Re: Problem with session timeout

Helge, On 7/25/23 05:24, Wiemann, Helge (ESI) wrote: we have a problem that we have set the tomcat timeout to 10 minutes. But after a successful login with a realm, the user is automatically logged out, sometimes after one minute, sometimes other times. I have downloaded the source code, want

Re: Problem with session timeout

Find all implementations of Session, then set breakpoiunt on session.invalidate() would be a good place to start. Another good place would be your SessionManager as it has several interesting methods. The JVM's JDI does not allow you to set breakpoint on an interface, but some IDE's have a magic t

Problem with session timeout

Hi all, we have a problem that we have set the tomcat timeout to 10 minutes. But after a successful login with a realm, the user is automatically logged out, sometimes after one minute, sometimes other times. I have downloaded the source code, want to set a breakpoint. Does anybody know a code

Re: Problem with the redirect after j_security_check

Helge, On 7/22/23 11:03, Wiemann, Helge (ESI) wrote: we are using Tomcat 9 and the still the JDBC Realm for authentication. Our starting URL (which is protected) ends with “/boot1#index” The form authentication is then processed through the common url j_security_check. But after a successfu

Re: Problem with the redirect after j_security_check

On 7/22/23 12:03, Mark Thomas wrote: Your target URL is invalid. No user agent should be sending the fragment (#index) part of the URL. At best Tomcat will ignore it. Later versions may even reject it (I have a memory of that but don't have easy acces to the source code to check right now).

Re: Problem with the redirect after j_security_check

22 Jul 2023 17:03:50 Wiemann, Helge (ESI) : Hi all, we are using Tomcat 9 and the still the JDBC Realm for authentication. Our starting URL (which is protected) ends with “/boot1#index” The form authentication is then processed through the common url j_security_check. But after a successf

Problem with the redirect after j_security_check

Hi all, we are using Tomcat 9 and the still the JDBC Realm for authentication. Our starting URL (which is protected) ends with "/boot1#index" The form authentication is then processed through the common url j_security_check. But after a successful login, he is not redirecting to "boot1#index" bu

Re: problem with SSL connection java.security.NoSuchAlgorithmException: Error constructing implementation

is to underline that as predictable it was not a problem with tomcat Thanks to everyone spent time into this, especially Chris Il 27/06/2023 16:35, Christopher Schultz ha scritto: Ivano, On 6/27/23 09:15, Ivano Luberti wrote: We had another Linux server that should have been identical to the

Re: problem with SSL connection java.security.NoSuchAlgorithmException: Error constructing implementation

Ivano, On 6/27/23 09:15, Ivano Luberti wrote: We had another Linux server that should have been identical to the one where the problem was occuring. Tested the same software on that without the issue. So we cloned the latter and replaced the former. > Now everything works as expected. Hah

Re: problem with SSL connection java.security.NoSuchAlgorithmException: Error constructing implementation

Hi Chris, thank you for your dedication. We had another Linux server that should have been identical to the one where the problem was occuring. Tested the same software on that without the issue. So we cloned the latter and replaced the former. Now everything works as expected. Before the r

Re: problem with SSL connection java.security.NoSuchAlgorithmException: Error constructing implementation

Ivano, On 6/8/23 06:10, Ivano Luberti wrote: Hi, all I have the following problem. [snip] My guess is that looking at the code in this general area would be helpful. If you are able to add debug logging in there to spoit-out some of the crypto configuration being used, I'm sure it would hel

Re: problem with SSL connection java.security.NoSuchAlgorithmException: Error constructing implementation

Hi Chris, thanks for that. No,  don't make nay configuration regarding use of any algorithm. I launch Java with same options in tomcat and in the stand alone client and I get two different behaviours Il 23/06/2023 21:51, Christopher Schultz ha scritto: Ivano, On 6/8/23 06:10, Ivano Luberti

Re: problem with SSL connection java.security.NoSuchAlgorithmException: Error constructing implementation

Ivano, On 6/8/23 06:10, Ivano Luberti wrote: My web application executes an SSL connection but fails with the following exception  AxisFault: java.security.NoSuchAlgorithmException: Error constructing implementation (algorithm: Default, provider: SunJSSE, class: sun.security.ssl.SSLContextIm

Re: AW: problem with SSL connection java.security.NoSuchAlgorithmException: Error constructing implementation

rtup.sh contain some option that could create a difference with respect to this matter? Il 08/06/2023 16:39, Thomas Hoffmann (Speed4Trade GmbH) ha scritto: Hello Ivano, -Ursprüngliche Nachricht- Von: Ivano Luberti Gesendet: Donnerstag, 8. Juni 2023 12:10 An:users@tomcat.apache.org Be

AW: problem with SSL connection java.security.NoSuchAlgorithmException: Error constructing implementation

Hello Ivano, > -Ursprüngliche Nachricht- > Von: Ivano Luberti > Gesendet: Donnerstag, 8. Juni 2023 12:10 > An: users@tomcat.apache.org > Betreff: problem with SSL connection > java.security.NoSuchAlgorithmException: Error constructing implementation > > Hi,

problem with SSL connection java.security.NoSuchAlgorithmException: Error constructing implementation

Hi, all I have the following problem. My web application executes an SSL connection but fails with the following exception  AxisFault: java.security.NoSuchAlgorithmException: Error constructing implementation (algorithm: Default, provider: SunJSSE, class: sun.security.ssl.SSLContextImpl$Defa

Re: Jax-RS problem with Tomcat 10

On 23/01/2022 08:13, Julien Bréda wrote: Hello, I've been trying for days to run a Jax-RS application in the following environment : - Tomcat 10.0.16 - Windows 11 - Eclipse 2021-12 and I finally found something weird. I tried with two different implementations (RESTeasy and Jersey) and I get

Jax-RS problem with Tomcat 10

Hello, I've been trying for days to run a Jax-RS application in the following environment : - Tomcat 10.0.16 - Windows 11 - Eclipse 2021-12 and I finally found something weird. I tried with two different implementations (RESTeasy and Jersey) and I get the same behavior each time : - when my imple

Re: reporting a problem with LDAP auth to Windows Active Directory with Kerberos using the default spnegoDelegationQop="auth-conf" value for Tomcat 9.0.31 and 9.0.52

I tried setting stripRealmForGss="false" (the default is true, where the domain is stripped from the username) - but has the same problem with both true and false settings * I tried adding only the line spnegoDelegationQop="auth" and this caused the problem to be resolved

reporting a problem with LDAP auth to Windows Active Directory with Kerberos using the default spnegoDelegationQop="auth-conf" value for Tomcat 9.0.31 and 9.0.52

is true, where the domain is stripped from the username) - but has the same problem with both true and false settings * I tried adding only the line spnegoDelegationQop="auth" and this caused the problem to be resolved with Kerberos+LDAP working again * The options for spnegoD

RE: JNDI ldaps Problem with SSO

Hi Christopher Enclosed is the stacktrace of the tomcat (localhost) 03-Mar-2021 15:57:15.221 SEVERE [http-nio-8080-exec-10] org.apache.catalina.realm.JNDIRealm.authenticate Exception performing authentication javax.naming.NamingException: [LDAP: error code 1 - 04DC: LdapErr: DSID-0C0907E

RE: JNDI ldaps Problem with SSO

> -Original Message- > From: Christopher Schultz > Sent: Donnerstag, 20. Mai 2021 18:37 > To: users@tomcat.apache.org > Subject: Re: JNDI ldaps Problem with SSO > > Susan, > > On 5/18/21 16:58, susan.w...@swisscom.com wrote: > > When we are using plain ldap 3268, a

Re: JNDI ldaps Problem with SSO

ce and not just the message? -chris -Original Message- From: Christopher Schultz Sent: Dienstag, 18. Mai 2021 18:02 To: users@tomcat.apache.org Subject: Re: JNDI ldaps Problem with SSO Susan, On 5/18/21 09:43, susan.w...@swisscom.com wrote: Hi all apache-tomcat-8.0.36 java ve

RE: JNDI ldaps Problem with SSO

: # extended LDIF # # LDAPv3 # base with scope subtree # filter: (objectclass=*) # requesting: ALL # Organization, Schema, Configuration, bcintra.ch We think, ssl-handshake is fine but bind is failing. Why? Thank you Susan > -Original Message----- > From: Christopher Schultz > Sent: Die

Re: JNDI ldaps Problem with SSO

Susan, On 5/18/21 09:43, susan.w...@swisscom.com wrote: Hi all apache-tomcat-8.0.36 java version "1.8.0_281" Java(TM) SE Runtime Environment (build 1.8.0_281-b09) Java HotSpot(TM) 64-Bit Server VM (build 25.281-b09, mixed mode) We are having a problem with our Single sign On co

JNDI ldaps Problem with SSO

Hi all apache-tomcat-8.0.36 java version "1.8.0_281" Java(TM) SE Runtime Environment (build 1.8.0_281-b09) Java HotSpot(TM) 64-Bit Server VM (build 25.281-b09, mixed mode) We are having a problem with our Single sign On config. When using ldap - all works well. When switiching to l

Re: JNDI ldaps Problem with SSO

there maybe another debug Option for the ldap? > > > > Thank you > > > > Susan > > > > > > > > > -Original Message- > > > From: Brian Wolfe > > > Sent: Donnerstag, 25. Februar 2021 17:00 > > > To: Tomcat Users Lis

Re: JNDI ldaps Problem with SSO

aps with port 3269 fails > > Is there maybe another debug Option for the ldap? > > Thank you > > Susan > > > > > -Original Message- > > From: Brian Wolfe > > Sent: Donnerstag, 25. Februar 2021 17:00 > > To: Tomcat Users List > > Subje

RE: JNDI ldaps Problem with SSO

-juli.jar > > -Dcatalina.base=/opt/tomcat/tomcat8_appway1 > > -Dcatalina.home=/opt/tomcat/apache-tomcat-8.0.36 > > -Djava.io.tmpdir=/opt/tomcat/tomcat8_appway1/temp > > org.apache.catalina.startup.Bootstrap start > > > > Our server.xml only contains the ldap real

Re: JNDI ldaps Problem with SSO

m. > Could it be, that a ssl config is necessary too? > > Thank you > > Susan > > > -----Original Message- > > From: Bill Stewart > > Sent: Donnerstag, 25. Februar 2021 16:04 > > To: Tomcat Users List > > Subject: Re: JNDI ldaps Problem wit

RE: JNDI ldaps Problem with SSO

ginal Message- > From: Bill Stewart > Sent: Donnerstag, 25. Februar 2021 16:04 > To: Tomcat Users List > Subject: Re: JNDI ldaps Problem with SSO > > On Thu, Feb 25, 2021 at 2:31 AM wrote: > > We are having a problem with our Single sign On config. > > When using ldap -

Re: JNDI ldaps Problem with SSO

On Thu, Feb 25, 2021 at 2:31 AM wrote: We are having a problem with our Single sign On config. > When using ldap - all works well. > > When switiching to ldaps , the User loses to connection all together > (Server not reachable) > > s

JNDI ldaps Problem with SSO

Hi all apache-tomcat-8.0.36 java version "1.8.0_281" Java(TM) SE Runtime Environment (build 1.8.0_281-b09) Java HotSpot(TM) 64-Bit Server VM (build 25.281-b09, mixed mode) We are having a problem with our Single sign On config. When using ldap - all works well. When switiching to l

Re: Problem with protocols, Re: SSL/TLS issue: can we listen on more than one secured port, with different protocols enabled?

On 19/07/2020 13:55, Christopher Schultz wrote: > Mark, > > On 7/18/20 10:01, Mark Thomas wrote: >> On 17/07/2020 21:47, James H. H. Lampert wrote: >>> Running two connectors seems to work just fine, but I'm having >>> trouble getting one of them to only take TLS 1.2 >>> >>> In reply to my query:

Re: Problem with protocols, Re: SSL/TLS issue: can we listen on more than one secured port, with different protocols enabled?

Mark Thomas and Christopher Schultz wrote: You want: sslProtocol="TLS" sslEnabledProtocols="TLSv1.2" And to answer my question above, because that is the way the JSSE API has been written. We should probably just merge these into a single attribute and "do the right thing": 1. If not specif

Re: Problem with protocols, Re: SSL/TLS issue: can we listen on more than one secured port, with different protocols enabled?

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Mark, On 7/18/20 10:01, Mark Thomas wrote: > On 17/07/2020 21:47, James H. H. Lampert wrote: >> Running two connectors seems to work just fine, but I'm having >> trouble getting one of them to only take TLS 1.2 >> >> In reply to my query: >> Gi

Re: Problem with protocols, Re: SSL/TLS issue: can we listen on more than one secured port, with different protocols enabled?

On 17/07/2020 21:47, James H. H. Lampert wrote: > Running two connectors seems to work just fine, but I'm having trouble > getting one of them to only take TLS 1.2 > > In reply to my query: > >>> Given all this, is it possible to (1) have Tomcat listen on two separate >>> HTTPS ports, and (2) hav

Re: Problem with protocols, Re: SSL/TLS issue: can we listen on more than one secured port, with different protocols enabled?

On 7/17/20 2:36 PM, jonmcalexan...@wellsfargo.com.INVALID wrote: This looks like a cipher, not an alias TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA,TLS_RSA_WITH_AES_256 As I said, of course it's a cipher. I said up front that the lines were truncated, in order to fit in an email. I can't imagine w

Re: Problem with protocols, Re: SSL/TLS issue: can we listen on more than one secured port, with different protocols enabled?

On 7/17/20 2:36 PM, jonmcalexan...@wellsfargo.com.INVALID wrote: This looks like a cipher, not an alias TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA,TLS_RSA_WITH_AES_256 It is. The lines are truncated at 72 characters for the email. -- JHHL ---

RE: Problem with protocols, Re: SSL/TLS issue: can we listen on more than one secured port, with different protocols enabled?

3:47 PM To: Tomcat Users List Subject: Problem with protocols, Re: SSL/TLS issue: can we listen on more than one secured port, with different protocols enabled? Running two connectors seems to work just fine, but I'm having trouble getting one of them to only take TLS 1.2 In reply to my

Problem with protocols, Re: SSL/TLS issue: can we listen on more than one secured port, with different protocols enabled?

Running two connectors seems to work just fine, but I'm having trouble getting one of them to only take TLS 1.2 In reply to my query: Given all this, is it possible to (1) have Tomcat listen on two separate HTTPS ports, and (2) have one of the ports require TLS 1.2, but the other accept someth

Re: Problem with JarScanFilter, maybe a bug?

On Mon, Jul 6, 2020 at 5:05 PM Christopher Schultz < ch...@christopherschultz.net> wrote: > -BEGIN PGP SIGNED MESSAGE- > Hash: SHA256 > > Vitor, > > On 7/6/20 15:50, Vitor Medina Cruz wrote: > > On Mon, Jul 6, 2020 at 8:57 AM Mark Thomas > > wrote: > > > >> On 06/07/2020 12:25, Mark Thoma

Re: Problem with JarScanFilter, maybe a bug?

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Vitor, On 7/6/20 15:50, Vitor Medina Cruz wrote: > On Mon, Jul 6, 2020 at 8:57 AM Mark Thomas > wrote: > >> On 06/07/2020 12:25, Mark Thomas wrote: >>> On 03/07/2020 13:40, Vitor Medina Cruz wrote: On Thu, Jul 2, 2020 at 11:21 AM Mark Thomas >

Re: Problem with JarScanFilter, maybe a bug?

On Mon, Jul 6, 2020 at 8:57 AM Mark Thomas wrote: > On 06/07/2020 12:25, Mark Thomas wrote: > > On 03/07/2020 13:40, Vitor Medina Cruz wrote: > >> On Thu, Jul 2, 2020 at 11:21 AM Mark Thomas wrote: > >> > >>> On 02/07/2020 14:14, Vitor Medina Cruz wrote: > On Wed, Jul 1, 2020 at 6:48 PM Mar

Re: Problem with JarScanFilter, maybe a bug?

On 06/07/2020 12:25, Mark Thomas wrote: > On 03/07/2020 13:40, Vitor Medina Cruz wrote: >> On Thu, Jul 2, 2020 at 11:21 AM Mark Thomas wrote: >> >>> On 02/07/2020 14:14, Vitor Medina Cruz wrote: On Wed, Jul 1, 2020 at 6:48 PM Mark Thomas wrote: >>> >>> >>> > @WebFiler, @WebListener and

Re: Problem with JarScanFilter, maybe a bug?

On 03/07/2020 13:40, Vitor Medina Cruz wrote: > On Thu, Jul 2, 2020 at 11:21 AM Mark Thomas wrote: > >> On 02/07/2020 14:14, Vitor Medina Cruz wrote: >>> On Wed, Jul 1, 2020 at 6:48 PM Mark Thomas wrote: >> >> >> @WebFiler, @WebListener and @WebServlet are deployment annotations so sc

Re: Problem with JarScanFilter, maybe a bug?

On Thu, Jul 2, 2020 at 11:21 AM Mark Thomas wrote: > On 02/07/2020 14:14, Vitor Medina Cruz wrote: > > On Wed, Jul 1, 2020 at 6:48 PM Mark Thomas wrote: > > > > >> @WebFiler, @WebListener and @WebServlet are deployment annotations so > >> scanning for these is controlled by the JarScanner. > >>

Re: Problem with JarScanFilter, maybe a bug?

On 02/07/2020 14:14, Vitor Medina Cruz wrote: > On Wed, Jul 1, 2020 at 6:48 PM Mark Thomas wrote: >> @WebFiler, @WebListener and @WebServlet are deployment annotations so >> scanning for these is controlled by the JarScanner. >> >> If an SCI has an @HandlesTypes annotation then all JARs that ar

Re: Problem with JarScanFilter, maybe a bug?

On Wed, Jul 1, 2020 at 6:48 PM Mark Thomas wrote: > On 01/07/2020 20:28, Vitor Medina Cruz wrote: > > On Wed, Jul 1, 2020 at 3:19 PM Mark Thomas wrote: > > > >> On 01/07/2020 18:09, Vitor Medina Cruz wrote: > >>> On Wed, Jul 1, 2020 at 7:46 AM Mark Thomas wrote: > >>> > On 30/06/2020 14:19

Re: Problem with JarScanFilter, maybe a bug?

On 01/07/2020 20:28, Vitor Medina Cruz wrote: > On Wed, Jul 1, 2020 at 3:19 PM Mark Thomas wrote: > >> On 01/07/2020 18:09, Vitor Medina Cruz wrote: >>> On Wed, Jul 1, 2020 at 7:46 AM Mark Thomas wrote: >>> On 30/06/2020 14:19, Vitor Medina Cruz wrote: > Hello, > > I am trying

Re: Problem with JarScanFilter, maybe a bug?

On Wed, Jul 1, 2020 at 3:19 PM Mark Thomas wrote: > On 01/07/2020 18:09, Vitor Medina Cruz wrote: > > On Wed, Jul 1, 2020 at 7:46 AM Mark Thomas wrote: > > > >> On 30/06/2020 14:19, Vitor Medina Cruz wrote: > >>> Hello, > >>> > >>> I am trying to configure Tomcat in a way that it makes SCI scan

Re: Problem with JarScanFilter, maybe a bug?

On 01/07/2020 18:09, Vitor Medina Cruz wrote: > On Wed, Jul 1, 2020 at 7:46 AM Mark Thomas wrote: > >> On 30/06/2020 14:19, Vitor Medina Cruz wrote: >>> Hello, >>> >>> I am trying to configure Tomcat in a way that it makes SCI scan only in >>> jars I explicitly specify to. I followed instruction

Re: Problem with JarScanFilter, maybe a bug?

On Wed, Jul 1, 2020 at 7:46 AM Mark Thomas wrote: > On 30/06/2020 14:19, Vitor Medina Cruz wrote: > > Hello, > > > > I am trying to configure Tomcat in a way that it makes SCI scan only in > > jars I explicitly specify to. I followed instructions from > > https://tomcat.apache.org/tomcat-8.5-doc

Re: Problem with JarScanFilter, maybe a bug?

On 30/06/2020 14:19, Vitor Medina Cruz wrote: > Hello, > > I am trying to configure Tomcat in a way that it makes SCI scan only in > jars I explicitly specify to. I followed instructions from > https://tomcat.apache.org/tomcat-8.5-doc/config/jar-scan-filter.htm, in > both Tomcat 8 and 9, but with

Problem with JarScanFilter, maybe a bug?

Hello, I am trying to configure Tomcat in a way that it makes SCI scan only in jars I explicitly specify to. I followed instructions from https://tomcat.apache.org/tomcat-8.5-doc/config/jar-scan-filter.htm, in both Tomcat 8 and 9, but with no success. I posted a question on stackoverflow that exp

Re: Problem with tomcat connector in IIS using tomcat 9.0.31

Thanks Christopher, Am 12.03.2020 um 16:11 schrieb Christopher Schultz: > The complete new default pattern is: > > > (javax\.servlet\.request\.(cipher_suite|key_size|ssl_session|X509Certifi > cate)|CERT_(ISSUER|SUBJECT|COOKIE|FLAGS|SERIALNUMBER)|HTTPS_(SERVER_SUBJ > ECT|SECRETKEYSIZE|SERVER_ISSUER

Re: Problem with tomcat connector in IIS using tomcat 9.0.31

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Matthias, On 3/12/20 07:19, Matthias Fechner wrote: > Hi Christopher, > > Am 09.03.2020 um 22:50 schrieb Christopher Schultz: >> That's not a super-secure solution. You really should specify a >> correct whitelist pattern instead of "accept all". >

Re: Problem with tomcat connector in IIS using tomcat 9.0.31

Hi Christopher, Am 09.03.2020 um 22:50 schrieb Christopher Schultz: > That's not a super-secure solution. You really should specify a > correct whitelist pattern instead of "accept all". thanks for your comment. You are fully right, but as this seem to will be fixed with the next tomcat version,

Re: Problem with tomcat connector in IIS using tomcat 9.0.31

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Matthias, On 3/9/20 09:43, Matthias Fechner wrote: > Am 04.03.2020 um 09:17 schrieb Martin Grigorov: >> Please read this discussion: >> https://lists.apache.org/thread.html/r9f3a2ea48f2e76f7c092ea2dc4caec7 d15c86f7773281ef6c8cdb817%40%3Cusers.tomcat

Re: Problem with tomcat connector in IIS using tomcat 9.0.31

Am 04.03.2020 um 09:17 schrieb Martin Grigorov: > Please read this discussion: > https://lists.apache.org/thread.html/r9f3a2ea48f2e76f7c092ea2dc4caec7d15c86f7773281ef6c8cdb817%40%3Cusers.tomcat.apache.org%3E > > The problem and a workaround are explai

Re: Problem with tomcat connector in IIS using tomcat 9.0.31

On Wed, Mar 4, 2020 at 10:30 AM Stephen Hames wrote: > Hi Matthias, > > I suspect your issue is: address="::"You probably want > address="0.0.0.0" or the ipv4 IP address that your tomcat instance is > listening on. :: allows any on IPv6, but for IPv4 I suspect that tomcat > would still be l

Re: Problem with tomcat connector in IIS using tomcat 9.0.31

On 04.03.2020 09:30, Stephen Hames wrote: Hi Matthias, I suspect your issue is: address="::"You probably want address="0.0.0.0" or the ipv4 IP address that your tomcat instance is listening on. :: allows any on IPv6, but for IPv4 I suspect that tomcat would still be listening only on 127.0

Re: Problem with tomcat connector in IIS using tomcat 9.0.31

Hi Matthias, I suspect your issue is: address="::"You probably want address="0.0.0.0" or the ipv4 IP address that your tomcat instance is listening on. :: allows any on IPv6, but for IPv4 I suspect that tomcat would still be listening only on 127.0.0.1 Regards, Stephen On Wed, 4 Mar 2020

Re: Problem with tomcat connector in IIS using tomcat 9.0.31

Hi Matthias, Please read this discussion: https://lists.apache.org/thread.html/r9f3a2ea48f2e76f7c092ea2dc4caec7d15c86f7773281ef6c8cdb817%40%3Cusers.tomcat.apache.org%3E The problem and a workaround are explained here: https://lists.apache.org/thread.

Problem with tomcat connector in IIS using tomcat 9.0.31

Dear all, as tomcat version 9.0.31 has some security fixes included I tried to do an upgrade. On the IIS tomcat connector version 1.2.46 is installed. As secret I use a 32 character long alpha numeric string, I name it here token. In the workers.properties I tried to define it on the load bal

Re: Curl problem with reloadSslHostConfigs, Re: Let's Encrypt with Tomcat?

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 James, On 1/8/20 12:35 PM, James H. H. Lampert wrote: > On 1/8/20 5:18 AM, Christopher Schultz wrote: . . . >> Now the URL line becomes (for me, using a management port): >> >> http://localhost:8217/manager/jmxproxy?invoke=Catalina:type%3DProtoco l

Re: Curl problem with reloadSslHostConfigs, Re: Let's Encrypt with Tomcat?

On 1/8/20 5:18 AM, Christopher Schultz wrote: . . . Now the URL line becomes (for me, using a management port): http://localhost:8217/manager/jmxproxy?invoke=Catalina:type%3DProtocolHa ndler,port%3D8215&op=reloadSslHostConfigs . . . Have you configured any elements, or are you using the old-s

Re: Curl problem with reloadSslHostConfigs, Re: Let's Encrypt with Tomcat?

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 James, On 1/7/20 8:24 PM, James H. H. Lampert wrote: > On 1/7/20 4:19 PM, Christopher Schultz wrote: > >> You probably "spelled" something incorrectly. It might be a >> quoting/escaping issue. It might be a literal misspelling/typo. >> >> The JMX

Re: Curl problem with reloadSslHostConfigs, Re: Let's Encrypt with Tomcat?

On 1/7/20 4:19 PM, Christopher Schultz wrote: You probably "spelled" something incorrectly. It might be a quoting/escaping issue. It might be a literal misspelling/typo. The JMXProxyServlet shouldn't NPE like that, though. I'll take a look and see if we can give you a better error message than

Re: Curl problem with reloadSslHostConfigs, Re: Let's Encrypt with Tomcat?

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 James, On 1/7/20 1:33 PM, James H. H. Lampert wrote: > This just gets weirder and weirder. > > I added manager-jmx to the admin account. I continued to get "401 > unauthorized." > > I then tried setting up another user, temporarily, with a > URL-

Re: Curl problem with reloadSslHostConfigs, Re: Let's Encrypt with Tomcat?

This just gets weirder and weirder. I added manager-jmx to the admin account. I continued to get "401 unauthorized." I then tried setting up another user, temporarily, with a URL-friendly user-ID and password. If I just gave that user "manager-gui," I got "403 access denied" instead, regardl

Re: Curl problem with reloadSslHostConfigs, Re: Let's Encrypt with Tomcat?

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 James, On 1/6/20 9:10 PM, James H. H. Lampert wrote: > Dear Mr. Schultz, et al.: > > The manager password on this Tomcat server has an embedded curly > brace, and an embedded question mark. > > If I do this (the names have been changed to protect

Re: Curl problem with reloadSslHostConfigs, Re: Let's Encrypt with Tomcat?

James, > Am 07.01.2020 um 03:11 schrieb James H. H. Lampert : > > Dear Mr. Schultz, et al.: > > The manager password on this Tomcat server has an embedded curly brace, and > an embedded question mark. > > If I do this (the names have been changed to protect the innocent, and the > -k!) > >

Re: Curl problem with reloadSslHostConfigs, Re: Let's Encrypt with Tomcat?

https://stackoverflow.com/questions/17560858/command-prompt-having-trouble-escaping-quotes-and-braces You can use curl -g to turn off globbing: On Tue, 7 Jan 2020, 02:11 James H. H. Lampert, wrote: > Dear Mr. Schultz, et al.: > > The manager password on this Tomcat server has an embedded curly

Curl problem with reloadSslHostConfigs, Re: Let's Encrypt with Tomcat?

Dear Mr. Schultz, et al.: The manager password on this Tomcat server has an embedded curly brace, and an embedded question mark. If I do this (the names have been changed to protect the innocent, and the -k!) curl -k "https://foo:b?a{r@localhost:8443/manager/jmxproxy?invoke=Catalina%3Atyp

Re: CPU gets pegged - Problem with java.util.zip.ZStreamRef

On August 19, 2019 5:27:23 PM UTC, Vinay Singh wrote: >We are seeing this intermittent issue in production. The CPU gets >pegged at 50% (2 core CPU) randomly and it never comes back. Only >option is to restart the server. This is how CPU appears from Dynatrace >https://i.stack.imgur.com/7zxZW.png

CPU gets pegged - Problem with java.util.zip.ZStreamRef

We are seeing this intermittent issue in production. The CPU gets pegged at 50% (2 core CPU) randomly and it never comes back. Only option is to restart the server. This is how CPU appears from Dynatrace https://i.stack.imgur.com/7zxZW.png This is how the thread dump looks when we analyzed throug

Re: Support Request for problem with problem running SSL certificate on tomcat 8

JKS, JCEKS, etc.) *or* the simpler PEM-encoded DER files that e.g. Apache httpd uses. - -chris > On Wednesday, 7 August 2019, 09:07:58 am UTC, logo > wrote: > > Munzer, > > > > Am 2019-08-07 09:19, schrieb Peter Kreuser: >> Hi Munzer, >> >> I guess

Re: Support Request for problem with problem running SSL certificate on tomcat 8

, logo wrote: Munzer, Am 2019-08-07 09:19, schrieb Peter Kreuser: > Hi Munzer, > > I guess we‘re going a slightly awkward way here, but to fix your > problem with the new cert in the first place, you could use this: > > If your keystore is the old proprietary format, co

Re: Support Request for problem with problem running SSL certificate on tomcat 8

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Munzer, On 8/5/19 20:42, Munzer Khatib wrote: > Here are the steps I used to create the keystore and import > certificate to it. These steps look okay, with the exception that Peter (logo) pointed out: you have used two different keystores in your

Re: Problem with OpenSSL cipher suites -what's wrong with this configuration?

Mark, Am 08.08.2019 11:45, schrieb Mark Thomas: On 08/08/2019 10:15, Alten, Jessica-Aileen wrote: Therefore, I guess Tomcat cannot interpret these cipher suites for TLS 1.3. So is this possibly a bug in Tomcat with openSSL 1.1.1c and JDK 8 (again: I am not talking about JSSE here, it can only

Re: Problem with OpenSSL cipher suites -what's wrong with this configuration?

On 08/08/2019 10:15, Alten, Jessica-Aileen wrote: > Therefore, I guess Tomcat cannot interpret these cipher suites for TLS 1.3. > So is this possibly a bug in Tomcat with openSSL 1.1.1c > and JDK 8 (again: I am not talking about JSSE here, it can only do TLS 1.2)? Tomcat supports configuring the

RE: Problem with OpenSSL cipher suites -what's wrong with this configuration?

> > I have a problem with the Tomcat 9.0.22 configuration for TLSv1.3 using > > jdk8u222-b10_openj9-0.15.1 on Windows Server 2016. In principle > > TLSv1.3 works, but I want to specify the allowed cipher suites as well. > > > > The relevant parts of server

Re: Problem with OpenSSL cipher suites -what's wrong with this configuration?

Jessica, Peter Kreuser > Am 07.08.2019 um 14:33 schrieb Alten, Jessica-Aileen > : > > Dear all, > > I have a problem with the Tomcat 9.0.22 configuration for TLSv1.3 using > jdk8u222-b10_openj9-0.15.1 on Windows Server 2016. In principle TLSv1.3 > works, but I wan

Problem with OpenSSL cipher suites -what's wrong with this configuration?

Dear all, I have a problem with the Tomcat 9.0.22 configuration for TLSv1.3 using jdk8u222-b10_openj9-0.15.1 on Windows Server 2016. In principle TLSv1.3 works, but I want to specify the allowed cipher suites as well. The relevant parts of server.xml are

Re: Support Request for problem with problem running SSL certificate on tomcat 8

Munzer, Am 2019-08-07 09:19, schrieb Peter Kreuser: Hi Munzer, I guess we‘re going a slightly awkward way here, but to fix your problem with the new cert in the first place, you could use this: If your keystore is the old proprietary format, convert it to PKCS12: keytool -importkeystore

Re: Support Request for problem with problem running SSL certificate on tomcat 8

Hi Munzer, I guess we‘re going a slightly awkward way here, but to fix your problem with the new cert in the first place, you could use this: If your keystore is the old proprietary format, convert it to PKCS12: keytool -importkeystore -srckeystore keystore.jks -destkeystore keystore.p12

Re: Support Request for problem with problem running SSL certificate on tomcat 8

Hi Peter I dont have the private key file. That is created when I create the keystore. I dont know if it can be extracted. Munzer On Tuesday, 6 August 2019, 4:35:51 PM UTC, Peter Kreuser wrote: Hi, > Am 06.08.2019 um 02:42 schrieb Munzer Khatib : > > Hi > Can you help me with this p

Re: Support Request for problem with problem running SSL certificate on tomcat 8

Hi, > Am 06.08.2019 um 02:42 schrieb Munzer Khatib : > > Hi > Can you help me with this problem. > Problem: Installing SSL certificate on Apache Tomcat 8.0.36 fails > I am trying to install a new SSL certificate into Apache tomcat 8.0.36.I ran > same steps ran successfully in 2013 and 2016 on t

Support Request for problem with problem running SSL certificate on tomcat 8

Hi Can you help me with this problem. Problem: Installing SSL certificate on Apache Tomcat 8.0.36 fails I am trying to install a new SSL certificate into Apache tomcat 8.0.36.I ran same steps ran successfully in 2013 and 2016 on tomcat 7. Nothing changed other than moving the virtual machine fro

Re: Is there a problem with the digest?

ESMTPSA id 59E274447 for ; Thu, 18 Apr 2019 11:12:24 + (UTC) Subject: Re: Is there a problem with the digest? To: users@tomcat.apache.org References: From: Mark Thomas Openpgp: preference=signencrypt Autocrypt: addr=ma...@apache.org; prefer-encrypt=mut

Re: Is there a problem with the digest?

On 17/04/2019 19:28, Richard Huntrods wrote: > Nothing changed since before your server crashed to after, and I've > checked all junk and spam filters. > > I am still not receiving any of the digests anymore. Are the digests > even being sent out? Yes they are. Looking in the logs I see a bunch o

Re: Is there a problem with the digest?

Nothing changed since before your server crashed to after, and I've checked all junk and spam filters. I am still not receiving any of the digests anymore. Are the digests even being sent out? Thanks, -R On 12/04/2019 16:32, Mark Thomas wrote: > On 12/04/2019 16:29, Mark Thomas wrote: >> W

Re: Is there a problem with the digest?

On 12/04/2019 16:32, Mark Thomas wrote: On 12/04/2019 16:29, Mark Thomas wrote: Which address did you use to subscribe to the digest list? It wasn't this one... Ignore that. ezmlm cmd line error on my part. I see your digest subscription in the logs from this address. Hmmm. Let me go and dig

Re: Is there a problem with the digest?

est since (I subscribed >>> to the digest), yet I found a reply on the digest archive by searching >>> with Google. >>> >>> So again... is there a problem with digest emails? I have no spam >>> filters enabled and there's nothing in a junk or trash folder

Re: Is there a problem with the digest?

. I posted a question on April 9, and no digest since (I subscribed >> to the digest), yet I found a reply on the digest archive by searching >> with Google. >> >> So again... is there a problem with digest emails? I have no spam >> filters enabled and there's not

Re: Is there a problem with the digest?

che.org/lists.html#tomcat-users So again... is there a problem with digest emails? I have no spam filters enabled and there's nothing in a junk or trash folder. I also tried sending a blank email to users-digest-h...@tomcat.apache.org yesterday and no reply from that either. I never tried send

Re: Is there a problem with the digest?

> with Google. > > So again... is there a problem with digest emails? I have no spam > filters enabled and there's nothing in a junk or trash folder. > > I also tried sending a blank email to > users-digest-h...@tomcat.apache.org yesterday and no reply from that > eit

Re: Is there a problem with the digest?

ching > with Google. Why Google? The are several public archives of this mailing list, as listed here: https://tomcat.apache.org/lists.html#tomcat-users > So again... is there a problem with digest emails? I have no spam > filters enabled and there's nothing in a junk or trash fol

Is there a problem with the digest?

It's been four days since I've seen a 'users-dig...@tomcat.apache.org' email. I posted a question on April 9, and no digest since (I subscribed to the digest), yet I found a reply on the digest archive by searching with Google. So again... is there a problem with digest em

  1   2   3   4   5   6   7   8   9   10   >