Win a copy of Beginning Java 17 Fundamentals: Object-Oriented Programming in Java 17 this week in the Java in General forum!

Ed James

Greenhorn
+ Follow
since Feb 10, 2010
Cows and Likes
Cows
Total received
0
In last 30 days
0
Total given
0
Likes
Total received
0
Received in last 30 days
0
Total given
0
Given in last 30 days
0
Forums and Threads
Scavenger Hunt
expand Ranch Hand Scavenger Hunt
expand Greenhorn Scavenger Hunt

Recent posts by Ed James

I have an Apache Tomcat 6.0 server hosting 3 sites (all internal on a test subnet), all of which require SSL. Is it possible to have 3 different SSL certs imported into my single .keystore file? If so, how do I specify what site uses what certificate? I've read about keyAlias parameter but I can't seem to get it to work. I could use a wildcard cert if they all had the same domain suffix but they do not (for example, I have https://mysite.mydomain.org, https://myservername, https://myserverIP).

Any information would be appreciated.

Thanks
10 years ago
Hi Tim,

Can you offer up and advise on what Valves to use? I've done some testing with different Valves and looked at the Tomcat documentation but I cannot find anything that is working for me.
Any information would be appreciated.

Thanks
10 years ago
Thanks for the information Tim. I'm pretty new to Tomcat and this has been thrown my way. I'm more familiar with IIS (don't hate me for it )

I'll look into using Valves to block the http:// requests. That will most likely take care of what we want to accomplish.

Cheers!
10 years ago
Hi all,

I'm Running Apachec Tomcat 5.5 and I'm wondering if it's possible to disable port 80 for certain URLs only - that is, not just commenting out the <Connector .... > for port 80 and thus disable it globally. My apache tomcat server hosts up a landing page (http://youarehere.domain). On this landing page there are two links - one to https://link1.domain/login.do, the other to https://link1.domain/loginhere.do. However, we see that we can still manually type in http://link1.domain/login.do and http://link1.domain/loginhere.do and they work as well. We want to disable HTTP for these links that we have the SSL certs applied to while at the same type, leaving the landing page as an http site. Is this possible?

If not, how do I do a redirect for these HTTP sites? I've managed to config the web.xml file to get http://link1.domain redirected https://link1.domain but it also tries to redirect the landing page as well, which we don't want. I think it's just a matter of getting the syntax correct for the <url-pattern> section but I can't seem to get it right.

Any info on this would be greatly appreciated.

Thanks everyone.
10 years ago
Hi all,

I have just setup a new Tomcat installation and created a keystore, created a CSR, created the Cert (using our internal CA), imported the root cert into the keystore and then the site cert into the keystore (alias www.somesite.ourdomain.ca). Looks like I've created everything correctly - no errors during any of these steps. However, when I load the site, I get "Certificate Error: Mismatched Address". I thought that I just needed to add a Host name entry into the server.xml conf file to include www.somesite.ourdomain.ca but I'm missing something. Can someone help me with this? What am I overlooking? As you can tell, I'm new to Tomcat :-)

Thanks
11 years ago
Hi Misha,

Yes, I have configured a Connector in the server.xml file as per Tomcat documentation.

Tomcat server is starting and I'm able to load http pages - however, https pages do not load and a "The requested page could not be found" error is returned. When I looked into the log file I noticed this error I mentioned right at the very top of my log file. To me, this indicates that the I'm missing a component that the TLS protocol requires. I recall reading an article online that referred to 4 .JAR files that would be present after installing JSSE but for the life of me, I can't fine it any more.

Here is my complete log file:

Feb 11, 2010 1:48:18 PM org.apache.coyote.http11.Http11BaseProtocol pause
INFO: Pausing Coyote HTTP/1.1 on http-80
Feb 11, 2010 1:48:18 PM org.apache.catalina.connector.Connector pause
SEVERE: Protocol handler pause failed
java.lang.NullPointerException
at org.apache.catalina.connector.Connector.pause(Connector.java:1032)
at org.apache.catalina.core.StandardService.stop(StandardService.java:489)
at org.apache.catalina.core.StandardServer.stop(StandardServer.java:734)
at org.apache.catalina.startup.Catalina.stop(Catalina.java:602)
at org.apache.catalina.startup.Catalina.start(Catalina.java:577)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(Unknown Source)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(Unknown Source)
at java.lang.reflect.Method.invoke(Unknown Source)
at org.apache.catalina.startup.Bootstrap.start(Bootstrap.java:295)
at org.apache.catalina.startup.Bootstrap.main(Bootstrap.java:433)
Feb 11, 2010 1:48:19 PM org.apache.catalina.core.StandardService stop
INFO: Stopping service Catalina
Feb 11, 2010 1:48:20 PM org.apache.coyote.http11.Http11BaseProtocol destroy
INFO: Stopping Coyote HTTP/1.1 on http-80
Feb 11, 2010 1:48:20 PM org.apache.catalina.connector.MapperListener destroy
WARNING: Error unregistering MBeanServerDelegate
java.lang.NullPointerException
at org.apache.catalina.connector.MapperListener.destroy(MapperListener.java:173)
at org.apache.catalina.connector.Connector.stop(Connector.java:1138)
at org.apache.catalina.core.StandardService.stop(StandardService.java:519)
at org.apache.catalina.core.StandardServer.stop(StandardServer.java:734)
at org.apache.catalina.startup.Catalina.stop(Catalina.java:602)
at org.apache.catalina.startup.Catalina.start(Catalina.java:577)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(Unknown Source)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(Unknown Source)
at java.lang.reflect.Method.invoke(Unknown Source)
at org.apache.catalina.startup.Bootstrap.start(Bootstrap.java:295)
at org.apache.catalina.startup.Bootstrap.main(Bootstrap.java:433)
Feb 11, 2010 10:27:13 PM org.apache.catalina.connector.Connector <init>
SEVERE: Protocol handler instantiation failed: java.lang.ClassNotFoundException: TLS
Feb 11, 2010 10:27:14 PM org.apache.catalina.core.AprLifecycleListener lifecycleEvent
INFO: The Apache Tomcat Native library which allows optimal performance in production environments was not found on the java.library.path: C:\Program Files\Apache Software Foundation\Tomcat 5.5\bin;.;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\Program Files\Java\jdk1.5.0_21\bin
Feb 11, 2010 10:27:14 PM org.apache.coyote.http11.Http11BaseProtocol init
INFO: Initializing Coyote HTTP/1.1 on http-80
Feb 11, 2010 10:27:14 PM org.apache.catalina.connector.Connector initialize
SEVERE: Error registering connector
java.lang.NullPointerException
at org.apache.tomcat.util.IntrospectionUtils.getProperty(IntrospectionUtils.java:377)
at org.apache.catalina.connector.Connector.getProperty(Connector.java:302)
at org.apache.catalina.connector.Connector.createObjectName(Connector.java:970)
at org.apache.catalina.connector.Connector.initialize(Connector.java:998)
at org.apache.catalina.core.StandardService.initialize(StandardService.java:578)
at org.apache.catalina.core.StandardServer.initialize(StandardServer.java:782)
at org.apache.catalina.startup.Catalina.load(Catalina.java:504)
at org.apache.catalina.startup.Catalina.load(Catalina.java:524)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(Unknown Source)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(Unknown Source)
at java.lang.reflect.Method.invoke(Unknown Source)
at org.apache.catalina.startup.Bootstrap.load(Bootstrap.java:267)
at org.apache.catalina.startup.Bootstrap.main(Bootstrap.java:432)
Feb 11, 2010 10:27:15 PM org.apache.catalina.core.StandardService start
INFO: Starting service Catalina
Feb 11, 2010 10:27:15 PM org.apache.catalina.core.StandardEngine start
INFO: Starting Servlet Engine: Apache Tomcat/5.5.28
Feb 11, 2010 10:27:15 PM org.apache.catalina.core.StandardHost start
INFO: XML validation disabled
Feb 11, 2010 10:27:17 PM org.apache.coyote.http11.Http11BaseProtocol start
INFO: Starting Coyote HTTP/1.1 on http-80
Feb 11, 2010 10:27:17 PM org.apache.catalina.connector.Connector start
INFO: Cannot register MBean for the Protocol
Feb 11, 2010 10:27:17 PM org.apache.catalina.startup.Catalina start
SEVERE: Catalina.start:
LifecycleException: service.getName(): "Catalina"; Protocol handler start failed: java.lang.NullPointerException
at org.apache.catalina.connector.Connector.start(Connector.java:1097)
at org.apache.catalina.core.StandardService.start(StandardService.java:457)
at org.apache.catalina.core.StandardServer.start(StandardServer.java:700)
at org.apache.catalina.startup.Catalina.start(Catalina.java:552)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(Unknown Source)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(Unknown Source)
at java.lang.reflect.Method.invoke(Unknown Source)
at org.apache.catalina.startup.Bootstrap.start(Bootstrap.java:295)
at org.apache.catalina.startup.Bootstrap.main(Bootstrap.java:433)
Feb 11, 2010 10:27:17 PM org.apache.catalina.startup.Catalina start
INFO: Server startup in 2774 ms

Here is my Connector configuration:

<Connector port="443" maxHttpHeaderSize="8192"
maxThreads="150" minSpareThreads="25" maxSpareThreads="75"
enableLookups="false" disableUploadTimeout="true"
acceptCount="100" scheme="https" secure="true"
clientAuth="false" protocol="TLS"
keystoreFile="../webapps/ROOT/myks.jks" keystorePass="Password"/>

Cheers
11 years ago
Hi all,

I've been reading and debugging through a number of documents but I cannot seem to get SSL working on my Tomcat server. Here is what I have done (in order) as per Tomcat documentation:

1. Installed JDK 1.5
2. Installed Tomcat (no Native DLL)
3. Generated KeyStore/KeyPair
4. Generated CSR
5. Imported root CA
6. Imported Certificate (as generated by my own CA).
7. Checked Keystore contents - all looks good.
8. Stopped/started Tomcat.

When tomcat start, I get this error at the top of the catalina log:

Feb 10, 2010 4:46:32 PM org.apache.catalina.connector.Connector <init>
SEVERE: Protocol handler instantiation failed: java.lang.ClassNotFoundException: TLS

To me, it looks like it cannot find a particular JAR file?

Can someone please offer up some advice? I'm deperate to get this running!!!

Thank you!

11 years ago