> http://biz-e.io
>
>
> -Original Message-
> From: André Warnier (tomcat) [mailto:a...@ice-sa.com]
> Sent: Thursday, September 21, 2017 4:40 PM
> To: users@tomcat.apache.org
> Subject: Re: tomcat ssl setup
>
> Hi.
>
> I just downloaded tomcat 9 m
work
with version 9. I wonder if it might work on with version 8?
John Ellis
405.285.2500 office
http://biz-e.io
-Original Message-
From: André Warnier (tomcat) [mailto:a...@ice-sa.com]
Sent: Thursday, September 21, 2017 4:40 PM
To: users@tomcat.apache.org
Subject: Re: tomca
the Tomcat 9 webpage.
John Ellis
405.285.2500 office
http://biz-e.io
-Original Message-
From: André Warnier (tomcat) [mailto:a...@ice-sa.com]
Sent: Thursday, September 21, 2017 11:34 AM
To: users@tomcat.apache.org
Subject: Re: tomcat ssl setup
On 21.09.2017 17:17, John Ellis wrote:
gt;
>
>
> John Ellis
>
> 405.285.2500 office
>
>
>
>
> http://biz-e.io
>
> -Original Message-
> From: André Warnier (tomcat) [mailto:a...@ice-sa.com]
> Sent: Thursday, September 21, 2017 10:15 AM
> To: users@tomcat.apache.org
> Subject: Re: tomc
Warnier (tomcat) [mailto:a...@ice-sa.com]
Sent: Thursday, September 21, 2017 11:34 AM
To: users@tomcat.apache.org
Subject: Re: tomcat ssl setup
On 21.09.2017 17:17, John Ellis wrote:
> OK. As I said there is nothing on line 87 but here is line 114-
>
> SSLCertificateChainFile="/usr/java/j
To: users@tomcat.apache.org
Subject: Re: tomcat ssl setup
On 21.09.2017 17:17, John Ellis wrote:
> OK. As I said there is nothing on line 87 but here is line 114-
>
> SSLCertificateChainFile="/usr/java/jdk1.8.0_45/jre/bin/root.pem"
I think you need to provide a bit more con
e
http://biz-e.io
-Original Message-
From: André Warnier (tomcat) [mailto:a...@ice-sa.com]
Sent: Thursday, September 21, 2017 10:15 AM
To: users@tomcat.apache.org
Subject: Re: tomcat ssl setup
On 21.09.2017 16:43, John Ellis wrote:
Thanks so much for the quick reply Andre. There does
September 21, 2017 10:15 AM
To: users@tomcat.apache.org
Subject: Re: tomcat ssl setup
On 21.09.2017 16:43, John Ellis wrote:
> Thanks so much for the quick reply Andre. There doesn't appear to be
> anything on line 87 but there is on line 114. See the screenshot I
> took of t
(tomcat) [mailto:a...@ice-sa.com]
Sent: Wednesday, September 20, 2017 10:41 AM
To: users@tomcat.apache.org
Subject: Re: tomcat ssl setup
On 20.09.2017 17:07, John Ellis wrote:
> All of what I have done so far has been in Tomcat version 9, which I
> downloaded from the Apache Tomcat webs
André Warnier (tomcat) [mailto:a...@ice-sa.com]
Sent: Wednesday, September 20, 2017 10:41 AM
To: users@tomcat.apache.org
Subject: Re: tomcat ssl setup
On 20.09.2017 17:07, John Ellis wrote:
> All of what I have done so far has been in Tomcat version 9, which I
> downloaded from the Ap
arnier (tomcat) [mailto:a...@ice-sa.com]
Sent: Wednesday, September 20, 2017 10:02 AM
To: users@tomcat.apache.org
Subject: Re: tomcat ssl setup
On 20.09.2017 15:20, John Ellis wrote:
Andre can you tell me which log file you are saying tells where the
problem is?
That's the one you upload
directory.
John Ellis
405.285.2500 office
http://biz-e.io
-Original Message-
From: André Warnier (tomcat) [mailto:a...@ice-sa.com]
Sent: Wednesday, September 20, 2017 10:02 AM
To: users@tomcat.apache.org
Subject: Re: tomcat ssl setup
On 20.09.2017 15:20, John Ellis wrote:
> Andre
e
http://biz-e.io
-Original Message-
From: André Warnier (tomcat) [mailto:a...@ice-sa.com]
Sent: Tuesday, September 19, 2017 3:47 PM
To: users@tomcat.apache.org
Subject: Re: tomcat ssl setup
On 19.09.2017 20:17, John Ellis wrote:
Here are the tomcat 9 log file DropBox links-
http
//biz-e.io
-Original Message-
From: André Warnier (tomcat) [mailto:a...@ice-sa.com]
Sent: Tuesday, September 19, 2017 3:47 PM
To: users@tomcat.apache.org
Subject: Re: tomcat ssl setup
On 19.09.2017 20:17, John Ellis wrote:
> Here are the tomcat 9 log file DropBox links-
&
: Re: tomcat ssl setup
On 19.09.2017 20:17, John Ellis wrote:
> Here are the tomcat 9 log file DropBox links-
>
> https://www.dropbox.com/s/hlcg3cycddteyaz/catalina.2017-09-08.log?dl=0
Well, there you go. It tells you explicitly where you made the mistakes, up
to the file and line numbers
*Subject:* Re: tomcat ssl setup
Do you see what's on the log files, they can tell you what's the problem in.
Maybe you can
share those files too.
I also saw on line 117 this "| -->|" Looks like there's left over.
On 09/19/2017 09:31 AM, John Ellis wrote:
I have
On 19.09.2017 20:19, John Ellis wrote:
Andre at this point Alan, my boss, only has had me setup Tomcat 9 on this
server; not jira or confluence. He thought it might be easier to get the SSL
port working just on Tomcat first and then work with Jira and Confluence on
this server.
Yes, and he is r
-Original Message-
From: André Warnier (tomcat) [mailto:a...@ice-sa.com]
Sent: Tuesday, September 19, 2017 10:57 AM
To: users@tomcat.apache.org
Subject: Re: tomcat ssl setup
On 19.09.2017 17:31, John Ellis wrote:
> I have been trying to setup SSL for tomcat 9.00.M26 on a RHEL (vers
From: Alejandro Vargas M. [mailto:alejandro.var...@kymsolutions.com]
Sent: Tuesday, September 19, 2017 11:10 AM
To: users@tomcat.apache.org
Subject: Re: tomcat ssl setup
Do you see what's on the log files, they can tell you what's the problem in.
Maybe you can share those files too.
I a
@tomcat.apache.org
Subject: Re: tomcat ssl setup
Do you see what's on the log files, they can tell you what's the problem in.
Maybe you can share those files too.
I also saw on line 117 this " -->" Looks like there's left over.
On 09/19/2017 09:31 AM, John Ellis wrote:
I h
Do you see what's on the log files, they can tell you what's the problem
in. Maybe you can share those files too.
I also saw on line 117 this "|||-->|" Looks like there's left over.
On 09/19/2017 09:31 AM, John Ellis wrote:
I have been trying to setup SSL for tomcat 9.00.M26 on a RHEL (vers
On 19.09.2017 17:31, John Ellis wrote:
I have been trying to setup SSL for tomcat 9.00.M26 on a RHEL (version 6.4)
server for
testing purposes. I downloaded & installed Tomcat9 fine and I get a proper
webpage on port
8080 but when I used the keytool commands and created a certificate from
cace
I have been trying to setup SSL for tomcat 9.00.M26 on a RHEL (version 6.4)
server for testing purposes. I downloaded & installed Tomcat9 fine and I get
a proper webpage on port 8080 but when I used the keytool commands and
created a certificate from cacert.org and then edited the server.xml file t
On 29/05/17 16:05, Christopher Schultz wrote:
> Lucas,
>
> On 5/27/17 9:41 AM, Lucas Ventura Carro wrote:
>>> On 23/06/2016 12:58, Mark Thomas wrote: Smarter sounds good to
>>> me. Why not try and write a patch for this?
>
>> I work faster with github pull-requests :)
>> https://github.com/apach
On 29/05/17 17:02, Christopher Schultz wrote:
> Mark,
>
> On 5/29/17 11:40 AM, Christopher Schultz wrote:
>> Mark,
>
>> On 6/23/16 7:58 AM, Mark Thomas wrote:
>>> On a related topic, I wonder how tolerant
>>> CertificateFactory.generateCertificate() is since that will have
>>> an impact on exac
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Mark,
On 5/29/17 11:40 AM, Christopher Schultz wrote:
> Mark,
>
> On 6/23/16 7:58 AM, Mark Thomas wrote:
>> On a related topic, I wonder how tolerant
>> CertificateFactory.generateCertificate() is since that will have
>> an impact on exactly how
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Mark,
On 6/23/16 7:58 AM, Mark Thomas wrote:
> On a related topic, I wonder how tolerant
> CertificateFactory.generateCertificate() is since that will have
> an impact on exactly how smart the SSLValve needs to be.
Tested with Oracle Java 1.8.0_12
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Lucas,
On 5/27/17 9:41 AM, Lucas Ventura Carro wrote:
>> On 23/06/2016 12:58, Mark Thomas wrote: Smarter sounds good to
>> me. Why not try and write a patch for this?
>
> I work faster with github pull-requests :)
> https://github.com/apache/tomca
> On 23/06/2016 12:58, Mark Thomas wrote:
> Smarter sounds good to me. Why not try and write a patch for this?
I work faster with github pull-requests :)
https://github.com/apache/tomcat80/pull/8
> On a related topic, I wonder how tolerant
> CertificateFactory.generateCertificate() is since that
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Edwin,
On 12/19/16 12:22 PM, Edwin Quijada wrote:
> I am trying to use SSL with my server Tomcat . I have read
> different articles when it recommends that is better use Apache
> webserver in front of Tomcat to and apache handles the SSL
> conection
Hi!
I am trying to use SSL with my server Tomcat . I have read different articles
when it recommends that is better use Apache webserver in front of Tomcat to
and apache handles the SSL conection. My problem is that I cannot use apache in
front of Tomcat because I am using websockets and these
On 23/06/2016 12:51, Lucas Ventura Carro wrote:
> And here comes the incompatibility: Nginx replaces new lines with tab
> characters, but the valve only try to change white spaces.
> Should not be the SSL Valve smarter and try to replace one or multiple
> whitespaces (the regex '\s+')? Or at leas
I have a webapp which reads a X.509 client certificate from the standard
servlet request attribute:
ServletRequest.getAttribute("javax.servlet.request.X509Certificate").
When Tomcat is the HTTPS endpoint, works like a charm.
But when there is a Nginx as the HTTPS endpoint, and Tomcat is configured
2014-11-11 20:10 GMT+03:00 Gadhiraju, Satish :
> Hi, I am new to tomcat. I have installed tomcat binaries and created one
> stand alone instance.
> Tomcat is working fine with http port, I get the message It works.
> But when I try to access with https port I am getting page cannot be found.
> Bel
Hi, I am new to tomcat. I have installed tomcat binaries and created one stand
alone instance.
Tomcat is working fine with http port, I get the message It works.
But when I try to access with https port I am getting page cannot be found.
Below is what I did
./keytool -genkey -alias tomcat -keyalg
Hi, Chris.
So - 5.5 yes, very old - but we still use it. I hope - will update some
day...
> I can see that you have clientAuth="want"... what happens if the client
declines to send a certificate? // if it's connection not to restricted
area - Tomcat will open it, if to /some/page - will decline w
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Арсений,
On 1/31/14, 5:15 AM, Арсений Зинченко wrote:
> We have Tomcat with two factor authentication when access to
> /some/pagerequested.
>
> Auth configured with JDBCRealm & Oracle database:
>
> driverName="oracle.jdbc.driver.OracleDriver" ..
Hi, people.
We have Tomcat with two factor authentication when access to
/some/pagerequested.
Auth configured with JDBCRealm & Oracle database:
Auth requring via web.xml:
^M
^M
*^M
/some/*^M
^M
^M
cert^M
^M
^M
CONFIDENTIAL^M
^M
^M
^M
> I said "An application *usually* doesn't care how it is accessed".
> Most applications do not. Some do.
> But I would argue that this would not be such a good design, because it
> removes flexibility in the application. It would mean that the application
> then cannot work in a context where th
Cédric Couralet wrote:
2013/9/30 Christopher Schultz :
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Cédric,
On 9/30/13 10:06 AM, Cédric Couralet wrote:
Hi,
2013/9/30 André Warnier :
Hi.
[...]
The question is now : why does that application require HTTPS ?
An application usually doesn'
2013/9/30 Christopher Schultz :
> -BEGIN PGP SIGNED MESSAGE-
> Hash: SHA256
>
> Cédric,
>
> On 9/30/13 10:06 AM, Cédric Couralet wrote:
>> Hi,
>>
>> 2013/9/30 André Warnier :
>>> Hi.
>>>
>> [...]
>>> The question is now : why does that application require HTTPS ?
>>> An application usually
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Cédric,
On 9/30/13 10:06 AM, Cédric Couralet wrote:
> Hi,
>
> 2013/9/30 André Warnier :
>> Hi.
>>
> [...]
>> The question is now : why does that application require HTTPS ?
>> An application usually doesn't care how it is accessed, except if
>> s
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
André,
On 9/30/13 9:40 AM, André Warnier wrote:
>> On Mon, Sep 30, 2013 at 10:11 AM, André Warnier
>> wrote:
>>
>>> Daniel Mikusa wrote:
>>>
On Sep 30, 2013, at 8:20 AM, Leonardo Torres
wrote:
Hi guys,
> I have the foll
Hi,
2013/9/30 André Warnier :
> Hi.
>
[...]
> The question is now : why does that application require HTTPS ?
> An application usually doesn't care how it is accessed, except if some
> configuration of the application requires it to get some information from
> the SSL protocol (like a user certifi
Hi.
Do not top-post on this list. If someone looks at your last message, he has to then
scroll dow the message to try to figure out what you are responding to. That is annoying.
So I moved your responses where they belong.
On Mon, Sep 30, 2013 at 10:11 AM, André Warnier wrote:
Daniel Mi
On Sep 30, 2013, at 9:24 AM, Leonardo Torres wrote:
First, please don't top post. Reply at the bottom or inline, like I'm doing.
> Currently, the communication between httpd and tomcat is via HTTP.
Is that OK? Does it need to be encrypted?
>
> Tomcat version is 7.0.42
>
> I have a resource
Currently, the communication between httpd and tomcat is via HTTP.
Tomcat version is 7.0.42
I have a resource within the tomcat that needs to be accessed via SSL, but
the SSL is configured on HTTPD. How can I configure that ?
Excuse me, but I'm newbie in server configuration.
On Mon, Sep 30,
Daniel Mikusa wrote:
On Sep 30, 2013, at 8:20 AM, Leonardo Torres wrote:
Hi guys,
I have the following structure :
Apache HTTP (Proxy) --> Tomcat .
So, I have configured SSL on Apache HTTP, how do I configure SSL in my
application in Tomcat?
Need some more info here...
1.) What version o
On Sep 30, 2013, at 8:20 AM, Leonardo Torres wrote:
> Hi guys,
>
> I have the following structure :
>
> Apache HTTP (Proxy) --> Tomcat .
>
> So, I have configured SSL on Apache HTTP, how do I configure SSL in my
> application in Tomcat?
Need some more info here...
1.) What version of HTTPD &
Hi guys,
I have the following structure :
Apache HTTP (Proxy) --> Tomcat .
So, I have configured SSL on Apache HTTP, how do I configure SSL in my
application in Tomcat?
Thank´s
--
*Obrigado
Leonardo Torres, MSc.*
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Prashant,
On 9/11/13 9:07 AM, Prashant Shinde wrote:
> I am getting following error when I try with wget
>
> OpenSSL: error:140770FC:SSL
> routines:SSL23_GET_SERVER_HELLO:unknown protocol Unable to
> establish SSL connection.
So, connecting with a
: Problem with tomcat SSL / HTTPS not working.
Prashant Shinde wrote:
Hi
We are facing problem with Tomcat HTTPS. We are using Apache Tomcat
Version 6.0.24.
Please find attached server.xml. When we access tomcat URL using https
it says "Page not Found" and otherwise with
> Prashant Shinde
> Senior Consultant
> Hoonar Tekwurks Consulting LLP
> email: prashant.shi...@hoonartek.com | cell: +91 98220 38097| desk: +91 20
> 4900 5204
>
>
> -Original Message-
> From: Prashant Shinde [mailto:prashant.shi...@hoonartek.com]
> Sent: 11
.com | cell: +91 98220 38097| desk: +91 20
4900 5204
-Original Message-
From: Prashant Shinde [mailto:prashant.shi...@hoonartek.com]
Sent: 11 September 2013 14:44
To: 'Tomcat Users List'
Subject: RE: Problem with tomcat SSL / HTTPS not working.
Hi
We are accessing th
@ice-sa.com]
Sent: 11 September 2013 13:47
To: Tomcat Users List
Subject: Re: Problem with tomcat SSL / HTTPS not working.
Prashant Shinde wrote:
> Hi
>
>
>
> We are facing problem with Tomcat HTTPS. We are using Apache Tomcat
> Version 6.0.24.
>
>
>
> Please
Prashant Shinde wrote:
Hi
We are facing problem with Tomcat HTTPS. We are using Apache Tomcat Version
6.0.24.
Please find attached server.xml. When we access tomcat URL using https it
says "Page not Found" and otherwise with just http it works fine.
Please let us know the possible
2013/9/11 Prashant Shinde :
> Hi
>
>
>
> We are facing problem with Tomcat HTTPS. We are using Apache Tomcat Version
> 6.0.24.
>
>
>
> Please find attached server.xml. When we access tomcat URL using https it
> says “Page not Found” and otherwise with just http it works fine.
>
>
>
> Please let us
Hi
We are facing problem with Tomcat HTTPS. We are using Apache Tomcat Version
6.0.24.
Please find attached server.xml. When we access tomcat URL using https it
says "Page not Found" and otherwise with just http it works fine.
Please let us know the possible solution.
Thanks & R
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Hermes,
On 11/26/12 3:36 PM, Hermes Flying wrote:
> Hi, I am running Tomcat 5.35 and I got a report that it is
> vulnerable to SSL client renegotiation DoS.
>
> You notein your docs that this is not a Tomcat issue per se, but
> JSSE issue. Please not
To: Tomcat Users List
Sent: Tuesday, November 27, 2012 12:09 AM
Subject: Re: Tomcat ssl vulnerability CVE-2009-3555
On Nov 26, 2012, at 3:36 PM, Hermes Flying wrote:
> Hi,
> I am running Tomcat 5.35 and I got a report that it is vulnerable to SSL
> client renegotiation DoS.
>
To: Tomcat Users List
Sent: Tuesday, November 27, 2012 12:09 AM
Subject: Re: Tomcat ssl vulnerability CVE-2009-3555
On Nov 26, 2012, at 3:36 PM, Hermes Flying wrote:
> Hi,
> I am running Tomcat 5.35 and I got a report that it is vulnerable to SSL
> client renegotiation DoS.
>
To: Tomcat Users List
Sent: Tuesday, November 27, 2012 12:09 AM
Subject: Re: Tomcat ssl vulnerability CVE-2009-3555
On Nov 26, 2012, at 3:36 PM, Hermes Flying wrote:
> Hi,
> I am running Tomcat 5.35 and I got a report that it is vulnerable to SSL
> client renegotiation DoS.
>
On Nov 26, 2012, at 3:36 PM, Hermes Flying wrote:
> Hi,
> I am running Tomcat 5.35 and I got a report that it is vulnerable to SSL
> client renegotiation DoS.
>
> You notein your docs that this is not a Tomcat issue per se, but JSSE issue.
> Please note that allowUnsafeLegacyRenegotiation is se
r
To: Tomcat Users List
Sent: Monday, November 26, 2012 11:41 PM
Subject: Re: Tomcat ssl vulnerability CVE-2009-3555
Hermes Flying wrote:
> Just to be clear. When I say report, I mean a report from a security
> penetration test suite which reports that the server allows re
2012 10:36 PM
Subject: Tomcat ssl vulnerability CVE-2009-3555
Hi,
I am running Tomcat 5.35 and I got a report that it is vulnerable to SSL client renegotiation DoS.
Hi.
I believe that Tomcat 5.35 does not exist. You probably mean 5.5.35.
You may first want to have a look at this pa
Just to be clear. When I say report, I mean a report from a security
penetration test suite which reports that the server allows renegotiation
From: Hermes Flying
To: "users@tomcat.apache.org"
Sent: Monday, November 26, 2012 10:36 PM
Subject:
Hi,
I am running Tomcat 5.35 and I got a report that it is vulnerable to SSL client
renegotiation DoS.
You notein your docs that this is not a Tomcat issue per se, but JSSE issue.
Please note that allowUnsafeLegacyRenegotiation is set to false. Looking into
the source code I see the following:
Mark H. Wood wrote:
As already pointed out, there's your problem. To identify a networked
service, the value of CN should be the FQDN of the host providing the
service. (This is why people suddenly became interested in securing
DNS: we are relying on it to validate certificate bindings to serv
On Thu, Jan 12, 2012 at 09:14:28AM -0800, James Lampert wrote:
> Scenario:
>
> I created a self-signed certificate for the box I was testing:
> CN = James Lampert
As already pointed out, there's your problem. To identify a networked
service, the value of CN should be the FQDN of the host providi
I created a self-signed certificate for the box I was testing:
CN = James Lampert
Pid * wrote:
The Common Name must match the domain name of the server as seen by the client.
Hmm. So where Keytool asks
What is your first and last name?
you answer not with what it's asking for, but with the
On 12 Jan 2012, at 17:15, James Lampert wrote:
> Scenario:
>
> I created a self-signed certificate for the box I was testing:
> CN = James Lampert
> OU = Development Lab
> O = Touchtone Corporation
> L = Costa Mesa
> ST = California
> C = US
>
> I then installed it into the Tomcat server on that
Scenario:
I created a self-signed certificate for the box I was testing:
CN = James Lampert
OU = Development Lab
O = Touchtone Corporation
L = Costa Mesa
ST = California
C = US
I then installed it into the Tomcat server on that box. Connecting to
the site with Firefox, I was told that the certi
On 14/12/2011 10:42, Jean Louis LECOQUIERRE wrote:
> Hi
>
> I need help to manage the tomcat.jks
>
> The certificate Racine is not good, I need to change it
>
> What is the command ?
$JAVA_HOME/bin/keytool --help
p
> Jean Louis LECOQUIERRE
> Administrateur systemes et reseaux
>
> Challenge
Hi
I need help to manage the tomcat.jks
The certificate Racine is not good, I need to change it
What is the command ?
Br
Jean Louis LECOQUIERRE
Administrateur systemes et reseaux
Challenge International
2 rue vincent van gogh - 76290 Montivilliers - France
Phone: +33 (
Am Freitag, den 29.07.2011, 10:44 -1000 schrieb Sammaiah Kyatham:
> Hello Felix,
>
> Thanks for the response.
>
> I have received new certificated based on new CSR generated.
> While importing cert in to key, I'm getting the following error:
> java.lang.Exception: Failed to establish chain from r
Hello Felix,
Thanks for the response.
I have received new certificated based on new CSR generated.
While importing cert in to key, I'm getting the following error:
java.lang.Exception: Failed to establish chain from reply
Here is the keytool command that I used for this:
keytool -import -alias
Sammaiah Kyatham schrieb:
>Hello,
>
Your keystore has no private key.
The output of keytool below shows only a certificate.
You can use keytool -importkeystore to import key and certificate at the same
time.
Regards
Felix
>Could you help me on this issue. I spent many hours with the various
Hello,
Could you help me on this issue. I spent many hours with the various options
> and couldn’t resolve.
>
>
>
> I have configured the server.xml as per the tomcat configuration, however
> I’m getting below errors.
>
>
>
> keystoreFile="C:\Program Files\Java\jre6\bin\hakioskcheckin2_key"
> key
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Andrei,
On 3/17/2011 2:04 PM, andrei d wrote:
> So there are no relevant hooks in the Tomcat connectors and/or no way
> to instrument that code?
If you are using plain-old Java SSL, then Tomcat is not part of the
equation: the Java runtime establishe
Chris,
So there are no relevant hooks in the Tomcat connectors and/or no way
to instrument that code?
(I assume that's where the connections are established)
I am trying to avoid using client test code for this since I'd like to
do the measurement on a production system under real load.
Thanks,
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Andrei,
On 3/16/2011 1:59 PM, andrei d wrote:
> Is there a way for Tomcat to time the overhead introduced by using an SSL
> connector? (vs a non-ssl one)
> I was hoping I could use a Valve for this, but it looks like by the time a
> valve is hit, the
Is there a way for Tomcat to time the overhead introduced by using an SSL
connector? (vs a non-ssl one)
I was hoping I could use a Valve for this, but it looks like by the time a
valve is hit, the Connector already established a connection.
thanks in advance
andrei
On 3.12.2010 14:53, Nathaniel Thalluri wrote:
I still haven't been able to resolve this issue. Does anyone have any
suggestions?
Provide more details about the problem:
1. If you open your site with e.g. Firefox, and certificate is not
valid, under section "technical details", you will see de
I still haven't been able to resolve this issue. Does anyone have any
suggestions?
-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org
The certificate was authorized for multiple domains and the domains
are not all on the same machine. Would this have any affect?
Also the keystore should have only one entry after the imports. But
mine has 5 which is also weird.
-
Chris,
> You mean the root CA stuff? Your default Java cacerts should probably
> already contain them. If not...
I mean the all the certificates listed in the second option in godaddy
documentation. They list 4 certs. They are all included in a zip file
which is available for download once the CS
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Nathaniel,
On 11/30/2010 3:00 PM, Nathaniel Thalluri wrote:
> Then downloaded the certificate bundle that
> godaddy provides.
You mean the root CA stuff? Your default Java cacerts should probably
already contain them. If not...
> Imported the certs
I am having the following issue with SSL and I am not sure where the
issue lies.
This is the background. I used java's keytool.exe to create a size
2048 private key keystore and then created a CSR from it. This CSR was
submitted to godaddy. Then downloaded the certificate bundle that
godaddy provi
Hello folks,
I have a set of web services installed in Tomcat 6.0.26 that I would like to
access using HTTPs, I have following the instructions in Tomcat web side to
set up JSSE support and now I can access the web services using SSH.
My question is what do I have to do in my Java client-side cla
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Moley,
On 11/17/2010 3:23 AM, Moley Harey wrote:
> Thanks a lot Christopher, my web services are implemented using JAX WS API
> and I am connecting using REST, I was planning to use Apache Http Commons
> library for HTTPS as is the one I am using for
Thanks André, I have been checking Apache Http Commons API for connecting
through HTTPS in my client-side classes and it seems that protocol is
supported well.
My doubt regarding if I had to do anything special in the client side was
related to the certificate, I have a self generated certificate
Thanks a lot Christopher, my web services are implemented using JAX WS API
and I am connecting using REST, I was planning to use Apache Http Commons
library for HTTPS as is the one I am using for simple HTTP connections...
2010/11/16 Christopher Schultz
> -BEGIN PGP SIGNED MESSAGE-
> Has
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Moley,
On 11/16/2010 9:33 AM, Moley Harey wrote:
> My question is what do I have to do in my Java client-side classes to work
> with HTTPS requests [to] Tomcat? Do I have to accept somehow the certificate
> provided by Tomcat in my Java classes?
Yes.
Moley Harey wrote:
Hello folks,
I have a set of web services installed in Tomcat 6.0.26 that I would like to
access using HTTPs, I have following the instructions in Tomcat web side to
set up JSSE support and now I can access the web services using SSH.
My question is what do I have to do in my
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Chuck,
On 12/12/2009 1:40 PM, Caldarale, Charles R wrote:
>> From: Adria Stembridge [mailto:adrya.stembri...@gmail.com]
>> Subject: Re: New to Tomcat -- SSL
>>
>> I compiled jsvc per tomcat 5.5 documentation.
>>
&
...@unisys.com> wrote:
> > From: Adria Stembridge [mailto:adrya.stembri...@gmail.com]
> > Subject: Re: New to Tomcat -- SSL
> >
> > Tomcat works under 8080 and 8443 currently.
> >
> > Isn't there a way to forward 8443 to 443 with iptables?
>
> Yes, th
> From: Adria Stembridge [mailto:adrya.stembri...@gmail.com]
> Subject: Re: New to Tomcat -- SSL
>
> I compiled jsvc per tomcat 5.5 documentation.
>
> [Linux] service tomcat5 stop
> [Linux] ./bin/jsvc -Djava.endorsed.dirs=./common/endorsed -cp
> ./bin/bootstrap.jar -out
> From: Adria Stembridge [mailto:adrya.stembri...@gmail.com]
> Subject: Re: New to Tomcat -- SSL
>
> Tomcat works under 8080 and 8443 currently.
>
> Isn't there a way to forward 8443 to 443 with iptables?
Yes, that's frequently done. From the Tomcat FAQ:
- Anoth
I've been at this for two days. Learning a lot, but this is production and
needs to get back to service. Is there another way, other than
revoking/requesting a new SSL certificate and using apache mod_jk?
Tomcat works under 8080 and 8443 currently.
Isn't there a way to forward 8443 to 443 wit
> Linux/UNIX systems do not allow unprivileged userids to access ports <
> 1024. Although you can run Tomcat under the root userid, this is not
> recommended for security reasons. Instead, start Tomcat with jsvc:
> http://tomcat.apache.org/tomcat-6.0-doc/setup.html#Unix%20daemon
>
> - Chuck
>
I
101 - 200 of 322 matches
Mail list logo
