Can you access my Manager App? http://24.0.5.14:8081/manager/html Tomcat/8.5.29, CentOS

2018-04-04 Thread Philip Rego
http://24.0.5.14:8081/manager/html *tomcat-users.xml* http://tomcat.apache.org/xml; xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance; xsi:schemaLocation="http://tomcat.apache.org/xml tomcat-users.xsd" version="1.0"> (I

DirectJDKLog overriding formatter

2018-04-04 Thread Clément Guillaume
Hi, I was wondering why DirectJDKLog was overriding the Formatter of the Console appender when the default java logging.properties file was used. I see that this is documented at https://tomcat.apache.org/tomcat-9.0-doc/config/systemprops.html#Logging but I would prefer to configure the logging

Re: Manager connector status

2018-04-04 Thread Christopher Schultz
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Mark, On 4/4/18 9:52 AM, Mark Thomas wrote: > On 04/04/18 14:29, Christopher Schultz wrote: >> All, >> >> I'm running 8.5.29 and I'm looking at the manager application, >> specifically at the Connectors list on the "Server Status" page. >> >> I

Re: Connection closed error and certificateVerification="required"

2018-04-04 Thread Mark Thomas
On 26/03/18 08:25, Richard Tearle wrote: > I've uploaded a ZIP with my test "UI" code (standalone java program), > and the "ESB" > code which goes into tomcat. > > https://www.dropbox.com/s/nhfx7va4uzkr728/Source.zip?dl=0 > > In the support folder within the ZIP are updated scripts to create

Re: Manager connector status

2018-04-04 Thread Mark Thomas
On 04/04/18 14:29, Christopher Schultz wrote: > All, > > I'm running 8.5.29 and I'm looking at the manager application, > specifically at the Connectors list on the "Server Status" page. > > I have two connectors: > > 1. ajp-nio-8215 > > 2. http-nio-127.0.0.1-8217 > > The server is idle (it's

Manager connector status

2018-04-04 Thread Christopher Schultz
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 All, I'm running 8.5.29 and I'm looking at the manager application, specifically at the Connectors list on the "Server Status" page. I have two connectors: 1. ajp-nio-8215 2. http-nio-127.0.0.1-8217 The server is idle (it's my own desktop) and

Re: List Ciphers - 500 Error

2018-04-04 Thread Christopher Schultz
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Jason, On 4/3/18 12:00 PM, Jason Vo wrote: > Version Apache Tomcat/8.0.32 Can you please try with latest 8.0.50? 8.0.32 is 2 years old at this point, and has many security problems (some classified as "important") that should be fixed. > When

RE: Is tomcat6.0 impacted with these vulnerabilities (CVE-2018-1304, CVE-2018-1305)?

2018-04-04 Thread Venkata Reddy (Trianz)
Both the vulnerabilities are not impacted on tomcat6.0.x. Thanks a lot Mark and Rémy for providing the quick information. -Original Message- From: Rémy Maucherat [mailto:r...@apache.org] Sent: 04 April 2018 17:32 To: Tomcat Users List Subject: Re: Is tomcat6.0 impacted with these

Re: Is tomcat6.0 impacted with these vulnerabilities (CVE-2018-1304, CVE-2018-1305)?

2018-04-04 Thread Rémy Maucherat
On Wed, Apr 4, 2018 at 1:02 PM, Mark Thomas wrote: > On 04/04/18 11:54, Rémy Maucherat wrote: > > On Wed, Apr 4, 2018 at 12:05 PM, Venkata Reddy (Trianz) < > > venkata.re...@trianz.com> wrote: > > > >> Hi Team, > >> > >> Could you please help me on whether tomcat6.0.53 version

Re: A tomcat log output problem

2018-04-04 Thread Simon De Uvarow
On Mon, Apr 2, 2018 at 9:41 AM 张钧荣 <1024238...@qq.com> wrote: > Hello ! > My project reported an error related to tomcat logging module. The > exception information is as follows: > Apr 2 11:31:27 knowledgebase java: Exception in thread "main" > java.lang.reflect.InvocationTargetException >

Re: Is tomcat6.0 impacted with these vulnerabilities (CVE-2018-1304, CVE-2018-1305)?

2018-04-04 Thread Mark Thomas
On 04/04/18 11:54, Rémy Maucherat wrote: > On Wed, Apr 4, 2018 at 12:05 PM, Venkata Reddy (Trianz) < > venkata.re...@trianz.com> wrote: > >> Hi Team, >> >> Could you please help me on whether tomcat6.0.53 version is also impacted >> with these vulnerabilities (CVE-2018-1304, > > > Yes. I

Re: Is tomcat6.0 impacted with these vulnerabilities (CVE-2018-1304, CVE-2018-1305)?

2018-04-04 Thread Rémy Maucherat
On Wed, Apr 4, 2018 at 12:05 PM, Venkata Reddy (Trianz) < venkata.re...@trianz.com> wrote: > Hi Team, > > Could you please help me on whether tomcat6.0.53 version is also impacted > with these vulnerabilities (CVE-2018-1304, Yes. > CVE-2018-1305)? > No. Rémy

Is tomcat6.0 impacted with these vulnerabilities (CVE-2018-1304, CVE-2018-1305)?

2018-04-04 Thread Venkata Reddy (Trianz)
Hi Team, Could you please help me on whether tomcat6.0.53 version is also impacted with these vulnerabilities (CVE-2018-1304, CVE-2018-1305)? This information is very critical for us. Unfortunately we are still on the process of migrating our current tomcat6.0.x version usage to tomcat8.5.x.