2014/1/21 James H. H. Lampert <jam...@touchtonecorp.com>: > It seems that one of our customers moved their server to a different > physical box, over the weekend, and we're now seeing some definite > weirdness: >
1. You are still accessing the old box? A proxy that forwards requests to the old box, instead of a new one? An /etc/hosts file (e.g. on client PC) or a DNS that resolves your host name to IP address of the old box? A MiM? 2. An old instance of Tomcat still running (e.g. started automatically at boot time), and the new one is not visible because either a) a connector failed to start because "port is already used". A clash of shutdown ports is fatal, but a failure of a single connector does not prevent Tomcat from stating, unless you explicitly configure it to not ignore such errors (see System Props page in Configuration Reference). You should see messages in the log files in this case. b) it listens on a different network interface > Their Tomcat now shows a certificate that expired this past September. > > But it gets weirder: > > Their connector for port 443 in server.xml shows a word as the alias. The > word we usually use when setting up a customer's SSL. > > But when I examine their keystore in Keytool, it shows the digit "1" as the > only alias in the keystore. A different file? E.g. typo in a configuration, so a default file path is used. A file was replaced but application still accesses the old file, because it has a open file handle to it? You are using an APR connector, but are examining a Java keystore ? > Why would this even work at all? > Call it a "fool-proof" one :) Best regards, Konstantin Kolinko --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
