debian 9 and tomcat 8 error at startup

Hi, i have installed tomcat 8 on a Debian server using aptitude command. but when tomcat starts, I get this strange error : 26-Sep-2017 07:47:14.613 INFO [main] org.apache.catalina.startup.VersionLoggerListener.log Server version: Apache Tomcat/8.5.14 (Debian) 26-Sep-2017 07:47:14.614

Re: unable to configure logging

2017-09-25 8:04 GMT+03:00 Kevin Weslowski : I've reviewed the documentation for Tomcat 8.5 logging https://tomcat.apache.org/tomcat-8.5-doc/logging.html as well as the generic java.util.logging documentation. However, I'm still having problems understanding and

Re: [SECURITY] CVE-2017-12617 Apache Tomcat Possible additional RCE via JSP upload

Thank you for the response and confirmation, Mark. Sent from my iPhone > On Sep 25, 2017, at 12:36 PM, Mark Thomas wrote: > >> On 25/09/17 18:12, Harish Krishnan wrote: >> Hi Mark, >> >> Thanks for the timely updates. >> My understanding is, there will be a new 7.x update

Re: Help needed - JPA probem - No connection specified with project

2017-09-25 18:02 GMT+03:00 Karen Goh : > Hi Kolinko, > > I have now removed the ResourceLink and left with Resource in my context.xml > which is resided at WebContent/META-INF. > > And this is C:\Program Files\Apache Software Foundation\Tomcat > 8.0\conf\context.xml > > >

Re: [SECURITY] CVE-2017-12617 Apache Tomcat Possible additional RCE via JSP upload

On 25/09/17 18:12, Harish Krishnan wrote: > Hi Mark, > > Thanks for the timely updates. > My understanding is, there will be a new 7.x update available for addressing > CVE-2017-12617. Is that correct? > The current latest (7.0_81) resolves the initial 2 CVEs (CVE*12615 and > CVE*12616). >

Re: tomcat7 eol date?

On 25/09/17 15:06, Coty Sutherland wrote: > On Sat, Sep 23, 2017 at 12:47 PM, Mark Thomas wrote: >> On 23/09/17 13:15, Alex O'Ree wrote: >>> Is there an approximate or estimated date in which ASF will stop >>> supporting patches for Tomcat7? >> >> Best guess that is at least two

Re: Trouble using SSL with Tomcat 9

I've put the log files, the jpg of the chrome page and the netstat -a -b in Google Drive and sent you a link. My application is somewhat complex and hopefully not the cause of the problem. It is composed of a large number of php and javascript files in the Financials application, which includes

Re: [SECURITY] CVE-2017-12617 Apache Tomcat Possible additional RCE via JSP upload

Hi Mark, Thanks for the timely updates. My understanding is, there will be a new 7.x update available for addressing CVE-2017-12617. Is that correct? The current latest (7.0_81) resolves the initial 2 CVEs (CVE*12615 and CVE*12616). When can we expect the new update for 7.x? Sent from my

RE: tomcat ssl setup

Ok please disregard my last question re using keytool. I DID use it on the server we are trying to get the ssl certificate to work on. It's just that it was awhile back and I wasn't seeing the commands when I went by through the command history. My Bad John Ellis 405.285.2500 office

RE: tomcat ssl setup

I have another question. In visiting with my boss just now he brought up this question. Do we have to run something like the keytool command and go through all of those steps to get a certificate just in order to try to connect to Tomcat on a secure port, like 8443? I thought we could connect

Re: Help needed - JPA probem - No connection specified with project

Hi Kolinko, I have now removed the ResourceLink and left with Resource in my context.xml which is resided at WebContent/META-INF. And this is C:\Program Files\Apache Software Foundation\Tomcat 8.0\conf\context.xml WEB-INF/web.xml ${catalina.base}/conf/web.xml

RE: tomcat ssl setup

Mark although I am not finding it now I'm pretty sure that I sent out a reply to this last week saying I am getting the same exact result with ver. M27 as I was with M26; can't get a webpage login when I try the secure port of 8443. It just churns on the screen but never connects. However if I

Re: Trouble using SSL with Tomcat 9

On 25.09.2017 15:57, Don Flinn wrote: Andre, I've attached the output from netstat -a. I see 8080 listening, but not 8443. I've also attached the screen shot of the result of running my "protected" application in Tomcat. This list removes most attachments, so we did not get the

Re: tomcat7 eol date?

On Sat, Sep 23, 2017 at 12:47 PM, Mark Thomas wrote: > On 23/09/17 13:15, Alex O'Ree wrote: >> Is there an approximate or estimated date in which ASF will stop >> supporting patches for Tomcat7? > > Best guess that is at least two to three years away. > >> I'm assuming that the

Re: Trouble using SSL with Tomcat 9

Andre, I've attached the output from netstat -a. I see 8080 listening, but not 8443. I've also attached the screen shot of the result of running my "protected" application in Tomcat. As I mentioned, when I have Norton Security and it shuts down Windows firewall and runs its own firewall. Don

Re: 8.5.20 - java.security.KeyStoreException: Cannot get key bytes, not PKCS#8 encoded

http://apache.mirrors.spacedump.net/tomcat/tomcat-8/v8.5.21/ From: Pesonen, Harri Sent: Monday, September 25, 2017 10:52 AM To: Tomcat Users List Subject: 8.5.20 - java.security.KeyStoreException: Cannot get key bytes, not PKCS#8 encoded

8.5.20 - java.security.KeyStoreException: Cannot get key bytes, not PKCS#8 encoded

Hello, there is this problem in 8.5.20, that is already fixed for the coming 8.5.21: https://bz.apache.org/bugzilla/show_bug.cgi?id=61451 What is the latest version that does not have this problem? Is it 8.5.16? If I understand correctly, this problem was introduced in 8.5.18 (not released):

Re: unable to configure logging

2017-09-25 8:04 GMT+03:00 Kevin Weslowski : > I've reviewed the documentation for Tomcat 8.5 logging > > https://tomcat.apache.org/tomcat-8.5-doc/logging.html > > as well as the generic java.util.logging documentation. However, I'm still > having problems understanding