On Tue, Aug 23, 2022 at 10:18 AM Mark Thomas <ma...@apache.org> wrote:
> On 23/08/2022 14:12, Thad Humphries wrote: > > I'm trying to understand a problem I'm having with Tomcat Native since > > moving from 1.2.x to 2.0. > > > > For several years I have been running Tomcat 9.0.12 in Eclipse and 9.0.37 > > for localhost on my home and office Mac Mini's with macOS 10.15.7 > Catalina. > > Both use OpenJDK 8 from Amazon. To support development I have a > self-signed > > certificate and until recently used Tomcat Native 1.2.x installed with > > Homebrew. I added `CATALINA_OPTS="-Xmx1024m > > -Djava.library.path=/usr/local/opt/tomcat-native/lib"` to my > bin/setevn.sh > > > > With this configuration I was able to the > > connector org.apache.coyote.http11.Http11AprProtocol with UpgradeProtocol > > for org.apache.coyote.http2.Http2Protocol > > > > Recently Homebrew replaced Tomcat Native 1.2.x with 2.0.1. Since then > when > > Tomcat starts I see in catalina.out "The Apache Tomcat Native library > which > > allows using OpenSSL was not found on the java.library.path: > > [/usr/local/opt/tomcat-native/lib]". I've had to switch my development to > > connector org.apache.coyote.http11.Http11NioProtocol (I need SSL for my > > client-server setup). > > > > I've tried using a Tomcat Native 2 I built myself, but get the same "not > > found on the java.library.path" message. I tried using a Tomcat Native > > 1.2.35 I built myself but got the following stacktrace in catalina.out > > > > 23-Aug-2022 03:07:29.541 INFO [main] > > org.apache.catalina.core.AprLifecycleListener.lifecycleEvent Loaded > Apache > > Tomcat Native library [1.2.35] using APR version [1.7.0]. > > 23-Aug-2022 03:07:29.541 INFO [main] > > org.apache.catalina.core.AprLifecycleListener.lifecycleEvent APR > > capabilities: IPv6 [true], sendfile [true], accept filters [false], > random > > [true]. > > 23-Aug-2022 03:07:29.541 INFO [main] > > org.apache.catalina.core.AprLifecycleListener.lifecycleEvent APR/OpenSSL > > configuration: useAprConnector [false], useOpenSSL [true] > > 23-Aug-2022 03:07:29.544 SEVERE [main] > > org.apache.catalina.core.AprLifecycleListener.lifecycleEvent Failed to > > initialize the SSLEngine. > > org.apache.tomcat.jni.Error: 70023: This function has not been > implemented > > on this platform > > at org.apache.tomcat.jni.SSL.initialize(Native Method) > > at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) > > at > > > sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62) > > at > > > sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) > > at java.lang.reflect.Method.invoke(Method.java:498) > > at > > > org.apache.catalina.core.AprLifecycleListener.initializeSSL(AprLifecycleListener.java:289) > > at > > > org.apache.catalina.core.AprLifecycleListener.lifecycleEvent(AprLifecycleListener.java:136) > > at > > > org.apache.catalina.util.LifecycleBase.fireLifecycleEvent(LifecycleBase.java:123) > > at > > > org.apache.catalina.util.LifecycleBase.setStateInternal(LifecycleBase.java:423) > > at org.apache.catalina.util.LifecycleBase.init(LifecycleBase.java:135) > > at org.apache.catalina.startup.Catalina.load(Catalina.java:690) > > at org.apache.catalina.startup.Catalina.load(Catalina.java:712) > > at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) > > at > > > sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62) > > at > > > sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) > > at java.lang.reflect.Method.invoke(Method.java:498) > > at org.apache.catalina.startup.Bootstrap.load(Bootstrap.java:302) > > at org.apache.catalina.startup.Bootstrap.main(Bootstrap.java:472) > > > > What is the issue I'm seeing and how might it be corrected if I want to > run > > Tomcat Native for the APR protocol? > > You can't. > > The APR connector has been deprecated and has been removed in Tomcat > 10.1.x onwards. > > Tomcat Native 2.0.x does not support the APR connectors. > > You need to switch to NIO or NIO2. If you want to use OpenSSL for TLS > then you can do so (you'll need Tomcat Native 2.0.x and OpenSSL). Look > at the docs for the sslImplementationName attribute. > > > BTW, this is not critical to me; I can live with NIO. However I'm the > *only* > > person on this team who pays any attention to Tomcat, and I may be having > > to explain this to my coworkers and our boss. Others use a mix of Linux, > > Windows, and Mac. Most don't use SSL internally but some use the AJP > > connector for Apache, and IIRC that needs Tomcat Native, too. > > AJP does not require APR/Native. There are NIO and NIO2 implementations > for AJP. > > Mark > Thank you, Mark. That all makes sense. I'll look at the docs you've referenced. I recall once watching some YouTube videos on Tomcat connectors. I'll find and rewatch those, too. -- "Hell hath no limits, nor is circumscrib'd In one self-place; but where we are is hell, And where hell is, there must we ever be" --Christopher Marlowe, *Doctor Faustus* (v. 111-13)
