Re: 9.0.83 addSslHostConfig failures?

Daniel Skiles Mon, 27 Nov 2023 05:57:18 -0800

Thanks for taking a look.  My lightly scrubbed connector example is
attached.


On Tue, Nov 21, 2023 at 6:45 AM Michael Osipov <micha...@apache.org> wrote:

> On 2023/11/21 11:25:11 Michael Osipov wrote:
> > On 2023/11/20 22:14:14 Daniel Skiles wrote:
> > > Was there a change to the addSslHostConfig JMX mbean operation between
> > > 9.0.82 and 9.0.83?  I have some code that works in 82, but fails with
> an
> > > MBeanException: Cannot find operation [addSslHostConfig] in 9.0.83.
> > >
> > > When I attempt to look at the available operations on ProtocolHandler
> in
> > > jconsole, it throws an exception in 83 that opens a new window, but
> works
> > > in 82.
> >
> > I have the following with 8.5.x:
> > > Error setting Operation panel :org.apache.coyote.Request
> > > Error setting Operation panel :org.apache.tomcat.util.net
> .SSLHostConfig
> >
> > addSslHostConfig is greyed out for me...let me go back a patch version...
>
> Tried on 8.5.92, same behavior. You should share your connector config.
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
> For additional commands, e-mail: users-h...@tomcat.apache.org
>
>

<Connector SSLEnabled="true" URIEncoding="UTF-8" address="${addr}" bindOnInit="false" compressibleMimeType="text/html,text/xml,text/plain,text/css,text/javascript,text/json,application/x-javascript,application/javascript,application/json" compression="on" connectionTimeout="10000" executor="tomcatThreadPool" keepAliveTimeout="120000" noCompressionUserAgents="gozilla, traviata" port="443" protocol="HTTP/1.1" redirectPort="8443" relaxedQueryChars="&lt; &gt; [ \ ] ^ ` { | } &quot;" scheme="https" secure="true" server="Server" xpoweredBy="false">
	<SSLHostConfig ciphers="TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256,TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384,TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384,TLS_DHE_RSA_WITH_AES_128_GCM_SHA256,TLS_DHE_RSA_WITH_AES_256_GCM_SHA384,ECDHE-ECDSA-CHACHA20-POLY1305,ECDHE-RSA-CHACHA20-POLY1305" hostName="*.example.com" protocols="TLSv1.2">
		<Certificate certificateKeyAlias="581bce151ef54c6689ad8e72ed0355c5" certificateKeystoreFile="${keystore}" certificateKeystorePassword=""/>
	</SSLHostConfig>
	<SSLHostConfig ciphers="TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256,TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384,TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384,TLS_DHE_RSA_WITH_AES_128_GCM_SHA256,TLS_DHE_RSA_WITH_AES_256_GCM_SHA384,ECDHE-ECDSA-CHACHA20-POLY1305,ECDHE-RSA-CHACHA20-POLY1305" hostName="_default_" protocols="TLSv1.2">
		<Certificate certificateKeyAlias="__default_alias__" certificateKeystoreFile="${keystore}" certificateKeystorePassword=""/>
	</SSLHostConfig>
</Connector>

---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org

Re: 9.0.83 addSslHostConfig failures?

Reply via email to