-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Chuck,
On 12/12/2009 1:40 PM, Caldarale, Charles R wrote:
From: Adria Stembridge [mailto:adrya.stembri...@gmail.com]
Subject: Re: New to Tomcat -- SSL
I compiled jsvc per tomcat 5.5 documentation.
[Linux] service tomcat5 stop
[Linux] ./bin
Don't the Tomcat logs say anything helpful ?
Actually, yes...
SEVERE: Catalina.start:
LifecycleException: service.getName(): Catalina; Protocol handler start
failed: java.net.BindException: *Permission denied:80*
at org.apache.catalina.connector.Connector.start(Connector.java:1097)
From: Adria Stembridge [mailto:adrya.stembri...@gmail.com]
Subject: Re: New to Tomcat -- SSL
SEVERE: Catalina.start:
LifecycleException: service.getName(): Catalina; Protocol handler
start
failed: java.net.BindException: *Permission denied:80
Linux/UNIX systems do not allow unprivileged userids to access ports
1024. Although you can run Tomcat under the root userid, this is not
recommended for security reasons. Instead, start Tomcat with jsvc:
http://tomcat.apache.org/tomcat-6.0-doc/setup.html#Unix%20daemon
- Chuck
I
I've been at this for two days. Learning a lot, but this is production and
needs to get back to service. Is there another way, other than
revoking/requesting a new SSL certificate and using apache mod_jk?
Tomcat works under 8080 and 8443 currently.
Isn't there a way to forward 8443 to 443
From: Adria Stembridge [mailto:adrya.stembri...@gmail.com]
Subject: Re: New to Tomcat -- SSL
Tomcat works under 8080 and 8443 currently.
Isn't there a way to forward 8443 to 443 with iptables?
Yes, that's frequently done. From the Tomcat FAQ:
- Another way is to use Iptables to redirect
From: Adria Stembridge [mailto:adrya.stembri...@gmail.com]
Subject: Re: New to Tomcat -- SSL
I compiled jsvc per tomcat 5.5 documentation.
[Linux] service tomcat5 stop
[Linux] ./bin/jsvc -Djava.endorsed.dirs=./common/endorsed -cp
./bin/bootstrap.jar -outfile ./logs/catalina.out -errfile
:
From: Adria Stembridge [mailto:adrya.stembri...@gmail.com]
Subject: Re: New to Tomcat -- SSL
Tomcat works under 8080 and 8443 currently.
Isn't there a way to forward 8443 to 443 with iptables?
Yes, that's frequently done. From the Tomcat FAQ:
- Another way is to use Iptables to redirect
Adria Stembridge wrote:
I'm setting up a standalone instance of Tomcat with SSL. Tomcat5 is
installed on the RHEL5 box and the sample pages load fine. I created a csr
using keytool and requested a certificate from Verisign. After this is
imported (I'm waiting on delivery from verisign),
On 11/12/2009 11:47, Adria Stembridge wrote:
I'm setting up a standalone instance of Tomcat with SSL. Tomcat5 is
installed on the RHEL5 box and the sample pages load fine. I created a csr
using keytool and requested a certificate from Verisign. After this is
imported (I'm waiting on
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Adria,
On 12/11/2009 6:47 AM, Adria Stembridge wrote:
I'm setting up a standalone instance of Tomcat with SSL. Tomcat5 is
installed on the RHEL5 box and the sample pages load fine. I created a csr
using keytool and requested a certificate from
Should the port redirects for Connector 8080 and 8009 also be changed to
443?
a
On Fri, Dec 11, 2009 at 6:59 AM, Pid p...@pidster.com wrote:
On 11/12/2009 11:47, Adria Stembridge wrote:
I'm setting up a standalone instance of Tomcat with SSL. Tomcat5 is
installed on the RHEL5 box and the
I've updated the connector as follows:
Connector
port=8080
redirectPort=8443
minSpareThreads=25
connectionTimeout=2
maxSpareThreads=75
maxThreads=150
/Connector
Connector
port=443
scheme=https
secure=true
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Adria,
On 12/11/2009 2:48 PM, Adria Stembridge wrote:
I've updated the connector as follows:
Connector
port=8080
redirectPort=8443
minSpareThreads=25
connectionTimeout=2
maxSpareThreads=75
Any reason you are using Apache httpd, here, at all?
None - I'd prefer not using it at all if possible.
If Apache httpd is not needed, shut it down and disable it. In fact,
uninstall it if you don't need it.
Perfect.
Ports 80, 8080, 443 and 8443 are allowed through the firewall.
You
Well, I appear to have something wrong. Pages are not served over 80 or
443 after updating server.xml and iptables.
[linux]# netstat -an | grep LISTEN
tcp0 0 0.0.0.0:897 0.0.0.0:*
LISTEN
tcp0 0 0.0.0.0:111 0.0.0.0:*
LISTEN
tcp0
Adria Stembridge wrote:
Well, I appear to have something wrong. Pages are not served over 80 or
443 after updating server.xml and iptables.
[linux]# netstat -an | grep LISTEN
try netstat -pan, which will also give you the PID of the process owning
the listening socket.
...
tcp0
17 matches
Mail list logo