Hi,
We tried the following configuration, but it still fails with the same
error:
<Connector port="8443"
address=xxxx
protocol="org.apache.coyote.http11.Http11NioProtocol"
SSLEnabled="true"
maxThreads="150" keyAlias="interact7-priv"
scheme="https"
secure="true"
clientAuth="false"
sslProtocol="TLS">
<SSLHostConfig hostName=xxxx>
<Certificate certificateKeyAlias=xxx
certificateKeystoreFile=xxxx
certificateKeystorePassword=xxxxx />
</SSLHostConfig>
</Connector>
Thanks
Neha
On Mon, Jun 5, 2017 at 11:53 AM, Hassan Khan <[email protected]>
wrote:
> Hi,
>
> we had a different problem with Nio :
> <Connector port="443" protocol="org.apache.coyote.
> http11.Http11NioProtocol"
> ====> Non-blocking connector
> maxThreads="200" SSLEnabled="true" compression="on"
> minSpareThreads="25" maxSpareThreads="75"
> enableLookups="false" connectionTimeout="-1"
> scheme="https" secure="true">
>
> <SSLHostConfig honorCipherOrder="false" >
> <Certificate certificateKeystoreFile="XXX"
> certificateKeystorePassword="XXX"
> certificateKeyAlias="localhost"
> type="RSA" />
> </SSLHostConfig>
> </Connector>
>
> so we changed to APR as below and everything worked great :
> <Connector protocol="org.apache.coyote.http11.Http11AprProtocol"
> port="443" clientAuth="false" sslProtocol="TLS"
> SSLEnabled="true" maxThreads="150" scheme="https" secure="true"
> SSLCertificateFile="ABC.crt"
> SSLCertificateKeyFile="TRE.key"
> SSLEngine="on" SSLVerifyDepth="2"
> />
>
> But your may be different issue...
>
> Thanks
> Hassan
>
> On Mon, Jun 5, 2017 at 1:30 PM, Neha Munjal <[email protected]>
> wrote:
>
> > Hi Chris,
> >
> > Please find below our Connector information:
> >
> > <Connector port="8443"
> >
> > address=xxxxxxxxxx
> >
> > protocol="org.apache.coyote.http11.Http11NioProtocol"
> >
> > SSLEnabled="true"
> >
> > maxThreads="150"
> >
> > keyAlias=xxxxxxxxx
> >
> > keystoreFile=xxxxxxxxxx keystorePass=xxxxxxxxx
> >
> > scheme="https"
> >
> > secure="true"
> >
> > clientAuth="false"
> >
> > sslProtocol="TLS" />
> >
> >
> > Also found this link that talks about different SSL implementations that
> we
> > can configure:
> >
> >
> > https://tomcat.apache.org/tomcat-8.5-doc/ssl-howto.html
> >
> >
> > Our installation uses APR and we have openssl102 installed. I think the
> > connector configuration requires changes.
> >
> >
> > Thanks
> >
> > Neha
> >
> >
> >
> > On Mon, Jun 5, 2017 at 7:58 AM, Christopher Schultz <
> > [email protected]> wrote:
> >
> > > -----BEGIN PGP SIGNED MESSAGE-----
> > > Hash: SHA256
> > >
> > >
> > >
> > > Neha,
> > >
> > > On 6/2/17 5:36 PM, Neha Munjal wrote:
> > > > We have been trying to start Apache Tomcat 8.5.14 (JDK version
> > > 8.0_121-b13)
> > > > and land into the following error:
> > > >
> > > > #
> > > >
> > > > # A fatal error has been detected by the Java Runtime Environment:
> > > > # # SIGSEGV (0xb) at pc=0x00007fafaa9ad123, pid=590,
> > > tid=0x00007fb095cdc700
> > > > # # JRE version: Java(TM) SE Runtime Environment (8.0_121-b13)
> > > > (build 1.8.0_121-b13)
> > > >
> > > > # Java VM: Java HotSpot(TM) 64-Bit Server VM (25.121-b13 mixed
> > > > mode linux-amd64 compressed oops)
> > > >
> > > > # Problematic frame:
> > > >
> > > > # C [libapr-1.so.0+0x25123] apr_threadkey_private_set+0x3
> > >
> > >
> > > Hmm... I've not seen this one before.
> > >
> > > Can you please post your <Connector> configuration (with any secrets
> > > removed)?
> > >
> > > - -chris
> > >
> > > -----BEGIN PGP SIGNATURE-----
> > > Comment: GPGTools - http://gpgtools.org
> > > Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/
> > >
> > > iQIcBAEBCAAGBQJZNXF8AAoJEBzwKT+lPKRYZjYP/jgD5WziGLxS6FzHBX9bkkKZ
> > > NeNVsi0PZZDRBmdKdcudeHYHsW4gqNNfYHIakcWYhS5f7fSJx6cgJrC550OSL5mU
> > > Wzeqe7gTBmju2L9YcM9TJwITS7X+FvpaGv+y4tCcjGyHNwB1Se0N1bHasRZYo8DR
> > > lg7rAAtPKfzBaeMlf6JcHGK2+K/3sXzGL0oAAyWG3j5jzE1IYl5hiV/oQtNKwZ7K
> > > l6YzL0/tx9jpiuRFRhHPkPJh2fYUP6ZQ5I8J12fjjeKWgiCepJvwuLKgQ9uDwYrB
> > > Bz0mrc8hQSvMTbIx5bVrRVmMmJiofTcL81H3QE9BN5/yFk+CrCwvmt8E/w25/PoP
> > > tfZ4fbcDJ2U4tA2BDbXL/oOpl3TtcDh8kzZadWa6hZBfEjgsoyXJD9MJ4QHtrjql
> > > FHLx0SYCasAwpNNGM2TZ3rvXEWEoWh+thRkxN1oe6ysmVqKgT7y7JO2fjPRXNQ+x
> > > PP6DouWUAItXTxa4Rzom7Pu9o8YkxJ10GU6U7hAKI8JzVpSiifOttMy/QWV02Rpx
> > > th4+SOhzkjgsecTFzK9vsdM1M0MTHVsyNyrj1iRilt0eHonYiTmq9NfmKvskIgqi
> > > QaOdO5Ykd2YCHroF8qtVmr559Z84XOyaqOzjeyz8pgCaRtamHNGXdm6UGdfv7QjZ
> > > /AEW3TdCWPHVOr3xmdgq
> > > =4rJc
> > > -----END PGP SIGNATURE-----
> > >
> > > ---------------------------------------------------------------------
> > > To unsubscribe, e-mail: [email protected]
> > > For additional commands, e-mail: [email protected]
> > >
> > >
> >
>
>
>
> --
> Hassan Khan
>
