I _think_ that's caused by a missing or too-low-version library -- either the Tomcat Native Library, or the Apache Portable Runtime, or OpenSSL would be my guess.
--Dave -- DAVID A. CURRY, CISSP *DIRECTOR OF INFORMATION SECURITY* INFORMATION TECHNOLOGY 71 FIFTH AVE., 9TH FL., NEW YORK, NY 10003 +1 212 229-5300 x4728 • [email protected] [image: The New School] On Thu, May 10, 2018 at 1:02 PM, Jennifer LaVoie <[email protected]> wrote: > Hello Everyone > > I am having an issue with configuring tomcat/apache/java > > After a fresh reboot, I run > > netstat -anop |grep java > > and nothing is returned. > > I then run /opt/apache/bin/ ./startup.sh and run netstat again and get > > tcp 0 0 0.0.0.0:443 0.0.0.0:* > LISTEN 1799/java off (0.00/0/0) > unix 2 [ ] STREAM CONNECTED 30879 1799/java > > > I cannot connect via the URL in web browser. > > Then I tail -100 /opt/apache/logs/catalina.out > > I see this error > > 10-May-2018 12:49:26.918 WARNING [main] > org.apache.tomcat.util.net.SSLHostConfig.setConfigType > The property [disableSessionTickets] was set on the SSLHostConfig named > [_default_] and is for the [OPENSSL] configuration syntax but the > SSLHostConfig is being used with the [EITHER] configuration syntax > 10-May-2018 12:49:26.923 SEVERE [main] org.apache.catalina.util. > LifecycleBase.handleSubClassException Failed to initialize component > [Connector[HTTP/1.1-443]] > java.lang.UnsatisfiedLinkError: org.apache.tomcat.jni.Pool.create(J)J > at org.apache.tomcat.jni.Pool.create(Native Method) > at org.apache.tomcat.util.net.openssl.OpenSSLEngine.<clinit> > (OpenSSLEngine.java:70) > at org.apache.tomcat.util.net.openssl.OpenSSLUtil.getImplementedProtocols( > OpenSSLUtil.java:61) > at org.apache.tomcat.util.net.SSLUtilBase.<init>(SSLUtilBase.java:53) > at org.apache.tomcat.util.net.openssl.OpenSSLUtil.<init>( > OpenSSLUtil.java:41) > at org.apache.tomcat.util.net.openssl.OpenSSLImplementation.getSSLUtil( > OpenSSLImplementation.java:36) > at org.apache.tomcat.util.net.AbstractJsseEndpoint.createSSLContext( > AbstractJsseEndpoint.java:102) > at org.apache.tomcat.util.net.AbstractJsseEndpoint.initialiseSsl( > AbstractJsseEndpoint.java:85) > at org.apache.tomcat.util.net.NioEndpoint.bind(NioEndpoint.java:216) > at org.apache.tomcat.util.net.AbstractEndpoint.init( > AbstractEndpoint.java:1043) > at org.apache.coyote.AbstractProtocol.init(AbstractProtocol.java:540) > at org.apache.coyote.http11.AbstractHttp11Protocol.init( > AbstractHttp11Protocol.java:74) > at org.apache.catalina.connector.Connector.initInternal( > Connector.java:932) > at org.apache.catalina.util.LifecycleBase.init(LifecycleBase.java:136) > at org.apache.catalina.core.StandardService.initInternal( > StandardService.java:530) > at org.apache.catalina.util.LifecycleBase.init(LifecycleBase.java:136) > at org.apache.catalina.core.StandardServer.initInternal( > StandardServer.java:852) > at org.apache.catalina.util.LifecycleBase.init(LifecycleBase.java:136) > at org.apache.catalina.startup.Catalina.load(Catalina.java:633) > at org.apache.catalina.startup.Catalina.load(Catalina.java:656) > at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) > at sun.reflect.NativeMethodAccessorImpl.invoke( > NativeMethodAccessorImpl.java:62) > at sun.reflect.DelegatingMethodAccessorImpl.invoke( > DelegatingMethodAccessorImpl.java:43) > at java.lang.reflect.Method.invoke(Method.java:498) > at org.apache.catalina.startup.Bootstrap.load(Bootstrap.java:306) > at org.apache.catalina.startup.Bootstrap.main(Bootstrap.java:491) > > > I am not sure how to troubleshoot next... > > any insight would be helpful. > > Here is my connector > > <Connector port="443" protocol="org.apache.coyote. > http11.Http11NioProtocol" > sslImplementationName="org.apache.tomcat.util.net. > openssl.OpenSSLImplementation" > SSLEnabled="true" connectionTimeout="20000" maxThreads="150"> > <SSLHostConfig > ciphers="ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20- > POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128- > GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256- > GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM- > SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128- > SHA256:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE- > RSA-AES128-SHA:ECDHE-ECDSA-AES256-SHA384:ECDHE-ECDSA- > AES256-SHA:ECDHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE- > RSA-AES128-SHA:DHE-RSA-AES256-SHA256:DHE-RSA-AES256-SHA: > ECDHE-ECDSA-DES-CBC3-SHA:ECDHE-RSA-DES-CBC3-SHA:EDH- > RSA-DES-CBC3-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384: > AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:DES-CBC3-SHA:!DSS" > honorCipherOrder="true" protocols="all,-SSLv2Hello,-SSLv2,-SSLv3" > disableSessionTickets="true"> > <Certificate > certificateKeystoreFile="/etc/pki/tls/keystore.jks" > certificateKeystorePassword="xxxxx" > type="RSA" /> > </SSLHostConfig> > <UpgradeProtocol className="org.apache.coyote.http2.Http2Protocol" /> > </Connector> > > (keystore password xxxx out) > > > -- > - Website: https://apereo.github.io/cas > - Gitter Chatroom: https://gitter.im/apereo/cas > - List Guidelines: https://goo.gl/1VRrw7 > - Contributions: https://goo.gl/mh7qDG > --- > You received this message because you are subscribed to the Google Groups > "CAS Community" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to [email protected]. > To view this discussion on the web visit https://groups.google.com/a/ > apereo.org/d/msgid/cas-user/a9786710-f748-4453-b6b1- > e34ada3368db%40apereo.org > <https://groups.google.com/a/apereo.org/d/msgid/cas-user/a9786710-f748-4453-b6b1-e34ada3368db%40apereo.org?utm_medium=email&utm_source=footer> > . > -- - Website: https://apereo.github.io/cas - Gitter Chatroom: https://gitter.im/apereo/cas - List Guidelines: https://goo.gl/1VRrw7 - Contributions: https://goo.gl/mh7qDG --- You received this message because you are subscribed to the Google Groups "CAS Community" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/CA%2Bd9XAMvAF_NPG2Eh4tPNU6Y_%3Dkmif8aBK-tKnwwOzO5whzy_w%40mail.gmail.com.
