Question for verification

2021-08-06 Thread jonmcalexander
Verifying an assumption. All modern versions of Tomcat (8.5 and above) are compatible with Java 11. Thanks in advance Dream * Excel * Explore * Inspire Jon McAlexander Infrastructure Engineer Asst Vice President Middleware Product Engineering Enterprise CIO | Platform Services | Middleware | In

RE: Question for verification

2021-08-06 Thread jonmcalexander
Doh Thanks! Dream * Excel * Explore * Inspire Jon McAlexander Infrastructure Engineer Asst Vice President Middleware Product Engineering Enterprise CIO | Platform Services | Middleware | Infrastructure Solutions 8080 Cobblestone Rd | Urbandale, IA 50322 MAC: F4469-010 Tel 515-988-2508 | Cel

UserDatabaseRealm and DIGEST

2021-08-24 Thread jonmcalexander
Ok, so I've been reading thru the documentation on DIGEST but not entirely sure I have it right. What is the best practice for DIGEST and what algorithms are allowed, such as is sha-256 allowed? Thanks, Dream * Excel * Explore * Inspire Jon McAlexander Infrastructure Engineer Asst Vice Presiden

RE: UserDatabaseRealm and DIGEST

2021-08-24 Thread jonmcalexander
> -Original Message- > From: Mark Thomas > Sent: Tuesday, August 24, 2021 11:41 AM > To: users@tomcat.apache.org > Subject: Re: UserDatabaseRealm and DIGEST > > On 24/08/2021 17:28, jonmcalexan...@wellsfargo.com.INVALID wrote: > > Ok, so I've been reading thru the documentation on DIGEST

RE: UserDatabaseRealm and DIGEST

2021-08-24 Thread jonmcalexander
Chris, > -Original Message- > From: Christopher Schultz > Sent: Tuesday, August 24, 2021 5:52 PM > To: users@tomcat.apache.org > Subject: Re: UserDatabaseRealm and DIGEST > > Jon, > > On 8/24/21 12:53, jonmcalexan...@wellsfargo.com.INVALID wrote: > >> -Original Message- > >> Fro

RE: UserDatabaseRealm and DIGEST

2021-08-26 Thread jonmcalexander
Thank you Chris! Dream * Excel * Explore * Inspire Jon McAlexander Infrastructure Engineer Asst Vice President Middleware Product Engineering Enterprise CIO | EAS | Middleware | Infrastructure Solutions 8080 Cobblestone Rd | Urbandale, IA 50322 MAC: F4469-010 Tel 515-988-2508 | Cell 515-988-2508

Interesting log capability request

2021-10-07 Thread jonmcalexander
I have an app team that wants to know if it's possible to capture how long the Tomcat Shutdown takes? I don't think there is without modifying something in the Catalina.sh under the Stop section, but wondering if there is something already built in. Thanks, Dream * Excel * Explore * Inspire Jo

RE: Interesting log capability request

2021-10-07 Thread jonmcalexander
> -Original Message- > From: Robert Hicks > Sent: Thursday, October 7, 2021 2:23 PM > To: Tomcat Users List > Subject: Re: Interesting log capability request > > The catalina.out log should capture that information already, right? > > This is what I see when I shutdown my barebones Tomc

RE: Tomcat 8.5.37 is automatically redeploying apps on every Saturday

2021-10-15 Thread jonmcalexander
> -Original Message- > From: Shekhar Naidu > Sent: Friday, October 15, 2021 7:45 AM > To: users@tomcat.apache.org > Subject: Tomcat 8.5.37 is automatically redeploying apps on every Saturday > > Hi all, > > > We are seeing a weird behavior in our new Linux environments. Since we > >> mig

Strange Oracle JDBC Driver error on Application Deployment

2021-11-02 Thread jonmcalexander
I have an application team that is getting the following stack trace while starting Tomcat 8.5.70. I've done some searching but can't find anything. In looking at their context.xml it appears that they have jmxEnabled="false" in each of the resources. Any assistance would be grand. Thanks, ==

RE: Strange Oracle JDBC Driver error on Application Deployment

2021-11-03 Thread jonmcalexander
Hmmm...strange. I've gone thru their configuration and modified it to match up with our strategy of using separate HOME and BASE locations. I've had them get rid of duplicate jar files from BASE that are in HOME. Only 1-off is the Oracle JDBC jar. I do need to see if they have "cleared cache" an

RE: Strange Oracle JDBC Driver error on Application Deployment

2021-11-03 Thread jonmcalexander
Thanks Mark E.! Dream * Excel * Explore * Inspire Jon McAlexander Infrastructure Engineer Asst Vice President Middleware Product Engineering Enterprise CIO | EAS | Middleware | Infrastructure Solutions 8080 Cobblestone Rd | Urbandale, IA 50322 MAC: F4469-010 Tel 515-988-2508 | Cell 515-988-2508

RE: How to *properly* create and use a CATALINA_BASE installation

2021-11-15 Thread jonmcalexander
Files Required in CATALINA_BASE: bin Only shell scripts or batch files. Make sure that setenv.sh or setenv.bat sets and passes the CATALINA_BASE and CATALINA_HOME locations properly. conf All of the conf files. lib Only .jar files needed by your Instance, not necessaril

RE: How to *properly* create and use a CATALINA_BASE installation

2021-11-16 Thread jonmcalexander
Hey Michael, I too would like to know more of what Chris is sa­ying in regards to the conf folder. Thanks, Sent with BlackBerry Work (www.blackberry.com) From: Michael B Allen Sent: Nov 15, 2021 4:24 PM To: Tomcat Users List Subject: Re: How to *properly* cre

RE: How to *properly* create and use a CATALINA_BASE installation

2021-11-16 Thread jonmcalexander
I meant the other configuration files. I guess I haven't dug deep enough, but DOES Tomcat handle the catalina.properties, catalina.policy, logging.properties, etc. files hierarchically similar to how Microsoft handles web.config files? CATALINA_HOME being the parent and Instances automatically

RE: How to *properly* create and use a CATALINA_BASE installation

2021-11-17 Thread jonmcalexander
Thanks for the info Chris! Dream * Excel * Explore * Inspire Jon McAlexander Infrastructure Engineer Asst Vice President Middleware Product Engineering Enterprise CIO | EAS | Middleware | Infrastructure Solutions 8080 Cobblestone Rd | Urbandale, IA 50322 MAC: F4469-010 Tel 515-988-2508 | Cell 51

RE: How to *properly* create and use a CATALINA_BASE installation

2021-11-17 Thread jonmcalexander
Michael, -Original Message- > From: Christopher Schultz > Sent: Wednesday, November 17, 2021 9:43 AM > To: users@tomcat.apache.org > Subject: Re: How to *properly* create and use a CATALINA_BASE installation > > Michael, > > On 11/16/21 17:05, Michael B Allen wrote: > >> > https://urlde

RE: [ANN] Apache Tomcat 8.5.73 available

2021-11-17 Thread jonmcalexander
http://tomcat.apache.org/tomcat-8.5-doc/changelog.html Dream * Excel * Explore * Inspire Jon McAlexander Infrastructure Engineer Asst Vice President Middleware Product Engineering Enterprise CIO | EAS | Middleware | Infrastructure Solutions 8080 Cobblestone Rd | Urbandale, IA 50322 MAC: F4469-0

RE: [ANN] Apache Tomcat 8.5.73 available

2021-11-17 Thread jonmcalexander
Please ignore this Dream * Excel * Explore * Inspire Jon McAlexander Infrastructure Engineer Asst Vice President Middleware Product Engineering Enterprise CIO | EAS | Middleware | Infrastructure Solutions 8080 Cobblestone Rd | Urbandale, IA 50322 MAC: F4469-010 Tel 515-988-2508 | Cell 515-988-25

RE: How to *properly* create and use a CATALINA_BASE installation

2021-11-17 Thread jonmcalexander
We export it. You have to make sure the setenv.sh is calling setenv.sh. it works fine for me.­ Thanks, Sent with BlackBerry Work (www.blackberry.com) From: Michael B Allen Sent: Nov 17, 2021 6:54 PM To: Tomcat Users List Subject: Re: How to *properly* create

RE: How to *properly* create and use a CATALINA_BASE installation

2021-11-17 Thread jonmcalexander
Sorry about my bad reply order. Mark, you do a lot of what I do, but most of our stuff isn't using initd. I like your use of links, best way to handle upgrades, imo.­ Thanks, Sent with BlackBerry Work (www.blackberry.com) From: Mark Eggers Sent: Nov 17, 2021

RE: How to *properly* create and use a CATALINA_BASE installation

2021-11-17 Thread jonmcalexander
Yeah, we love our symbolic links here, Ix and Windows. Thanks, Sent with BlackBerry Work (www.blackberry.com) From: Michael B Allen Sent: Nov 17, 2021 9:17 PM To: Tomcat Users List Subject: Re: How to *properly* create and use a CATALINA_BASE installation On Wed, Nov 17, 2021 at 9:05 PM Mar

RE: Updating Tomcat on an Amazon Linux 2 EC2 instance?

2021-12-08 Thread jonmcalexander
I think it's going to come down to how the 8.5.58 was installed. Was it via an rpm or zip file? I have used both methods and you should be able to install the 8.5.73 without affecting the 8.5.58. If you are using a separated CATALINA_BASE and CATALINA_HOME, then updating your configuration shoul

Disable a library in Tomcat configuration

2021-12-10 Thread jonmcalexander
Is there a way to forcibly prevent a library from loading in Tomcat during startup that will also prevent an app from loading the library? Trying to find­ a way to block vulnerabilities. Thanks, Sent with BlackBerry Work (www.blackberry.com)

RE: CVE-2021-44228 Log4j 2 Vulnerability -- How does this affect Tomcat?

2021-12-10 Thread jonmcalexander
If you aren't able to get the "fixed" version of the jar that fixes the vulnerability, I would suggest adding this to your Java Options for Tomcat: -Dlog4j2.formatMsgNoLookups=true Thanks, Dream * Excel * Explore * Inspire Jon McAlexander Infrastructure Engineer Asst Vice President Middleware

RE: Disable a library in Tomcat configuration

2021-12-11 Thread jonmcalexander
Thanks Mark­ Thanks, Sent with BlackBerry Work (www.blackberry.com) From: Mark Thomas Sent: Dec 11, 2021 2:23 AM To: users@tomcat.apache.org Subject: Re: Disable a library in Tomcat configuration On 11/12/2021 02:02, jonmcalexan...@wellsfargo.com.INVALID wrote

log4j CVE general question

2021-12-13 Thread jonmcalexander
So, based on these entries on the log4j apache pages, I can't see that any 1x product is vulnerable. Mark, is there some message from Apache that we can share with those that need to know that for certain 1x log4j is NOT vulnerable? News CVE-2021-44228 The Log4j team has been made aware of a s

RE: log4j CVE general question

2021-12-13 Thread jonmcalexander
I understand Chris. I guess I was looking to see if he had contact info for anyone on that particular project. I know it's not like a "company". Thanks though! Dream * Excel * Explore * Inspire Jon McAlexander Infrastructure Engineer Asst Vice President Middleware Product Engineering Enterpris

RE: log4j CVE general question

2021-12-13 Thread jonmcalexander
Ok, so I have been given clearance to share the stance that we are taking with log4j. We have contacted Apache Security and are awaiting a response. Before making a final decision around log4j 1.x, consider the following: -Initially, 1.x wasn’t assessed for the vulnerability, because, it is end

RE: How to Upgrade tomcat from 8.5.23 to 8.5.73 | windows r2 2008 server

2022-02-07 Thread jonmcalexander
The way I suggest ­is to do this: First Time 1. Install new version side-by-side. 2. Separate CATALINA_BASE and CATALUNA_HOME. 3. Create a symbolic link for CATALINA_HOME. 4. Make the necessary changes to config files, make sure the CATALINA_BASE lib only contains the jar files for your applica

RE: How to Upgrade tomcat from 8.5.23 to 8.5.73 | windows r2 2008 server

2022-02-07 Thread jonmcalexander
Note, this is if on Windows. Linux/Unix is similar without the service part.­ Thanks, Sent with BlackBerry Work (www.blackberry.com) From: jonmcalexan...@wellsfargo.com.INVALID Sent: Feb 7, 2022 8:48 AM To: users@tomcat.apache.org Subject: RE: How to Upgrade tom

RE: How to Upgrade tomcat from 8.5.23 to 8.5.73 | windows r2 2008 server

2022-02-07 Thread jonmcalexander
> -Original Message- > From: Christopher Schultz > Sent: Monday, February 7, 2022 2:32 PM > To: users@tomcat.apache.org > Subject: Re: How to Upgrade tomcat from 8.5.23 to 8.5.73 | windows r2 2008 > server > > Rakesh, > > On 2/6/22 14:52, rakesh meka wrote: > > Greetings of the day. Hope

RE: How to Upgrade tomcat from 8.5.23 to 8.5.73 | windows r2 2008 server

2022-02-08 Thread jonmcalexander
Hey, I look up to you, Mark, and Rémy. Just trying to make sure I understand, so that when I grow up I might be as good as you 3. :-) Dream * Excel * Explore * Inspire Jon McAlexander Infrastructure Engineer Asst Vice President Middleware Product Engineering Enterprise CIO | EAS | Middleware |

RE: Tomcat 9 cannot start on windows 10 as service

2022-02-08 Thread jonmcalexander
> -Original Message- > From: W > Sent: Tuesday, February 8, 2022 10:36 PM > To: users@tomcat.apache.org > Subject: Tomcat 9 can not start on windows 10 as service > > Hi, > I install tomcat 9 using downloaded installation package. It was installed > successfully. I made tomcat manager wor

Duplicate accept detected. This is a known OS bug.

2022-02-09 Thread jonmcalexander
Hi all, I have an application team occasionally getting the following exception with their application. They are currently using Tomcat 9.0.56. I'm not finding much on the intertubes in regards to this. Does anyone have any information? org.apache.tomcat.util.net.Acceptor run SEVERE: Socket acc

RE: clearReferencesThreads issues warning about 2 threads, spawned by JDK in printing components

2022-02-09 Thread jonmcalexander
Thanks Mark, Unfortunately the URL in the error gets blocked by our security, so I looked it up on my home system now. Dream * Excel * Explore * Inspire Jon McAlexander Infrastructure Engineer Asst Vice President Middleware Product Engineering Enterprise CIO | EAS | Middleware | Infrastructur

RE: Duplicate accept detected. This is a known OS bug.

2022-02-09 Thread jonmcalexander
Thanks Mark, This team is has Some of the apps running on PCF and also running both JAVA 8 and JAVA 11. This is using Oracle Java on RHEL 7.9. In reading through the activity log on the bug report, it appears that it's being seen on multiple Linux distros as well as on Windows. This feels like

RE: Duplicate accept detected. This is a known OS bug.

2022-02-09 Thread jonmcalexander
Thank you! Dream * Excel * Explore * Inspire Jon McAlexander Infrastructure Engineer Asst Vice President Middleware Product Engineering Enterprise CIO | EAS | Middleware | Infrastructure Solutions 8080 Cobblestone Rd | Urbandale, IA 50322 MAC: F4469-010 Tel 515-988-2508 | Cell 515-988-2508 jonm

RE: Maybe a stupid (Windows related) question

2022-03-22 Thread jonmcalexander
> -Original Message- > From: Rony G. Flatscher (Apache) > Sent: Tuesday, March 22, 2022 12:21 PM > To: users@tomcat.apache.org > Subject: Maybe a stupid (Windows related) question > > For debugging purposes I downloaded the zip-version of Tomcat 10.0.18 and > start it up using %CATALINA_H

Possibly Silly Question

2022-03-25 Thread jonmcalexander
Good morning, Doing some history research, but was there EVER a released version 1x or 2x of Tomcat? IF so, what version numbers had been out there, once upon a time ago? Thank you, Dream * Excel * Explore * Inspire Jon McAlexander Infrastructure Engineer Asst Vice President He/His Middleware

RE: Possibly Silly Question

2022-03-25 Thread jonmcalexander
That is what I thought, but I just wanted to make sure. Have some dubious data from Flexera around Tomcat versions. Thanks, Dream * Excel * Explore * Inspire Jon McAlexander Infrastructure Engineer Asst Vice President He/His Middleware Product Engineering Enterprise CIO | EAS | Middleware | Inf

RE: Possibly Silly Question

2022-03-28 Thread jonmcalexander
Thanks as always Chris! Dream * Excel * Explore * Inspire Jon McAlexander Infrastructure Engineer Asst Vice President He/His Middleware Product Engineering Enterprise CIO | EAS | Middleware | Infrastructure Solutions 8080 Cobblestone Rd | Urbandale, IA 50322 MAC: F4469-010 Tel 515-988-2508 | Cel

RE: Possibly Silly Question

2022-03-28 Thread jonmcalexander
Thanks for the info Konstantin! Dream * Excel * Explore * Inspire Jon McAlexander Infrastructure Engineer Asst Vice President He/His Middleware Product Engineering Enterprise CIO | EAS | Middleware | Infrastructure Solutions 8080 Cobblestone Rd | Urbandale, IA 50322 MAC: F4469-010 Tel 515-988-25

RE: Tomcat ownership changed spontaneously

2022-04-05 Thread jonmcalexander
This is another reason why separating CATALINA_HOME from CATALINA_BASE is a good thing. Dream * Excel * Explore * Inspire Jon McAlexander Infrastructure Engineer Asst Vice President He/His Middleware Product Engineering Enterprise CIO | EAS | Middleware | Infrastructure Solutions 8080 Cobblesto

RE: [ANN] Apache Tomcat 9.0.63 available

2022-05-16 Thread jonmcalexander
Is there any news around 8.5 next release?­ Thanks, Sent with BlackBerry Work (www.blackberry.com) From: Rémy Maucherat Sent: May 16, 2022 7:41 AM To: Tomcat Developers List ; Tomcat Users List ; annou...@tomcat.apache.org; annou...@apache.org Subject: [ANN] A

RE: Encryption of Tomcat AJP

2022-05-19 Thread jonmcalexander
> -Original Message- > From: Brian Eller > Sent: Thursday, May 19, 2022 9:29 AM > To: Tomcat Users List > Subject: RE: Encryption of Tomcat AJP > > TRADING PARTNER > > Thank you Mark, > > My vendor supports AJP but, I don't know if they support > mod_http_proxy. This is a embe

RE: [ANN] ApacheCon NA 2022 in New Orleans, 3-6 Oct 2022, CFP is OPEN!

2022-05-23 Thread jonmcalexander
> -Original Message- > From: Christopher Schultz > Sent: Monday, May 23, 2022 2:37 PM > To: Tomcat Users List ; Coty Sutherland > > Cc: Tomcat Developers List > Subject: Re: [ANN] ApacheCon NA 2022 in New Orleans, 3-6 Oct 2022, CFP is > OPEN! > Importance: High > > Coty, > > On 5/23/2

RE: [ANN] ApacheCon NA 2022 in New Orleans, 3-6 Oct 2022, CFP is OPEN!

2022-05-23 Thread jonmcalexander
Understood. I'm willing to give it a try if you want to sign me up, but I have to do it virtual. Traveling is not possible for me. Let me know please. Dream * Excel * Explore * Inspire Jon McAlexander Senior Infrastructure Engineer Asst. Vice President He/His Middleware Product Engineering Ent

RE: [ANN] ApacheCon NA 2022 in New Orleans, 3-6 Oct 2022, CFP is OPEN!

2022-05-23 Thread jonmcalexander
Ah, ok. I understand. :-) It may be something to consider for the future, for those of us with disabilities. :-) Dream * Excel * Explore * Inspire Jon McAlexander Senior Infrastructure Engineer Asst. Vice President He/His Middleware Product Engineering Enterprise CIO | EAS | Middleware | Infrast

Question regarding Tomcat and Apache HTTPD Mod-proxy over SSL

2022-06-02 Thread jonmcalexander
I'm trying to figure out if there is a way to use certificates between Tomcat and Apache for mutual authentication of the mod-proxy connection to Tomcat. This would be similar as to how you can setup the WebSphere plugin to communicate with WebSphere over a mutually secured connection. Is this p

RE: Question regarding Tomcat and Apache HTTPD Mod-proxy over SSL [EXTERNAL]

2022-06-02 Thread jonmcalexander
That was my thought also, but wouldn’t that then require the end-users to also have certificates? Or would it just be Apache HTTPD? Basically the end users connection terminates at the proxy, and the proxy uses its own connection to pass it thru. Is that right? Dream * Excel * Explore * Inspire

RE: Question regarding Tomcat and Apache HTTPD Mod-proxy over SSL [EXTERNAL]

2022-06-02 Thread jonmcalexander
Ok, so in short ots not possible to mutually authenticate the mod-proxy and a tomcat connector, correct? ­ I'm needing to convert an ajp configuration to mod-proxy, but a security architect wants the other as well. Thanks, Sent with BlackBerry Work (www.blackberry.com) __

RE: Question regarding Tomcat and Apache HTTPD Mod-proxy over SSL [EXTERNAL]

2022-06-03 Thread jonmcalexander
Thank you as always Mark and all! Dream * Excel * Explore * Inspire Jon McAlexander Senior Infrastructure Engineer Asst. Vice President He/His Middleware Product Engineering Enterprise CIO | EAS | Middleware | Infrastructure Solutions 8080 Cobblestone Rd | Urbandale, IA 50322 MAC: F4469-010 Tel

RE: SSL handshake failure logs required for auditing purpose

2022-07-07 Thread jonmcalexander
Tre's Bueno! Dream * Excel * Explore * Inspire Jon McAlexander Senior Infrastructure Engineer Asst. Vice President He/His Middleware Product Engineering Enterprise CIO | EAS | Middleware | Infrastructure Solutions 8080 Cobblestone Rd | Urbandale, IA 50322 MAC: F4469-010 Tel 515-988-2508 | Cell 5

[OT] issues with Tomcat to Siteminder communication post mod-proxy setup

2022-07-08 Thread jonmcalexander
Chris, Moving this discussion to here. Yes, it appears that I broke something when setting up the Tomcat Connector for the mod-proxy that is now affecting, somehow, the SSL communication with the Site Minder services. Here is the connector we added below. Temporarily have set certificateVerific

RE: [OT] issues with Tomcat to Siteminder communication post mod-proxy setup

2022-07-12 Thread jonmcalexander
I'm wondering if it is having to do with the SMSESSION cookie not getting passed correctly. Still trying to figure this one out. Thanks, Dream * Excel * Explore * Inspire Jon McAlexander Senior Infrastructure Engineer Asst. Vice President He/His Middleware Product Engineering Enterprise CIO | E

RE: [OT] issues with Tomcat to Siteminder communication post mod-proxy setup

2022-07-13 Thread jonmcalexander
Here is the error we are getting. The login form, hosted by Tomcat, does a POST to the /login/login.fcc for siteminder which is on the HTTPD server and is not behind the proxypass or proxypassreverse. javax.net.ssl|DEBUG|96|https-jsse-nio-8305-exec-1|2022-07-12 13:12:49.399 PDT|SSLSocketImpl.ja

RE: [OT] issues with Tomcat to Siteminder communication post mod-proxy setup

2022-07-13 Thread jonmcalexander
Could this potentially be caused by But not using Tomcat Native? Thanks, Dream * Excel * Explore * Inspire Jon McAlexander Senior Infrastructure Engineer Asst. Vice President He/His Middleware Product Engineering Enterprise CIO | EAS | Middleware | Infrastructure Solutions 8080 Cobbl

TLS Weak Cipher Keys for Key Exchange.

2022-07-20 Thread jonmcalexander
Good afternoon. Recently a new Qualys QID vulnerability was released, QID: 38863 - Cryptographically Weak Key Exchange Size, which deals with weak cipher key exchange key values. I know that we can add a cipher list in the TLS Connector in the server.xml, but is there a way to specify a Key siz

RE: TLS Weak Cipher Keys for Key Exchange.

2022-07-20 Thread jonmcalexander
To possibly answer my own question, it appears that this can be done on the java command line: set the system property jdk.security.defaultKeySize with the algorithm and its desired default key size. For example, to test a DSA default keysize of 2048, specify "‑Djdk.security.defaultKeySize=DSA:

RE: Apache Tomcat 8.5.82 Release Date

2022-08-02 Thread jonmcalexander
Love it Chris! Dream * Excel * Explore * Inspire Jon McAlexander Senior Infrastructure Engineer Asst. Vice President He/His Middleware Product Engineering Enterprise CIO | EAS | Middleware | Infrastructure Solutions 8080 Cobblestone Rd | Urbandale, IA 50322 MAC: F4469-010 Tel 515-988-2508 | Cell

Simple SSL question

2022-08-10 Thread jonmcalexander
Ok, I'm asking a rather simple, stupid (in my opinion) question, but here goes: What is the best practice form of connector for SSL. Is it the old-school coyote connector or the connector with the section? Are the two interchangeable, or does the SSLHostConfig one rely on openssl and won't wor

RE: Simple SSL question

2022-08-10 Thread jonmcalexander
Thanks Mark!!! > -Original Message- > From: Mark Thomas > Sent: Wednesday, August 10, 2022 2:43 PM > To: users@tomcat.apache.org > Subject: Re: Simple SSL question > > On 10/08/2022 19:22, jonmcalexan...@wellsfargo.com.INVALID wrote: > > Ok, I'm asking a rather simple, stupid (in my opin

RE: Simple SSL question

2022-08-11 Thread jonmcalexander
Is there a "name" for the new connector style? The old is known as the Coyote Connector. Thanks again! Dream * Excel * Explore * Inspire Jon McAlexander Senior Infrastructure Engineer Asst. Vice President He/His Middleware Product Engineering Enterprise CIO | EAS | Middleware | Infrastructure S

RE: Simple SSL question

2022-08-11 Thread jonmcalexander
Thanks Chris, I was just wondering if there was a vanity name for the "new" structure is all, to differentiate in documentation. Thanks, Dream * Excel * Explore * Inspire Jon McAlexander Senior Infrastructure Engineer Asst. Vice President He/His Middleware Product Engineering Enterprise CIO |

RE: Simple SSL question

2022-08-11 Thread jonmcalexander
Peter, Yes, that WOULD be a good thing. That and some examples of implementing the new COOL stuff like configure TLS virtual hosting with SNI, would be very helpful. Dream * Excel * Explore * Inspire Jon McAlexander Senior Infrastructure Engineer Asst. Vice President He/His Middleware Product

RE: Simple SSL question

2022-08-11 Thread jonmcalexander
Thank you! Dream * Excel * Explore * Inspire Jon McAlexander Senior Infrastructure Engineer Asst. Vice President He/His Middleware Product Engineering Enterprise CIO | EAS | Middleware | Infrastructure Solutions 8080 Cobblestone Rd | Urbandale, IA 50322 MAC: F4469-010 Tel 515-988-2508 | Cell 515

RE: [ANN] New committer: Han Li

2022-09-06 Thread jonmcalexander
Congratulations Han! Dream * Excel * Explore * Inspire Jon McAlexander Senior Infrastructure Engineer Asst. Vice President He/His Middleware Product Engineering Enterprise CIO | EAS | Middleware | Infrastructure Solutions 8080 Cobblestone Rd | Urbandale, IA 50322 MAC: F4469-010 Tel 515-988-2508

OT: Question about TomcatX.exe files

2022-09-28 Thread jonmcalexander
Ok, this is a silly off-topic question, but is there an underlying reason that the wrapper exe files for Windows Tomcat do not reflect the same file version as the implementation version found in the manifest of the bootstrap.jar? That version info matching the release version of the Tomcat rele

RE: OT: Question about TomcatX.exe files

2022-09-28 Thread jonmcalexander
Thank you Mark. I mainly wanted to have answers for when I will be invariably questioned about it. :-). I knew about the naming, but understand that these aren't recompiled for each release, so modifying the version wouldn't work. (file/properties) Thanks, Dream * Excel * Explore * Inspire Jon

RE: OT: Question about TomcatX.exe files

2022-09-29 Thread jonmcalexander
Thank you for the additional information André Dream * Excel * Explore * Inspire Jon McAlexander Senior Infrastructure Engineer Asst. Vice President He/His Middleware Product Engineering Enterprise CIO | EAS | Middleware | Infrastructure Solutions 8080 Cobblestone Rd | Urbandale, IA 50322 MAC: F

RE: [ANN] Apache Tomcat 9.0.67 available

2022-09-29 Thread jonmcalexander
Does this also affect the 10.1.0 (stable) version? Dream * Excel * Explore * Inspire Jon McAlexander Senior Infrastructure Engineer Asst. Vice President He/His Middleware Product Engineering Enterprise CIO | EAS | Middleware | Infrastructure Solutions 8080 Cobblestone Rd | Urbandale, IA 50322 MA

RE: [ANN] Apache Tomcat 9.0.67 available

2022-09-29 Thread jonmcalexander
Thank you sir! Dream * Excel * Explore * Inspire Jon McAlexander Senior Infrastructure Engineer Asst. Vice President He/His Middleware Product Engineering Enterprise CIO | EAS | Middleware | Infrastructure Solutions 8080 Cobblestone Rd | Urbandale, IA 50322 MAC: F4469-010 Tel 515-988-2508 | Cell

OT: Question on manager app in distro

2022-10-07 Thread jonmcalexander
Ok, so here I am again with a question that some may roll their eyes at. :) If I wanted to possibly take parts of the manager application that comes with Tomcat and put bits and pieces together for an internal utility app (status stuff only), or figure out how it's done. Where would I find the c

RE: OT: Question on manager app in distro

2022-10-08 Thread jonmcalexander
Thank you Chuck! Thanks, Sent with BlackBerry Work (www.blackberry.com) From: Chuck Caldarale Sent: Oct 7, 2022 9:15 PM To: Tomcat Users List Subject: Re: OT: Question on manager app in distro > On 2022 Oct 7, at 19:10, > wrote: > > If I wanted to possibl

RE: OT: Question on manager app in distro

2022-10-08 Thread jonmcalexander
Thanks! Thanks, Sent with BlackBerry Work (www.blackberry.com) From: Chuck Caldarale Sent: Oct 8, 2022 8:57 AM To: Tomcat Users List Subject: Re: OT: Question on manager app in distro > On 2022 Oct 7, at 21:13, Chuck Caldarale wrote: > > >> On 2022 Oct 7, a

Tomcat 10.1.1 error starting

2022-10-20 Thread jonmcalexander
Good morning, I am getting the following error when trying to start a very generic setup of Tomcat 10.1.1 on Windows Server 2019. Error: A JNI error has occurred, please check your installation and try again Exception in thread "main" java.lang.UnsupportedClassVersionError: org/apache/catalina/

RE: Tomcat 10.1.1 error starting

2022-10-20 Thread jonmcalexander
Ok, thanks Peter. I looked at the running.txt to see if it mentioned a Java version minimum and it stated Java 8, so it confused me. I'll try with Java 11. Dream * Excel * Explore * Inspire Jon McAlexander Senior Infrastructure Engineer Asst. Vice President He/His Middleware Product Engineering

RE: Tomcat 10.1.1 error starting

2022-10-20 Thread jonmcalexander
Thank you and Noted! Dream * Excel * Explore * Inspire Jon McAlexander Senior Infrastructure Engineer Asst. Vice President He/His Middleware Product Engineering Enterprise CIO | EAS | Middleware | Infrastructure Solutions 8080 Cobblestone Rd | Urbandale, IA 50322 MAC: F4469-010 Tel 515-988-2508

RE: Tomcat 10.1.1 error starting

2022-10-20 Thread jonmcalexander
Awesome Possum! Dream * Excel * Explore * Inspire Jon McAlexander Senior Infrastructure Engineer Asst. Vice President He/His Middleware Product Engineering Enterprise CIO | EAS | Middleware | Infrastructure Solutions 8080 Cobblestone Rd | Urbandale, IA 50322 MAC: F4469-010 Tel 515-988-2508 | Cel

RE: Mod_JK vs Mod_Proxy

2022-12-06 Thread jonmcalexander
IMHO, switching to mod_proxy, and using it over SSL, is by far better than using mod_jk or mod_ajp, primarily as mod_proxy allows for secure proxy connection, whereas mod_jk and mod_ajp aren't "secure" as they are not encrypted channels. Again, just my .02 worth. Dream * Excel * Explore * Insp

RE: Mod_JK vs Mod_Proxy

2022-12-06 Thread jonmcalexander
What, pray tell, is an encrypted AJP connection? Are you talking AJP over an SSH Tunnel (Stunnel)? Dream * Excel * Explore * Inspire Jon McAlexander Senior Infrastructure Engineer Asst. Vice President He/His Middleware Product Engineering Enterprise CIO | EAS | Middleware | Infrastructure Soluti

RE: Mod_JK vs Mod_Proxy

2022-12-07 Thread jonmcalexander
I get it and agree, but it does just add unnecessary complexity also. Have a Happy!!! Dream * Excel * Explore * Inspire Jon McAlexander Senior Infrastructure Engineer Asst. Vice President He/His Middleware Product Engineering Enterprise CIO | EAS | Middleware | Infrastructure Solutions 8080 Co

RE: CVE-2021-43980 completely fixed?

2022-12-12 Thread jonmcalexander
Have you tested with a later release than 9.0.62? Dream * Excel * Explore * Inspire Jon McAlexander Senior Infrastructure Engineer Asst. Vice President He/His Middleware Product Engineering Enterprise CIO | EAS | Middleware | Infrastructure Solutions 8080 Cobblestone Rd | Urbandale, IA 50322 MAC

Basic SSL Certificate Usage logging

2023-01-06 Thread jonmcalexander
Good afternoon and Happy New Year, I know about the SSL debug logging, however, I'm checking to see if there is any out-of-the-box option to capture in a log which SSL certificate and trust keystore is being used during startup? Thanks, Dream * Excel * Explore * Inspire Jon McAlexander Senior

RE: Basic SSL Certificate Usage logging

2023-01-06 Thread jonmcalexander
Hi Mark, Thanks for the info. In a nutshell I think the certpath,provider would be sufficient. I'm thinking that I can add this to the java options as -Djava.security.debug=ssl:certpath,provider however I don't know how to specify where to log the information. Thanks, Dream * Excel * Explore

RE: Basic SSL Certificate Usage logging

2023-01-09 Thread jonmcalexander
Yes Chris, It's just for during startup. For a particular instance I would like to capture the Certificate Info and Truststore being used and pipe that into a separate log/txt file. Thanks, Dream * Excel * Explore * Inspire Jon McAlexander Senior Infrastructure Engineer Asst. Vice President He/

RE: Basic SSL Certificate Usage logging

2023-01-10 Thread jonmcalexander
Can we include valid to dates? Dream * Excel * Explore * Inspire Jon McAlexander Senior Infrastructure Engineer Asst. Vice President He/His Middleware Product Engineering Enterprise CIO | EAS | Middleware | Infrastructure Solutions 8080 Cobblestone Rd | Urbandale, IA 50322 MAC: F4469-010 Tel 515

RE: Basic SSL Certificate Usage logging

2023-01-10 Thread jonmcalexander
Ultimately it would be nice to be able to log it in Jason format for ingestion by Elastic or something similar. Dream * Excel * Explore * Inspire Jon McAlexander Senior Infrastructure Engineer Asst. Vice President He/His Middleware Product Engineering Enterprise CIO | EAS | Middleware | Infrastr

RE: Basic SSL Certificate Usage logging

2023-01-10 Thread jonmcalexander
:-) Christopher, This is where my not being a developer really shines out. :-) Dream * Excel * Explore * Inspire Jon McAlexander Senior Infrastructure Engineer Asst. Vice President He/His Middleware Product Engineering Enterprise CIO | EAS | Middleware | Infrastructure Solutions 8080 Cobbleston

RE: [ANN] Apache Tomcat 8.5.84 available

2023-01-19 Thread jonmcalexander
Please update the subject line. :-) Dream * Excel * Explore * Inspire Jon McAlexander Senior Infrastructure Engineer Asst. Vice President He/His Middleware Product Engineering Enterprise CIO | EAS | Middleware | Infrastructure Solutions 8080 Cobblestone Rd | Urbandale, IA 50322 MAC: F4469-010 Te

Tomcat 10.0.x

2023-02-07 Thread jonmcalexander
Hi Mark, Christopher, Remy, et-al, In regards to the Apache Tomcat(r) - End of life for Apache Tomcat 10.0.x page, is this and END OF LIFE event or just an END OF SUPPORT event for the 10.0.x releases of Tomcat 10x? Thanks, Dream * Excel * Explo

RE: Tomcat 10.0.x

2023-02-07 Thread jonmcalexander
Thank you Dream * Excel * Explore * Inspire Jon McAlexander Senior Infrastructure Engineer Asst. Vice President He/His Middleware Product Engineering Enterprise CIO | EAS | Middleware | Infrastructure Solutions 8080 Cobblestone Rd | Urbandale, IA 50322 MAC: F4469-010 Tel 515-988-2508 | Cell 515-

RE: Basic SSL Certificate Usage logging

2023-02-08 Thread jonmcalexander
Hi Mark, So, is this something that can/will be added in the future? I tested my thought of setting the java logging.properties to a specific file in the command line but it didn't do what I had hoped. Thanks, Dream * Excel * Explore * Inspire Jon McAlexander Senior Infrastructure Engineer Ass

RE: Basic SSL Certificate Usage logging

2023-02-08 Thread jonmcalexander
Awesome Possum Boss!!! Dream * Excel * Explore * Inspire Jon McAlexander Senior Infrastructure Engineer Asst. Vice President He/His Middleware Product Engineering Enterprise CIO | EAS | Middleware | Infrastructure Solutions 8080 Cobblestone Rd | Urbandale, IA 50322 MAC: F4469-010 Tel 515-988-250

RE: Basic SSL Certificate Usage logging

2023-02-08 Thread jonmcalexander
And thank you! Dream * Excel * Explore * Inspire Jon McAlexander Senior Infrastructure Engineer Asst. Vice President He/His Middleware Product Engineering Enterprise CIO | EAS | Middleware | Infrastructure Solutions 8080 Cobblestone Rd | Urbandale, IA 50322 MAC: F4469-010 Tel 515-988-2508 | Cell

RE: Basic SSL Certificate Usage logging

2023-02-08 Thread jonmcalexander
Hi Mark, As a follow-up, some of my compatriots are asking if we can get all or some of these details in the log as well? Wanted to ask early if possible. • Subject o Ex: CN=splunk.glb.wellsfargo.net,OU=TMS-ADCS,O=Wells Fargo,C=US o Ex: CN=9COM,OU=APP,OU=9COM,OU=ECS,O=Wells Fa

RE: Basic SSL Certificate Usage logging

2023-02-09 Thread jonmcalexander
Hi Mark, My thinking is that the teams requesting that I look into if this is possible or not would prefer to be able to get the more detailed information if possible. How much extra work is required to have a dedicated logger for it, as well as keeping the current message in the current loggin

RE: Basic SSL Certificate Usage logging

2023-02-10 Thread jonmcalexander
Once again, Awesome Possum! You guys are the greatest! Dream * Excel * Explore * Inspire Jon McAlexander Senior Infrastructure Engineer Asst. Vice President He/His Middleware Product Engineering Enterprise CIO | EAS | Middleware | Infrastructure Solutions 8080 Cobblestone Rd | Urbandale, IA 5032

RE: Basic SSL Certificate Usage logging

2023-02-15 Thread jonmcalexander
Thanks Mark. I'm checking with the requestor on my end. Dream * Excel * Explore * Inspire Jon McAlexander Senior Infrastructure Engineer Asst. Vice President He/His Middleware Product Engineering Enterprise CIO | EAS | Middleware | Infrastructure Solutions 8080 Cobblestone Rd | Urbandale, IA 503

  1   2   3   >