Re: tomcat installation errors

2016-12-20 Thread tomcat
On 20.12.2016 22:42, Mary Wiegand wrote: I was using a specific walk through to install Tomcat and everything that's needed with it. I downloaded the installer from tomcat to the /tmp file and then extracted it and installed it to the /opt/tomcat dir. Which I had to make the directory. Should I

Re: tomcat installation errors

2016-12-20 Thread Mary Wiegand
I was using a specific walk through to install Tomcat and everything that's needed with it. I downloaded the installer from tomcat to the /tmp file and then extracted it and installed it to the /opt/tomcat dir. Which I had to make the directory. Should I just start over with a different guide?

Re: tomcat installation errors

2016-12-20 Thread Mary Wiegand
There was a pid file in that location. I removed it and restarted tomcat. commands: rm /opt/tomcat/temp/tomcat.pid systemctl restart tomcat systemctl status tomcat tomcat.service - Apache Tomcat Web Application Container Loaded: loaded (/etc/systemd/system/tomcat.service; enabled; vendor preset:

Re: tomcat installation errors

2016-12-20 Thread tomcat
On 20.12.2016 22:08, Mary Wiegand wrote: Hi, I'm installing tomcat v8.5.9 on ubuntu 16.04 this is my tomcat.service file: #System unit file for tomcat [Unit] Description=Apache Tomcat Web Application Container After=network.target [Service] Type=forking

Re: tomcat installation errors

2016-12-20 Thread Niranjan Babu Bommu
may be pid file lying around from earlier stop/start? remove the pid file and start again. /opt/tomcat/temp/tomcat.pid On Tue, Dec 20, 2016 at 4:08 PM, Mary Wiegand wrote: > Hi, > > I'm installing tomcat v8.5.9 on ubuntu 16.04 > > this is my tomcat.service file: > >

tomcat installation errors

2016-12-20 Thread Mary Wiegand
Hi, I'm installing tomcat v8.5.9 on ubuntu 16.04 this is my tomcat.service file: #System unit file for tomcat [Unit] Description=Apache Tomcat Web Application Container After=network.target [Service] Type=forking Environment=JAVA_HOME=/usr/lib/jvm/java-8-oracle/jre/bin/java

Re: tomcat does not choose the higher curve when EC ciphers are configured

2016-12-20 Thread Mark Thomas
On 20/12/2016 15:22, manjesh wrote: > thanks. I believe as a part of cipher negotiation the server (tomcat) > should do this rather than the provider (JDK/SunJC) What is your basis for that believe? You need to point to the Java documentation that a) states this is the case and b) describes the

Re: Upgrade to 8.5.8/9

2016-12-20 Thread Greg Huber
Chris, >After Tomcat is started, can you run this command on >the server running both httpd and Tomcat? >$ sudo netstat -plan | grep 8009 The problem is my prod server (centos 5), so I will switch back to 8.5.9 and when it hangs I can run the command. Also I do have a backup server (centos 7)

Re: tomcat does not choose the higher curve when EC ciphers are configured

2016-12-20 Thread manjesh
thanks. I believe as a part of cipher negotiation the server (tomcat) should do this rather than the provider (JDK/SunJC) On Tue, Dec 20, 2016 at 8:49 PM, Christopher Schultz < ch...@christopherschultz.net> wrote: > -BEGIN PGP SIGNED MESSAGE- > Hash: SHA256 > > manjesh, > > On 12/20/16

Re: tomcat does not choose the higher curve when EC ciphers are configured

2016-12-20 Thread Christopher Schultz
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 manjesh, On 12/20/16 6:19 AM, manjesh wrote: > Below shown snippet is the ciphersuite configuration. Tomcat > version 8.026 and JDK 1.8 > > > protocol="org.apache.coyote.http11.Http11NioProtocol" > maxThreads="150" scheme="https" secure="true"

Re: Upgrade to 8.5.8/9

2016-12-20 Thread Christopher Schultz
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Greg, On 12/20/16 3:21 AM, Greg Huber wrote: >> If you are using httpd + mod_jk, why are you bothering with APR >> and tcnative on the Tomcat side? > > It complains in the log file so I do what it says. If I don't need > it it saves me having to

tomcat does not choose the higher curve when EC ciphers are configured

2016-12-20 Thread manjesh
Below shown snippet is the ciphersuite configuration. Tomcat version 8.026 and JDK 1.8 Tested with Nmap Check the server for the supported cipher suites. nmap -p 443 --script ssl-enum-ciphers.nse hostname The result shows server supports few ciphers with curves secp160k1,secp192k1,

Re: Upgrade to 8.5.8/9

2016-12-20 Thread Greg Huber
> If you are using httpd + mod_jk, why are you > bothering with APR and tcnative on the Tomcat > side? It complains in the log file so I do what it says. If I don't need it it saves me having to compile it all the time. > What if you use the NIO connector instead of APR? Have always run tomcat

Re: Upgrade to 8.5.8/9

2016-12-20 Thread Greg Huber
>Are you sure that your new instance has an adequate >number of threads available for httpd to proxy to? How would I check the threads for httpd? It normally hangs on startup so there should be enough system threads. Would a GC be required when the system has just started? I have run my