Mailing-List: contact tomcat-user-help@jakarta.apache.org; run by ezmlm
Precedence: bulk
Reply-To: "Tomcat Users List" <tomcat-user@jakarta.apache.org>
Received-SPF: pass (asf.osuosl.org: local policy)
DomainKey-Signature: a=rsa-sha1; q=dns; c=nofws;
  s=dk20050327; d=earthlink.net;
  b=TFlJa+jWmt5brNjwvcKBnrG9dOppRe662Sm8avUV7oERh1478d08US+eEt0eFFyn;
  h=Received:Message-ID:From:To:References:Subject:Date:MIME-Version:Content-Type:Content-Transfer-Encoding:X-Priority:X-MSMail-Priority:X-Mailer:X-MimeOLE:X-ELNK-Trace:X-Originating-IP;
Message-ID: <04e401c5ba6f$dee7da40$7a01a8c0@ptslaptop>
From: "Parsons Technical Services" <parsonstechnical@earthlink.net>
To: "Tomcat Users List" <tomcat-user@jakarta.apache.org>
References: <1085281823-84497051@powersrvcs.com>
Subject: Re: How to change the SSL port
Date: Thu, 15 Sep 2005 23:36:48 -0400
MIME-Version: 1.0
Content-Type: text/plain;
	format=flowed;
	charset="iso-8859-1";
	reply-type=original
Content-Transfer-Encoding: 7bit

What OS are you on and what services are running?

It sounds like something else has the port tied up. If you can post a list 
of the services maybe someone might spot it. If you are on windows there are 
some apps out that can map the app/service to the ports being used.

If on Linux, which flavor and what netstat command did you use?

When you say scanned the ports are you talking about from another machine or 
using netstat?

Doug


----- Original Message ----- 
From: "CommonGround Softworks/Phil McNamara" <Phil@CommonGrnd.com>
To: "Tomcat Users List" <tomcat-user@jakarta.apache.org>
Sent: Thursday, September 15, 2005 11:15 PM
Subject: RE: How to change the SSL port


> Guys, Thank you. Stephen posted the original question on my behalf.  I am
> just now joining the list.
>
> Iannis and Chuck thank you for your feedback. Maybe I can provide some
> more info. Appreciate any further suggestions.
>
> I did ports scans before and after the server.xml edits to ports 443 and
> to 8443.  443 has never responded. I saw  8443 go away, and 443 not come
> up.  Edited server xml back to 8443 and portscanned it coming back up.
> It would seem to me that this demonstrates that I am editing the correct
> server.xml instance. I also checked processes and confirmed only one java
> parent was started. Likewise tested browser https access using 443 and
> 8443 during the tomcat edit start/stop cycles. 8443 plays. 443 does not.
>
> The tomcat log does show a bind error message after my server.xml edit to
> port 443.
>
> Sep 15, 2005 10:37:07 PM org.apache.coyote.http11.Http11Protocol init
> SEVERE: Error initializing endpoint
> java.net.BindException: Permission denied:443
> snip...
> Sep 15, 2005 10:37:07 PM org.apache.catalina.startup.Catalina load
> SEVERE: Catalina.start
> LifecycleException:  Protocol handler initialization failed:
> java.net.BindException: Permission denied:443
> at org.apache.catalina.connector.Connector.initialize(Connector.java:920)
> snip..
>
> At no time has port 443 responded to an external port scan. Possible that
> apache or a ssl module has already done a "bind" internally to 443?  I
> disabled the apache ssl module and can't find any other app that is a
> likely culprit.
>
> Ran Netstat and nothing obvious jumped out at me.  Maybe I'm not savvy
> enough to spot the obvious. Kinda stumped. No firewall config on this
> machine. Could this be a permissions issue of some sort?
>
> I am tempted to fire up ssl with apache on 443 with a trial cert and make
> sure that Apache's ssl plays. I seem to recall over a year ago that I had
> a server that never could play ssl.  Maybe this is the one with the
> gremlin :).
> Phil Mc
>
>>Check your tomcat log file. If tomcat could bind properly on the SSL
>>port you mentioned, it should show up in the log file (one of the first
>>lines on the top). If not (e.g. because the port is already in use), it
>>will show you a bind error message there as well.
>>
>>If the log says that the port is fine, check for firewall, (etc.) on
>>your box.
>>
>>At least, look at the port number that is specified in the log. It
>>should say 443 if your changes to the server.xml are correct.
>>
>>Iannis
>>
>>-----Original Message-----
>>From: Stephen Caine [mailto:stephen@commongrnd.com]
>>Sent: Thursday, September 15, 2005 7:07 PM
>>To: Tomcat Users List
>>Subject: How to change the SSL port
>>
>>All:
>>Is there any way I can change the default SSL port from 8443 to 443?
>>
>>> Change the port attribute of the SSL connector in your server.xml
>>> file.
>>
>>> And use port number 443.
>>>
>>yup, I tried this.  It doesn't work.  I tried edits to server xml
>>connector from 8443 to 443 - 443 port unresponsive after tomcat
>>restart.  Tried 8442 also.  No joy. Only plays with 8443.  There is
>>another setting somewhere........
>>
>>Please advise.
>>
>>Stephen Caine
>>CommonGround Softworks, Inc.
>
>
> Phil McNamara
> CommonGround Softworks Inc.
> info@commongrnd.com
> http://www.commongrnd.com
>
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: tomcat-user-unsubscribe@jakarta.apache.org
> For additional commands, e-mail: tomcat-user-help@jakarta.apache.org
>
>
> 


---------------------------------------------------------------------
To unsubscribe, e-mail: tomcat-user-unsubscribe@jakarta.apache.org
For additional commands, e-mail: tomcat-user-help@jakarta.apache.org