/tomcat/tomcat-4.0-doc/ssl-howto.html For logging, you can add debug to your Context/Engine/Host container in server.xml and give it a high number like 10. The default is 0, as described here: http://jakarta.apache.org/tomcat/tomcat-4.0-doc/config/context.html John -- To unsubscribe, e-mail: mailto:[EMAIL PROTECTED] For additional commands, e-mail: mailto:[EMAIL PROTECTED] -- To unsubscribe, e-mail: mailto:[EMAIL PROTECTED] For additional commands, e-mail: mailto:[EMAIL PROTECTED