Ah. No, our client cert is signed by a self-signed root. But only the
client cert is in the keystore and only the client cert is registered on
the Datapower server. I can connect using the same keystore with a
standalone Java client that just opens a URL connection and input stream,
and also with S
Hi Chris,
Thanks for replying. This is a different 3rd party service we're connecting
to, but again it's a weird one because other tools work. I've included
responses below prefixed with [DMC].
Regards,
Diarmuid
On 1 Sep 2015 20:57, "Christopher Schultz"
wrote:
>
> -BEGIN PGP SIGNED MESSAGE
I'm referring to when a certificate is a combo such as a GoDaddy g1_g2 root.
The intermediate is usually fine.
Sent from my BlackBerry 10 smartphone on the Verizon Wireless 4G LTE network.
Original Message
From: dmccrthy
Sent: Tuesday, September 1, 2015 4:12 PM
To: Tomcat Users List
Reply To
Hi Jeff,
Our client keystore has one certificate, but the truststore has multiple
certs. I'll try removing everything from the truststore except the server
cert and see what happens.
Thanks,
Diarmuid
On 1 Sep 2015 19:53, wrote:
>
> >> openssl s_client -tls1 -connect server-dns-name:15305 -CAfi
Hi George,
The 3rd party service is behind IBM Datapower. Datapower is reporting that
our HTTPS client connections aren't sending the client certificate as part
of the MA handshake. I'll double-check what the actual service is running
on behind that, but according to our 3rd party application team
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Diarmuid,
On 9/1/15 1:06 PM, dmccrthy wrote:
> I am having trouble getting Tomcat to load a truststore and
> keystore. This seems to be a basic configuration issue but I can't
> figure out what the problem is. Any insights would be gratefully
> rec
Thank you Andre! Your solution was very helpful!
On Wed, Aug 26, 2015 at 10:26 AM, André Warnier wrote:
> On 26.08.2015 06:06, Srikanth Challa wrote:
>
>> I am trying to organize my applications (multiple) into a specific
>> hierarchy under the webapps folder.
>> Something like this -
>> webapps
>> openssl s_client -tls1 -connect server-dns-name:15305 -CAfile
>> server-cert-with-intermediate-and-root-in-one-file.cer -cert
>> client-public-key.cer -key client-private-key.key -pass
>> pass:client-private-key-password
I've had trouble when there are more certificate packaged in the same
Hi Diarmuid,
We have run similar issue with client cert SSL. Is your 3rd party web service
hosted on Windows/IIS?
George
-Original Message-
From: dmccrthy [mailto:dmccr...@gmail.com]
Sent: Tuesday, September 01, 2015 11:07 AM
To: Tomcat Users List
Subject: Tomcat 7.0.55 Not loading tr
Hi All,
I am having trouble getting Tomcat to load a truststore and keystore. This
seems to be a basic configuration issue but I can't figure out what the
problem is. Any insights would be gratefully received.
The scenario is:
* A 3rd party web application is deployed in Tomcat
* The 3rrd party
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Theo,
On 9/1/15 4:29 AM, theo.swe...@avios.com wrote:
> Mark - I took a look at the Manager How To Guide as seen here -
>
> https://tomcat.apache.org/tomcat-8.0-doc/manager-howto.html#Expire_Ses
sions
>
> It mentions that it's possible to expire
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Sreyan,
On 8/31/15 3:20 PM, Sreyan Chakravarty wrote:
> Ok I found FormAuthenticator and landingPage attribute in it in the
> source.
You shouldn't need to look at the source.
> But how do I use that in my application ? What do I do ?
You configu
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Sreyan,
On 8/31/15 3:16 PM, Sreyan Chakravarty wrote:
> Well Christopher thanks for that eye opener. I didn't know that the
> specs were so inconsistent.
They aren't inconsistent... it's just that they don't cover a popular
use case. Remember that
On 01/09/2015 10:20, Nikitha Benny wrote:
> 1.) *So the question is, during a default Tomcat install, where is it
> defined that which dirs Tomcat scans* ?
That is not defined during installation.
It is controlled by the JarScanner component:
http://tomcat.apache.org/tomcat-8.0-doc/config/jar-
Hi All,
Tomcat stopped working (blank page when browsing to the website using
firefox).
Checking in the catalina.2015-04-21.log on one of the problematic servers,
following messages were seen :
*Apr 21, 2015 11:35:11 AM org.apache.catalina.startup.TldConfig tldScanJar*
*WARNING: Failed to proces
On 01/09/2015 09:29, theo.swe...@avios.com wrote:
> Mark - I took a look at the Manager How To Guide as seen here -
>
> https://tomcat.apache.org/tomcat-8.0-doc/manager-howto.html#Expire_Sessions
>
> It mentions that it's possible to expire sessions for each individual app
> using a command si
Mark - I took a look at the Manager How To Guide as seen here -
https://tomcat.apache.org/tomcat-8.0-doc/manager-howto.html#Expire_Sessions
It mentions that it's possible to expire sessions for each individual app
using a command similar to -
curl -X GET
http://username:password@localhost:8
On 01/09/2015 08:53, theo.swe...@avios.com wrote:
> Hi Mark
>
> Tomcat version?
>
> v8.0.21
OK. Fairly recent and no known issues. I'll add session expiration is
testing as part of the 'unit' tests we run after every commit and I
don't ever remember it failing. The same tests are also run befor
On 31/08/2015 20:28, George Sexton wrote:
>
>
> On 8/31/2015 8:54 AM, Christopher Schultz wrote:
>> You also tell them how long they have to wait before they can resume
>> their brute-force attack without wasting their own time.
>>> Must better to let a brute force attacker pound away at a locked
Hi Mark
Tomcat version?
v8.0.21
The usual causes are:
- something unexpected accessing the session
- the background processing thread is crashed / busy doing something
else
Is there a command line mechanism to gracefully terminate sessions?
Theo
From: Mark Thomas
To: Tomcat Us
On 01/09/2015 08:11, Ognjen Blagojevic wrote:
> Mark,
>
> On 31.8.2015 12:42, Mark Thomas wrote:
>>> I experienced situations where the user calls the first level service
>>> desk and a ticket goes all its way to someone who can read the server
>>> logs and understand the issue... Not exactly opti
Hi Chris,
That's pretty much it (except the path for the app's web.xml looks a
little odd).
We are running multi-instance environment and this is why the path is
$CATALINA_BASE/conf/web.xml
Are the web services specifying their own session-timeout in the
application-specific web.xml?
No the we
Mark,
On 31.8.2015 12:42, Mark Thomas wrote:
I experienced situations where the user calls the first level service desk and
a ticket goes all its way to someone who can read the server logs and
understand the issue... Not exactly optimal.
I agree. That is why most organisations provide self-
23 matches
Mail list logo
