Re: Problem getting logging from TldScanner

On 05/08/2024 11:07, Döscher, Andreas (ESI) wrote: Moin, I wanted to check the TLD scanner and placed* org.apache.jasper.servlet.TldScanner.level = FINE in logging.properties, but under Tomcat 10.1.25 and Tomcat 9.0.91 I get only 05-Aug-2024 10:43:29.958 INFO [main] org.apache.jasper.servlet.

Re: Problem starting Tomcat localhost

Alan, On 8/1/24 05:00, Alan Masters wrote: I have configured apache-tomcat-9.0.91 to run as localhost:8080 on Windows 11. Once I have executed the startup.bat, and open localhost:8080 and get:    If you're seeing this, you've successfully installed Tomcat.    Congratulations However freque

Re: Problem starting Tomcat localhost

Hi Alan, On 01.08.24 11:00, Alan Masters wrote: I have configured apache-tomcat-9.0.91 to run as localhost:8080 on Windows 11. Once I have executed the startup.bat, and open localhost:8080 and get:    If you're seeing this, you've successfully installed Tomcat.    Congratulations However freq

Re: Problem with session timeout

Helge, On 7/25/23 05:24, Wiemann, Helge (ESI) wrote: we have a problem that we have set the tomcat timeout to 10 minutes. But after a successful login with a realm, the user is automatically logged out, sometimes after one minute, sometimes other times. I have downloaded the source code, want

Re: Problem with session timeout

Find all implementations of Session, then set breakpoiunt on session.invalidate() would be a good place to start. Another good place would be your SessionManager as it has several interesting methods. The JVM's JDI does not allow you to set breakpoint on an interface, but some IDE's have a magic t

Re: Problem with the redirect after j_security_check

Helge, On 7/22/23 11:03, Wiemann, Helge (ESI) wrote: we are using Tomcat 9 and the still the JDBC Realm for authentication. Our starting URL (which is protected) ends with “/boot1#index” The form authentication is then processed through the common url j_security_check. But after a successfu

Re: Problem with the redirect after j_security_check

On 7/22/23 12:03, Mark Thomas wrote: Your target URL is invalid. No user agent should be sending the fragment (#index) part of the URL. At best Tomcat will ignore it. Later versions may even reject it (I have a memory of that but don't have easy acces to the source code to check right now).

Re: Problem with the redirect after j_security_check

22 Jul 2023 17:03:50 Wiemann, Helge (ESI) : Hi all, we are using Tomcat 9 and the still the JDBC Realm for authentication. Our starting URL (which is protected) ends with “/boot1#index” The form authentication is then processed through the common url j_security_check. But after a successf

Re: problem with SSL connection java.security.NoSuchAlgorithmException: Error constructing implementation

Hi all. Finally found out the issue. And had nothing to do with tomcat. There are two web applications under this particular instance of tomcat Both of them contain an http client that issues https connections. Application A  sets explicitly the certificate store type to PKCS Application B d

Re: problem with SSL connection java.security.NoSuchAlgorithmException: Error constructing implementation

Ivano, On 6/27/23 09:15, Ivano Luberti wrote: We had another Linux server that should have been identical to the one where the problem was occuring. Tested the same software on that without the issue. So we cloned the latter and replaced the former. > Now everything works as expected. Hah

Re: problem with SSL connection java.security.NoSuchAlgorithmException: Error constructing implementation

Hi Chris, thank you for your dedication. We had another Linux server that should have been identical to the one where the problem was occuring. Tested the same software on that without the issue. So we cloned the latter and replaced the former. Now everything works as expected. Before the r

Re: problem with SSL connection java.security.NoSuchAlgorithmException: Error constructing implementation

Ivano, On 6/8/23 06:10, Ivano Luberti wrote: Hi, all I have the following problem. [snip] My guess is that looking at the code in this general area would be helpful. If you are able to add debug logging in there to spoit-out some of the crypto configuration being used, I'm sure it would hel

Re: problem with SSL connection java.security.NoSuchAlgorithmException: Error constructing implementation

Hi Chris, thanks for that. No,  don't make nay configuration regarding use of any algorithm. I launch Java with same options in tomcat and in the stand alone client and I get two different behaviours Il 23/06/2023 21:51, Christopher Schultz ha scritto: Ivano, On 6/8/23 06:10, Ivano Luberti

Re: problem with SSL connection java.security.NoSuchAlgorithmException: Error constructing implementation

Ivano, On 6/8/23 06:10, Ivano Luberti wrote: My web application executes an SSL connection but fails with the following exception  AxisFault: java.security.NoSuchAlgorithmException: Error constructing implementation (algorithm: Default, provider: SunJSSE, class: sun.security.ssl.SSLContextIm

Re: Problem posting to Tomcat ssl connector ..

Just to note - this was fixed in the latest release of Tomcat and I'm humming along again .. But it would be good to track down what is happening to help folks who can't just upgrade like me. Side note - you'll recall that in the last year or so I've been on an upgrade tear from 7.x to present in

Re: Problem posting to Tomcat ssl connector ..

On Fri, May 28, 2021 at 01:32:47PM -0600, John Dale wrote: > Page loads fine. > > Other pages load fine. > > SSL handshakes are working until .. > > An Ajax post with a base64 encoded image in the data. > > I debugged up to the request and it's fine. > > I debugged the server and it's not reac

Re: Problem class loaders dont find classes

Thank you for your clarification, Mark. And I will try to provide it soon. So far, the app is working fine and I have to put it on production soon. Now I have not time to recover the situation, but am deeply interested in it. So, I will do it in short. Carles Missatge de Mark Thomas del dia dg

Re: Problem class loaders dont find classes

On 29/08/2020 22:19, Carles Franquesa wrote: > IS NOT ALLOWED TO STORE JSPS IN A HIERARCHY OF FOLDERS. ALL JSP FILES MUST > GO ON THE ROOT WEB FOLDER. That is not correct. JSPs can be placed anywhere in the web application. If you provide the simplest possible set of steps to recreate the problem

Re: Problem with protocols, Re: SSL/TLS issue: can we listen on more than one secured port, with different protocols enabled?

On 19/07/2020 13:55, Christopher Schultz wrote: > Mark, > > On 7/18/20 10:01, Mark Thomas wrote: >> On 17/07/2020 21:47, James H. H. Lampert wrote: >>> Running two connectors seems to work just fine, but I'm having >>> trouble getting one of them to only take TLS 1.2 >>> >>> In reply to my query:

Re: Problem with protocols, Re: SSL/TLS issue: can we listen on more than one secured port, with different protocols enabled?

Mark Thomas and Christopher Schultz wrote: You want: sslProtocol="TLS" sslEnabledProtocols="TLSv1.2" And to answer my question above, because that is the way the JSSE API has been written. We should probably just merge these into a single attribute and "do the right thing": 1. If not specif

Re: Problem with protocols, Re: SSL/TLS issue: can we listen on more than one secured port, with different protocols enabled?

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Mark, On 7/18/20 10:01, Mark Thomas wrote: > On 17/07/2020 21:47, James H. H. Lampert wrote: >> Running two connectors seems to work just fine, but I'm having >> trouble getting one of them to only take TLS 1.2 >> >> In reply to my query: >> Gi

Re: Problem with protocols, Re: SSL/TLS issue: can we listen on more than one secured port, with different protocols enabled?

On 17/07/2020 21:47, James H. H. Lampert wrote: > Running two connectors seems to work just fine, but I'm having trouble > getting one of them to only take TLS 1.2 > > In reply to my query: > >>> Given all this, is it possible to (1) have Tomcat listen on two separate >>> HTTPS ports, and (2) hav

Re: Problem with protocols, Re: SSL/TLS issue: can we listen on more than one secured port, with different protocols enabled?

On 7/17/20 2:36 PM, jonmcalexan...@wellsfargo.com.INVALID wrote: This looks like a cipher, not an alias TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA,TLS_RSA_WITH_AES_256 As I said, of course it's a cipher. I said up front that the lines were truncated, in order to fit in an email. I can't imagine w

Re: Problem with protocols, Re: SSL/TLS issue: can we listen on more than one secured port, with different protocols enabled?

On 7/17/20 2:36 PM, jonmcalexan...@wellsfargo.com.INVALID wrote: This looks like a cipher, not an alias TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA,TLS_RSA_WITH_AES_256 It is. The lines are truncated at 72 characters for the email. -- JHHL ---

RE: Problem with protocols, Re: SSL/TLS issue: can we listen on more than one secured port, with different protocols enabled?

This looks like a cipher, not an alias TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA,TLS_RSA_WITH_AES_256 Dream * Excel * Explore * Inspire Jon McAlexander Asst Vice President Middleware Product Engineering Enterprise CIO | Platform Services | Middleware | Infrastructure Solutions 8080 Cobblestone Rd |

Re: Problem with JarScanFilter, maybe a bug?

On Mon, Jul 6, 2020 at 5:05 PM Christopher Schultz < ch...@christopherschultz.net> wrote: > -BEGIN PGP SIGNED MESSAGE- > Hash: SHA256 > > Vitor, > > On 7/6/20 15:50, Vitor Medina Cruz wrote: > > On Mon, Jul 6, 2020 at 8:57 AM Mark Thomas > > wrote: > > > >> On 06/07/2020 12:25, Mark Thoma

Re: Problem with JarScanFilter, maybe a bug?

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Vitor, On 7/6/20 15:50, Vitor Medina Cruz wrote: > On Mon, Jul 6, 2020 at 8:57 AM Mark Thomas > wrote: > >> On 06/07/2020 12:25, Mark Thomas wrote: >>> On 03/07/2020 13:40, Vitor Medina Cruz wrote: On Thu, Jul 2, 2020 at 11:21 AM Mark Thomas >

Re: Problem with JarScanFilter, maybe a bug?

On Mon, Jul 6, 2020 at 8:57 AM Mark Thomas wrote: > On 06/07/2020 12:25, Mark Thomas wrote: > > On 03/07/2020 13:40, Vitor Medina Cruz wrote: > >> On Thu, Jul 2, 2020 at 11:21 AM Mark Thomas wrote: > >> > >>> On 02/07/2020 14:14, Vitor Medina Cruz wrote: > On Wed, Jul 1, 2020 at 6:48 PM Mar

Re: Problem with JarScanFilter, maybe a bug?

On 06/07/2020 12:25, Mark Thomas wrote: > On 03/07/2020 13:40, Vitor Medina Cruz wrote: >> On Thu, Jul 2, 2020 at 11:21 AM Mark Thomas wrote: >> >>> On 02/07/2020 14:14, Vitor Medina Cruz wrote: On Wed, Jul 1, 2020 at 6:48 PM Mark Thomas wrote: >>> >>> >>> > @WebFiler, @WebListener and

Re: Problem with JarScanFilter, maybe a bug?

On 03/07/2020 13:40, Vitor Medina Cruz wrote: > On Thu, Jul 2, 2020 at 11:21 AM Mark Thomas wrote: > >> On 02/07/2020 14:14, Vitor Medina Cruz wrote: >>> On Wed, Jul 1, 2020 at 6:48 PM Mark Thomas wrote: >> >> >> @WebFiler, @WebListener and @WebServlet are deployment annotations so sc

Re: Problem with JarScanFilter, maybe a bug?

On Thu, Jul 2, 2020 at 11:21 AM Mark Thomas wrote: > On 02/07/2020 14:14, Vitor Medina Cruz wrote: > > On Wed, Jul 1, 2020 at 6:48 PM Mark Thomas wrote: > > > > >> @WebFiler, @WebListener and @WebServlet are deployment annotations so > >> scanning for these is controlled by the JarScanner. > >>

Re: Problem with JarScanFilter, maybe a bug?

On 02/07/2020 14:14, Vitor Medina Cruz wrote: > On Wed, Jul 1, 2020 at 6:48 PM Mark Thomas wrote: >> @WebFiler, @WebListener and @WebServlet are deployment annotations so >> scanning for these is controlled by the JarScanner. >> >> If an SCI has an @HandlesTypes annotation then all JARs that ar

Re: Problem with JarScanFilter, maybe a bug?

On Wed, Jul 1, 2020 at 6:48 PM Mark Thomas wrote: > On 01/07/2020 20:28, Vitor Medina Cruz wrote: > > On Wed, Jul 1, 2020 at 3:19 PM Mark Thomas wrote: > > > >> On 01/07/2020 18:09, Vitor Medina Cruz wrote: > >>> On Wed, Jul 1, 2020 at 7:46 AM Mark Thomas wrote: > >>> > On 30/06/2020 14:19

Re: Problem with JarScanFilter, maybe a bug?

On 01/07/2020 20:28, Vitor Medina Cruz wrote: > On Wed, Jul 1, 2020 at 3:19 PM Mark Thomas wrote: > >> On 01/07/2020 18:09, Vitor Medina Cruz wrote: >>> On Wed, Jul 1, 2020 at 7:46 AM Mark Thomas wrote: >>> On 30/06/2020 14:19, Vitor Medina Cruz wrote: > Hello, > > I am trying

Re: Problem with JarScanFilter, maybe a bug?

On Wed, Jul 1, 2020 at 3:19 PM Mark Thomas wrote: > On 01/07/2020 18:09, Vitor Medina Cruz wrote: > > On Wed, Jul 1, 2020 at 7:46 AM Mark Thomas wrote: > > > >> On 30/06/2020 14:19, Vitor Medina Cruz wrote: > >>> Hello, > >>> > >>> I am trying to configure Tomcat in a way that it makes SCI scan

Re: Problem with JarScanFilter, maybe a bug?

On 01/07/2020 18:09, Vitor Medina Cruz wrote: > On Wed, Jul 1, 2020 at 7:46 AM Mark Thomas wrote: > >> On 30/06/2020 14:19, Vitor Medina Cruz wrote: >>> Hello, >>> >>> I am trying to configure Tomcat in a way that it makes SCI scan only in >>> jars I explicitly specify to. I followed instruction

Re: Problem with JarScanFilter, maybe a bug?

On Wed, Jul 1, 2020 at 7:46 AM Mark Thomas wrote: > On 30/06/2020 14:19, Vitor Medina Cruz wrote: > > Hello, > > > > I am trying to configure Tomcat in a way that it makes SCI scan only in > > jars I explicitly specify to. I followed instructions from > > https://tomcat.apache.org/tomcat-8.5-doc

Re: Problem with JarScanFilter, maybe a bug?

On 30/06/2020 14:19, Vitor Medina Cruz wrote: > Hello, > > I am trying to configure Tomcat in a way that it makes SCI scan only in > jars I explicitly specify to. I followed instructions from > https://tomcat.apache.org/tomcat-8.5-doc/config/jar-scan-filter.htm, in > both Tomcat 8 and 9, but with

Re: Problem compiling jsps after switching to 8.5.51

I reproduced this with a very basic project and created https://bz.apache.org/bugzilla/show_bug.cgi?id=64259 for it. Marek > Am 17.03.2020 um 14:43 schrieb Marek Neumann : > > > >> Am 17.03.2020 um 12:21 schrieb Mark Thomas : >> >> On 17/03/2020 09:29, Marek Neumann wrote: >>> Hi Mark, >>>

Re: Problem compiling jsps after switching to 8.5.51

> Am 17.03.2020 um 12:21 schrieb Mark Thomas : > > On 17/03/2020 09:29, Marek Neumann wrote: >> Hi Mark, >> >> I tested with 8.5.53 and the problem still persists. Any idea what we can do? > > Provide us with the simplest possible set of steps to recreate this so > we can figure out what the r

Re: Problem compiling jsps after switching to 8.5.51

On 17/03/2020 09:29, Marek Neumann wrote: > Hi Mark, > > I tested with 8.5.53 and the problem still persists. Any idea what we can do? Provide us with the simplest possible set of steps to recreate this so we can figure out what the root cause is. At a guess, you aren't using the EL API provided

Re: Problem compiling jsps after switching to 8.5.51

Hi Mark, I tested with 8.5.53 and the problem still persists. Any idea what we can do? Thanks, Marek > Am 28.02.2020 um 12:36 schrieb Mark Thomas : > > On 28/02/2020 10:57, Marek Neumann wrote: >> After going to the latest 8.5 release we have problems with jasper compiling >> jsps: >> >> [WA

Re: Problem with tomcat connector in IIS using tomcat 9.0.31

Thanks Christopher, Am 12.03.2020 um 16:11 schrieb Christopher Schultz: > The complete new default pattern is: > > > (javax\.servlet\.request\.(cipher_suite|key_size|ssl_session|X509Certifi > cate)|CERT_(ISSUER|SUBJECT|COOKIE|FLAGS|SERIALNUMBER)|HTTPS_(SERVER_SUBJ > ECT|SECRETKEYSIZE|SERVER_ISSUER

Re: Problem with tomcat connector in IIS using tomcat 9.0.31

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Matthias, On 3/12/20 07:19, Matthias Fechner wrote: > Hi Christopher, > > Am 09.03.2020 um 22:50 schrieb Christopher Schultz: >> That's not a super-secure solution. You really should specify a >> correct whitelist pattern instead of "accept all". >

Re: Problem with tomcat connector in IIS using tomcat 9.0.31

Hi Christopher, Am 09.03.2020 um 22:50 schrieb Christopher Schultz: > That's not a super-secure solution. You really should specify a > correct whitelist pattern instead of "accept all". thanks for your comment. You are fully right, but as this seem to will be fixed with the next tomcat version,

Re: Problem with tomcat connector in IIS using tomcat 9.0.31

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Matthias, On 3/9/20 09:43, Matthias Fechner wrote: > Am 04.03.2020 um 09:17 schrieb Martin Grigorov: >> Please read this discussion: >> https://lists.apache.org/thread.html/r9f3a2ea48f2e76f7c092ea2dc4caec7 d15c86f7773281ef6c8cdb817%40%3Cusers.tomcat

Re: Problem with tomcat connector in IIS using tomcat 9.0.31

Am 04.03.2020 um 09:17 schrieb Martin Grigorov: > Please read this discussion: > https://lists.apache.org/thread.html/r9f3a2ea48f2e76f7c092ea2dc4caec7d15c86f7773281ef6c8cdb817%40%3Cusers.tomcat.apache.org%3E > > The problem and a workaround are explai

Re: Problem with tomcat connector in IIS using tomcat 9.0.31

On Wed, Mar 4, 2020 at 10:30 AM Stephen Hames wrote: > Hi Matthias, > > I suspect your issue is: address="::"You probably want > address="0.0.0.0" or the ipv4 IP address that your tomcat instance is > listening on. :: allows any on IPv6, but for IPv4 I suspect that tomcat > would still be l

Re: Problem with tomcat connector in IIS using tomcat 9.0.31

On 04.03.2020 09:30, Stephen Hames wrote: Hi Matthias, I suspect your issue is: address="::"You probably want address="0.0.0.0" or the ipv4 IP address that your tomcat instance is listening on. :: allows any on IPv6, but for IPv4 I suspect that tomcat would still be listening only on 127.0

Re: Problem with tomcat connector in IIS using tomcat 9.0.31

Hi Matthias, I suspect your issue is: address="::"You probably want address="0.0.0.0" or the ipv4 IP address that your tomcat instance is listening on. :: allows any on IPv6, but for IPv4 I suspect that tomcat would still be listening only on 127.0.0.1 Regards, Stephen On Wed, 4 Mar 2020

Re: Problem with tomcat connector in IIS using tomcat 9.0.31

Hi Matthias, Please read this discussion: https://lists.apache.org/thread.html/r9f3a2ea48f2e76f7c092ea2dc4caec7d15c86f7773281ef6c8cdb817%40%3Cusers.tomcat.apache.org%3E The problem and a workaround are explained here: https://lists.apache.org/thread.

Re: Problem compiling jsps after switching to 8.5.51

On 28/02/2020 10:57, Marek Neumann wrote: > After going to the latest 8.5 release we have problems with jasper compiling > jsps: > > [WARNING] org.apache.jasper.JasperException: javax.el.ELException: Unable to > find ExpressionFactory of type: # Licensed to the Apache Software Foundation > (ASF

Re: problem running digest.sh

> On Dec 2, 2019, at 4:21 PM, Mark Thomas wrote: > > On 02/12/2019 21:07, Chris Cheshire wrote: > > > >> File on bugzilla? > > No need. It is https://bz.apache.org/bugzilla/show_bug.cgi?id=63815 > > It is fixed as far as we can until the jdg issue is fixed. > > Mark My search-fu is no

Re: problem running digest.sh

On 02/12/2019 21:07, Chris Cheshire wrote: > File on bugzilla? No need. It is https://bz.apache.org/bugzilla/show_bug.cgi?id=63815 It is fixed as far as we can until the jdg issue is fixed. Mark - To unsubscribe, e-mail: use

Re: Problem with OpenSSL cipher suites -what's wrong with this configuration?

Mark, Am 08.08.2019 11:45, schrieb Mark Thomas: On 08/08/2019 10:15, Alten, Jessica-Aileen wrote: Therefore, I guess Tomcat cannot interpret these cipher suites for TLS 1.3. So is this possibly a bug in Tomcat with openSSL 1.1.1c and JDK 8 (again: I am not talking about JSSE here, it can only

Re: Problem with OpenSSL cipher suites -what's wrong with this configuration?

On 08/08/2019 10:15, Alten, Jessica-Aileen wrote: > Therefore, I guess Tomcat cannot interpret these cipher suites for TLS 1.3. > So is this possibly a bug in Tomcat with openSSL 1.1.1c > and JDK 8 (again: I am not talking about JSSE here, it can only do TLS 1.2)? Tomcat supports configuring the

RE: Problem with OpenSSL cipher suites -what's wrong with this configuration?

> > I have a problem with the Tomcat 9.0.22 configuration for TLSv1.3 using > > jdk8u222-b10_openj9-0.15.1 on Windows Server 2016. In principle > > TLSv1.3 works, but I want to specify the allowed cipher suites as well. > > > > The relevant parts of server.xml are: > > > SSLEngine="on" /> > > ...

Re: Problem with OpenSSL cipher suites -what's wrong with this configuration?

Jessica, Peter Kreuser > Am 07.08.2019 um 14:33 schrieb Alten, Jessica-Aileen > : > > Dear all, > > I have a problem with the Tomcat 9.0.22 configuration for TLSv1.3 using > jdk8u222-b10_openj9-0.15.1 on Windows Server 2016. In principle TLSv1.3 > works, but I want to specify the allowed ci

Re: Problem in ApacheTomcat - 8.0. 37: Files are not displaying in sorted order.

Hi. 1) this list strips most attachments. If you want to post an image, upload it to some shared site, and provide a link to it. 2) look at the Tomcat logfiles (usually in the directory {tomcat installation directory}/logs). If there is an error, it is certain that something in the logfile will

Re: Problem in ApacheTomcat - 8.0. 37: Files are not displaying in sorted order.

On 24.04.19 14:52, Rahul Ranjan wrote: > Hi Team, > > I am facing an issue which is related to ApacheTomcat-8.0.37. I wrote > a code to display the files/folder in browser. By default it should > display in alphabetically sorted order. But it's not showing. > I have migrated my code from Unix to Li

Re: Problem with SSH in latest Tomcat

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Richard, On 4/9/19 17:48, Richard Huntrods wrote: > I would like to 'do what's necessary' to remove the following > error. Google tells me it's related to my security implementation, > which is HTTPS by default. I am convinced the problem is in how

Re: Problem with JDK10-12 "NOTE: Picked up JDK_JAVA_OPTIONS"

On 03/01/2019 20:00, John Larsen wrote: > How can I surpress it if its not an error? With difficulty. Tomcat always sets that system property and there is no way (short of editing the scripts which is generally a bad idea) to stop it. The JVM always generates that log message to stderr (as far as

Re: Problem with JDK10-12 "NOTE: Picked up JDK_JAVA_OPTIONS"

How can I surpress it if its not an error? Problem I have is the output causes the script thinks its an error. Thanks, John On Thu, Jan 3, 2019 at 12:51 PM Mark Thomas wrote: > On 31/12/2018 15:12, John Larsen wrote: > > Hello, > > > > Ever since we started using jdk10 and up we get this error

Re: Problem with JDK10-12 "NOTE: Picked up JDK_JAVA_OPTIONS"

On 31/12/2018 15:12, John Larsen wrote: > Hello, > > Ever since we started using jdk10 and up we get this error message whenever > we do ./shutdown.sh. > > NOTE: Picked up JDK_JAVA_OPTIONS: > --add-opens=java.base/java.lang=ALL-UNNAMED > --add-opens=java.base/java.io=ALL-UNNAMED > --add-opens=jav

Re: Problem with JDK10-12 "NOTE: Picked up JDK_JAVA_OPTIONS"

All versions of tomcat. But mostly 8.5 and 9. Also heres my setenv.sh export JAVA_HOME=/usr/java/jdk11 CATALINA_OPTS="-Xms256M -Xmx256M -server -XX:+UseParallelGC" export JAVA_HOME CATALINA_OPTS Thanks John On Mon, Dec 31, 2018 at 12:00 PM Christopher Schultz < ch...@christopherschultz.net> wrot

Re: Problem with JDK10-12 "NOTE: Picked up JDK_JAVA_OPTIONS"

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 John, On 12/31/18 10:12, John Larsen wrote: > Ever since we started using jdk10 and up we get this error message > whenever we do ./shutdown.sh. > > NOTE: Picked up JDK_JAVA_OPTIONS: > --add-opens=java.base/java.lang=ALL-UNNAMED > --add-opens=jav

RE: Problem with CATALINA_OPTS in setenv.sh

> From: Christopher Schultz [mailto:ch...@christopherschultz.net] > Subject: Re: Problem with CATALINA_OPTS in setenv.sh > > "With the -XX:+AlwaysPreTouch option the JVM touches every single > > byte of the max heap size with a '0', resulting in the memory be

Re: Problem with CATALINA_OPTS in setenv.sh

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Chuck, On 8/2/18 1:52 PM, Caldarale, Charles R wrote: >> From: James H. H. Lampert [mailto:jam...@touchtonecorp.com] >> Subject: Problem with CATALINA_OPTS in setenv.sh > >> I've been experimenting with some CATALINA_OPTS changes, as >> recommende

Re: Problem with CATALINA_OPTS in setenv.sh

On 02/08/18 18:36, James H. H. Lampert wrote: > which produced the crash-on-takeoff, and I was able to narrow it down to > specifically the "-XX:+AlwaysPreTouch" that was doing it. > > Anybody have any insights into why that parameter would cause Tomcat to > crash on takeoff? JVM bug. Persona

RE: Problem with CATALINA_OPTS in setenv.sh

> From: James H. H. Lampert [mailto:jam...@touchtonecorp.com] > Subject: Problem with CATALINA_OPTS in setenv.sh > I've been experimenting with some CATALINA_OPTS changes, as recommended > by our webapp developer, and one of them is causing Tomcat to "crash on > takeoff" with stacktraces like t

RE: problem in starting tomcat

>> When I am trying to start my server I got following error as: >> A fatal error has been detected by the Java Runtime Environment: >> # >> #  SIGSEGV (0xb) at pc=0x7fd4f206e28a, pid=2412, tid=2412 >> # >> # JRE version:  (11.0+18) (build ) >> # Java VM: Java HotSpot(TM) 64-Bit Server VM (11-e

Re: problem in starting tomcat

On 6/25/2018 9:20 PM, Prateek wrote: > My configuration: > OS:REDHAT 7.5 (64 bit) > Tomcat: 8.5.31 > Jdk- jdk-11(Early-Access) +1 to everything else you've been told on this thread. More stuff inline below. > When I am trying to start my server I got following error as: > A fatal error has been

Re: problem in starting tomcat

On 6/27/2018 10:53 AM, Coty Sutherland wrote: On Wed, Jun 27, 2018 at 1:08 PM, Prateek wrote: Hi Chris, By hardened, I meant that support for some FIPS non-complaint algos were removed/disabled. Thanks for confirming again that this is a clear problem with the JVM. From what you've given us

Re: problem in starting tomcat

; Prateek. > > From: Christopher Schultz > Sent: Wednesday, June 27, 2018 10:04 PM > To: users@tomcat.apache.org > Subject: Re: problem in starting tomcat > > -BEGIN PGP SIGNED MESSAGE- > Hash: SHA256 > > Prateek, > > On 6/27/18 12:04 PM, Prateek wrote

RE: problem in starting tomcat

11.super-alpha that you were referring to. Can you please point me in that direction. Thanks and Regards, Prateek. From: Christopher Schultz Sent: Wednesday, June 27, 2018 10:04 PM To: users@tomcat.apache.org Subject: Re: problem in starting tomcat -BEGIN PGP SIGNED MESSAGE- Hash

Re: problem in starting tomcat

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Prateek, On 6/27/18 12:04 PM, Prateek wrote: > Hi Chris, > > We are running, libtcnative version 1.2.16 with apr version 1.6.3, > compiled from the source, configured to use a hardened version of > OpenSSL version 1.0.2. (LOL hardened OpenSSL)

RE: problem in starting tomcat

with any Java early access builds and hence the attempt to run using JDK11 EA build. Please suggest on the course of action that I should be taking. Regards, Prateek. From: Igal Sapir Sent: Tuesday, June 26, 2018 10:21 PM To: users@tomcat.apache.org Subject: Re: problem in starting tomcat

RE: problem in starting tomcat

Hi Coty, I have tried after removing OnError from the JAVA_OPTS. The results are the same. Please suggest. Regards, Prateek. From: Coty Sutherland Sent: Tuesday, June 26, 2018 10:22 PM To: Tomcat Users List Subject: Re: problem in starting tomcat On Tue, Jun 26, 2018 at 12:27 PM, Prateek

RE: problem in starting tomcat

: Re: problem in starting tomcat -BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Prateek, On 6/25/18 11:20 PM, Prateek wrote: > Hi, My configuration: OS:REDHAT 7.5 (64 bit) Tomcat: 8.5.31 Jdk- > jdk-11(Early-Access) > > When I am trying to start my server I got following error as: A &

Re: problem in starting tomcat

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Prateek, On 6/27/18 1:41 AM, Prateek wrote: > Here I am hs_err_pid file > Native frames: (J=compiled Java code, A=aot compiled Java code, > j=interpreted, Vv=VM code, C=native code) C [libc.so.6+0x8128a] > strlen+0x2a V [libjvm.so+0x6030f1] > Cla

RE: problem in starting tomcat

Here I am hs_err_pid file Sent from Mail for Windows 10 From: Coty Sutherland Sent: Tuesday, June 26, 2018 10:22 PM To: Tomcat Users List Subject: Re: problem in starting tomcat On Tue, Jun 26, 2018 at 12:27 PM, Prateek Yadav wrote: > Thanks for reply > I already tested it for more th

Re: problem in starting tomcat

On Tue, Jun 26, 2018 at 12:27 PM, Prateek Yadav wrote: > Thanks for reply > I already tested it for more than one machine so hardware problem can not > be a case. > What happens if you don't specify that OnError call? Can you attach a fuller stack trace if not the entire hs_err_pid log (make su

Re: problem in starting tomcat

Prateek, On 6/26/2018 9:27 AM, Prateek Yadav wrote: Thanks for reply I already tested it for more than one machine so hardware problem can not be a case. On 6/25/2018 8:20 PM, Prateek wrote: My configuration: OS:REDHAT 7.5 (64 bit) Tomcat: 8.5.31 Jdk- jdk-11(Early-Access) When I am trying t

Re: problem in starting tomcat

Thanks for reply I already tested it for more than one machine so hardware problem can not be a case. On Tue, Jun 26, 2018, 9:40 PM Christopher Schultz < ch...@christopherschultz.net> wrote: > -BEGIN PGP SIGNED MESSAGE- > Hash: SHA256 > > Prateek, > > On 6/25/18 11:20 PM, Prateek wrote:

Re: problem in starting tomcat

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Prateek, On 6/25/18 11:20 PM, Prateek wrote: > Hi, My configuration: OS:REDHAT 7.5 (64 bit) Tomcat: 8.5.31 Jdk- > jdk-11(Early-Access) > > When I am trying to start my server I got following error as: A > fatal error has been detected by the Java R

Re: Problem finding native shared library (.so)

On Wed, May 2, 2018 at 2:51 AM, Reynolds, Scott wrote: > Hi, > > I'm trying to deploy a webapp to Tomcat 8.0.39 on CentOS 7 x86_64 that > depends on native shared libraries. I can't install the shared libraries > in a system-wide location because there are multiple applications/webapps > being d

Re: BREAKTHROUGH (but not solved) Re: Problem: (GSKit) No compatible cipher suite available between SSL end points.

On 10/10/2017 1:20 AM, Peter Kreuser wrote: Christopher, A good read on the appropriate (openssl) cipher string that I use can be found here: https://hynek.me/articles/hardening-your-web-servers-ssl-ciphers/ Hynek explains the whys and don'ts and updates the string on a regular basis! HTH Pet

Re: BREAKTHROUGH (but not solved) Re: Problem: (GSKit) No compatible cipher suite available between SSL end points.

On 10/9/17, 2:19 PM, Christopher Schultz (Tomcat List guru) wrote (with regard to a "ciphers" clause in a connector tag): . . . You need to list everything. . . . Ok. I really didn't need a command-line tool (thanks, though, on behalf of whoever actually does end up needing one); just an exam

Re: BREAKTHROUGH (but not solved) Re: Problem: (GSKit) No compatible cipher suite available between SSL end points.

Christopher, Peter Kreuser > Am 10.10.2017 um 00:14 schrieb Christopher Schultz > : > > -BEGIN PGP SIGNED MESSAGE- > Hash: SHA256 > > James, > >> On 10/9/17 5:19 PM, Christopher Schultz wrote: >>> On 10/6/17 6:34 PM, James H. H. Lampert wrote: >>> Noting that my connector tag is wri

Re: BREAKTHROUGH (but not solved) Re: Problem: (GSKit) No compatible cipher suite available between SSL end points.

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 James, On 10/9/17 5:19 PM, Christopher Schultz wrote: > On 10/6/17 6:34 PM, James H. H. Lampert wrote: >> Noting that my connector tag is written using Tomcat 7 connector >> syntax, is there a good example of how to code a ciphers clause >> for tha

Re: BREAKTHROUGH (but not solved) Re: Problem: (GSKit) No compatible cipher suite available between SSL end points.

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 James, On 10/6/17 6:34 PM, James H. H. Lampert wrote: > On 10/6/17, 6:58 AM, Mark Thomas (Tomcat List) wrote: > >> It might help to think of it like this: >> >> There are the ciphers that a JVM supports. The JVM only enables >> sub-set of the supp

Re: BREAKTHROUGH (but not solved) Re: Problem: (GSKit) No compatible cipher suite available between SSL end points.

James, > On 10/6/17, 6:58 AM, Mark Thomas (Tomcat List) wrote: > >> It might help to think of it like this: >> >> There are the ciphers that a JVM supports. >> The JVM only enables sub-set of the supported ciphers are enabled by >> default. >> Tomcat with a default configuration only uses a sub

BREAKTHROUGH (but not solved) Re: Problem: (GSKit) No compatible cipher suite available between SSL end points.

On 10/6/17, 6:58 AM, Mark Thomas (Tomcat List) wrote: It might help to think of it like this: There are the ciphers that a JVM supports. The JVM only enables sub-set of the supported ciphers are enabled by default. Tomcat with a default configuration only uses a sub-set of the ciphers that the

Re: Problem: (GSKit) No compatible cipher suite available between SSL end points.

On 05/10/17 18:52, James H. H. Lampert wrote: > This just keeps getting weirder. > > Late yesterday afternoon, I did a lengthy "stare-and-compare" between > what SSLInfo returned for the two different Tomcat servers, and I > couldn't find any differences. But then, I got called away from this on >

Re: Problem: (GSKit) No compatible cipher suite available between SSL end points.

This just keeps getting weirder. Late yesterday afternoon, I did a lengthy "stare-and-compare" between what SSLInfo returned for the two different Tomcat servers, and I couldn't find any differences. But then, I got called away from this on something that kept me in the office until after 7 PM

Re: Problem: (GSKit) No compatible cipher suite available between SSL end points.

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 James, On 10/4/17 3:44 PM, James H. H. Lampert wrote: > On 10/4/17, 12:26 PM, Christopher Schultz wrote: >> -BEGIN PGP SIGNED MESSAGE- Hash: SHA256 >> >> James, > . . . >> Okay so you are in no way interfering with the defaults. That >> mea

Re: Problem: (GSKit) No compatible cipher suite available between SSL end points.

On 10/4/17, 12:26 PM, Christopher Schultz wrote: -BEGIN PGP SIGNED MESSAGE- Hash: SHA256 James, . . . Okay so you are in no way interfering with the defaults. That means you'll get (depending upon your exact versions of various things) a Tomcat which supports TLSv1 or later, and most o

Re: Problem: (GSKit) No compatible cipher suite available between SSL end points.

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 James, On 10/4/17 3:15 PM, James H. H. Lampert wrote: > Christopher Schultz (Tomcat list guru) wrote: /me bows >> Looks like your server only has ECDHE-based suites available, and >> the client supports none of those. Can you post your >> config

Re: Problem: (GSKit) No compatible cipher suite available between SSL end points.

Christopher Schultz (Tomcat list guru) wrote: Looks like your server only has ECDHE-based suites available, and the client supports none of those. Can you post your configuration from conf/server.xml? Yes, and I can also post something else. I found the Java source for your own "SSLInfo" pro

Re: Problem: (GSKit) No compatible cipher suite available between SSL end points.

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 James, On 10/4/17 12:54 PM, James H. H. Lampert wrote: > I wrote: >>> I mean, I know that I need to get HTTPAPI and Tomcat speaking >>> the same language, but where do I begin? > Here's what I got back when I ran the SSLLabs server test on the > clo

  1   2   3   4   5   6   7   8   9   10   >