geronimo-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Oleg Andreyev <oandre...@opensourcestrategies.com>
Subject Re: Unable to set up ssl
Date Tue, 06 Aug 2013 08:47:06 GMT
Well, I am very sorry first. It's production system on EC2 and I had to 
find fast solution and made next AMI. Finally this works with apache + 
mod_jk and original directory is removed. I can not share this file. 
However all my steps were very simple and based on standard distribution 
without any application code or customization (except changing ports). 
And although the problem is no longer relevant to me, I ask you to pay 
attention to it when you have time. I believe that fundamental 
functionality should not require such efforts to set.

On 08/05/2013 03:45 PM, Ivan wrote:
> Hi,
>
> Per the stacktrace, it looks like the executor was not configured correctly.
>
> In Geronimo 3.0.*, the var/catalina/server.xml is used as the tomcat
> container configuration file, could you show us that file ? I guess that
> the ssl connector was updated incorrectly in that file. You may also
> compare that file with the original one to check what was changed.
>
> Thanks.
>
>
> 2013/8/5 Oleg Andreyev <oandreyev@opensourcestrategies.com
> <mailto:oandreyev@opensourcestrategies.com>>
>
>     There are no handmade changes in config.xml. It's the same as in
>     geronimo-tomcat7-javaee6-web-__3.0.1-bin.tar.gz
>
>
>     On 08/03/2013 10:04 PM, thiyagu_r wrote:
>
>         Please share the config.xml
>
>         Sent from my iPhone
>
>         On Aug 3, 2013, at 10:23 AM, "Oleg Andreyev [via Apache Geronimo]"
>         <[hidden email]
>         </user/SendEmail.jtp?type=__node&node=3987095&i=0>> wrote:
>
>             Hi,
>
>             Last days I tried to set up SSL on Geronimo 3.0.1 and
>             finally had to
>             admit defeat.
>
>             My steps:
>
>             - Downloaded 3.0.1 (Linux x64, Web profile, run with Oracle
>             JDK 1.6.0_14)
>             - Changed ports to 80/443 in config-substitution.properties
>             - Log in to Web console
>             - Created new keystore, enabled it, generated key, CSR,
>             imported answer
>             from CA
>
>             No errors so far. The key looks like:
>
>             Version:     3
>             Subject:     CN=xxx.yyyyy.com <http://xxx.yyyyy.com>
>             <http://xxx.yyyyy.com>, OU=Domain
>
>             Control Validated
>             Issuer:     SERIALNUMBER=10688435, CN=Starfield Secure
>             Certification
>             Authority,
>             OU=http://certificates.__starfieldtech.com/repository
>             <http://certificates.starfieldtech.com/repository>,
>             O="Starfield Technologies, Inc.", L=Scottsdale, ST=Arizona, C=US
>             Serial Number:     2292395462585499
>             Valid From:     Fri Aug 02 20:15:19 EDT 2013
>             Valid To:     Wed Jul 30 16:46:03 EDT 2014
>             Signature Alg:     SHA1withRSA
>             Public Key Alg:     RSA
>             critical ext:     2.5.29.15
>             critical ext:     2.5.29.19
>             non-critical ext:     2.5.29.14
>             non-critical ext:     1.3.6.1.5.5.7.1.1
>             non-critical ext:     2.5.29.31
>             non-critical ext:     2.5.29.32
>             non-critical ext:     2.5.29.37
>             non-critical ext:     2.5.29.35
>             non-critical ext:     2.5.29.17
>
>             Also I have changed Web servers/TomcatWebSSLConnector to set
>             correct
>             keystoreFile and keystore password and stop/start it.
>
>             So, I tried connect with https and after some time "The
>             connection was
>             reset". And I see error in geronimo log:
>             2013-08-02 20:19:22,861 ERROR [JIoEndpoint]
>             java.lang.NullPointerException
>                   at
>             org.apache.tomcat.util.net
>             <http://org.apache.tomcat.util.net>.__JIoEndpoint.processSocket(__JIoEndpoint.java:525)
>
>                   at
>             org.apache.tomcat.util.net
>             <http://org.apache.tomcat.util.net>.__JIoEndpoint$Acceptor.run(__JIoEndpoint.java:230)
>                   at java.lang.Thread.run(Thread.__java:619)
>
>             I describe this attempts because it is most appropriate to
>             documentation
>             but I tried different JDK, geronimo 3.0.0, keystore created
>             by keytool
>             and so on.
>
>             Any clue?
>
>
>             ------------------------------__------------------------------__------------
>
>             If you reply to this email, your message will be added to the
>             discussion below:
>             http://apache-geronimo.328035.__n3.nabble.com/Unable-to-set-__up-ssl-tp3987094.html
>             <http://apache-geronimo.328035.n3.nabble.com/Unable-to-set-up-ssl-tp3987094.html>
>
>             To start a new topic under Users, email [hidden email]
>             </user/SendEmail.jtp?type=__node&node=3987095&i=1>
>
>             To unsubscribe from Users, click here.
>             NAML
>             <http://apache-geronimo.__328035.n3.nabble.com/template/__NamlServlet.jtp?macro=macro___viewer&id=instant_html%__21nabble%3Aemail.naml&base=__nabble.naml.namespaces.__BasicNamespace-nabble.view.__web.template.NabbleNamespace-__nabble.view.web.template.__NodeNamespace&breadcrumbs=__notify_subscribers%21nabble%__3Aemail.naml-instant_emails%__21nabble%3Aemail.naml-send___instant_email%21nabble%__3Aemail.naml
>             <http://apache-geronimo.328035.n3.nabble.com/template/NamlServlet.jtp?macro=macro_viewer&id=instant_html%21nabble%3Aemail.naml&base=nabble.naml.namespaces.BasicNamespace-nabble.view.web.template.NabbleNamespace-nabble.view.web.template.NodeNamespace&breadcrumbs=notify_subscribers%21nabble%3Aemail.naml-instant_emails%21nabble%3Aemail.naml-send_instant_email%21nabble%3Aemail.naml>>
>
>
>
>         ------------------------------__------------------------------__------------
>
>         View this message in context: Re: Unable to set up ssl
>         <http://apache-geronimo.__328035.n3.nabble.com/Unable-__to-set-up-ssl-__tp3987094p3987095.html
>         <http://apache-geronimo.328035.n3.nabble.com/Unable-to-set-up-ssl-tp3987094p3987095.html>>
>
>         Sent from the Users mailing list archive
>         <http://apache-geronimo.__328035.n3.nabble.com/Users-__f328036.html
>         <http://apache-geronimo.328035.n3.nabble.com/Users-f328036.html>> at
>         Nabble.com.
>
>
>
>
>
> --
> Ivan


Mime
View raw message