tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From CommonGround Softworks/Phil McNamara <P...@CommonGrnd.com>
Subject RE: How to change the SSL port
Date Fri, 16 Sep 2005 03:15:10 GMT
Guys, Thank you. Stephen posted the original question on my behalf.  I am 
just now joining the list.

Iannis and Chuck thank you for your feedback. Maybe I can provide some 
more info. Appreciate any further suggestions.

I did ports scans before and after the server.xml edits to ports 443 and 
to 8443.  443 has never responded. I saw  8443 go away, and 443 not come 
up.  Edited server xml back to 8443 and portscanned it coming back up.  
It would seem to me that this demonstrates that I am editing the correct 
server.xml instance. I also checked processes and confirmed only one java 
parent was started. Likewise tested browser https access using 443 and 
8443 during the tomcat edit start/stop cycles. 8443 plays. 443 does not.

The tomcat log does show a bind error message after my server.xml edit to 
port 443.  

Sep 15, 2005 10:37:07 PM org.apache.coyote.http11.Http11Protocol init
SEVERE: Error initializing endpoint
java.net.BindException: Permission denied:443
snip...
Sep 15, 2005 10:37:07 PM org.apache.catalina.startup.Catalina load
SEVERE: Catalina.start
LifecycleException:  Protocol handler initialization failed: 
java.net.BindException: Permission denied:443
	at org.apache.catalina.connector.Connector.initialize(Connector.java:920)
snip..

At no time has port 443 responded to an external port scan. Possible that 
apache or a ssl module has already done a "bind" internally to 443?  I 
disabled the apache ssl module and can't find any other app that is a 
likely culprit.

Ran Netstat and nothing obvious jumped out at me.  Maybe I'm not savvy 
enough to spot the obvious. Kinda stumped. No firewall config on this 
machine. Could this be a permissions issue of some sort?

I am tempted to fire up ssl with apache on 443 with a trial cert and make 
sure that Apache's ssl plays. I seem to recall over a year ago that I had 
a server that never could play ssl.  Maybe this is the one with the 
gremlin :).
Phil Mc

>Check your tomcat log file. If tomcat could bind properly on the SSL
>port you mentioned, it should show up in the log file (one of the first
>lines on the top). If not (e.g. because the port is already in use), it
>will show you a bind error message there as well.
>
>If the log says that the port is fine, check for firewall, (etc.) on
>your box. 
>
>At least, look at the port number that is specified in the log. It
>should say 443 if your changes to the server.xml are correct.
>
>Iannis
>
>-----Original Message-----
>From: Stephen Caine [mailto:stephen@commongrnd.com] 
>Sent: Thursday, September 15, 2005 7:07 PM
>To: Tomcat Users List
>Subject: How to change the SSL port
>
>All:
>Is there any way I can change the default SSL port from 8443 to 443?
>
>> Change the port attribute of the SSL connector in your server.xml  
>> file.
>
>> And use port number 443.
>>
>yup, I tried this.  It doesn't work.  I tried edits to server xml  
>connector from 8443 to 443 - 443 port unresponsive after tomcat  
>restart.  Tried 8442 also.  No joy. Only plays with 8443.  There is  
>another setting somewhere........
>
>Please advise.
>
>Stephen Caine
>CommonGround Softworks, Inc.


Phil McNamara
CommonGround Softworks Inc.
info@commongrnd.com
http://www.commongrnd.com



---------------------------------------------------------------------
To unsubscribe, e-mail: tomcat-user-unsubscribe@jakarta.apache.org
For additional commands, e-mail: tomcat-user-help@jakarta.apache.org


Mime
View raw message