tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From André Warnier (tomcat) ...@ice-sa.com>
Subject Re: tomcat ssl setup
Date Thu, 21 Sep 2017 16:34:08 GMT
On 21.09.2017 17:17, John Ellis wrote:
> OK. As I said there is nothing on line 87 but here is line 114-
>
> SSLCertificateChainFile="/usr/java/jdk1.8.0_45/jre/bin/root.pem"

I think you need to provide a bit more context then.

Can you paste here, say, that same line, but with 10 lines before and 10 lines after, and

tell at which line number this starts in server.xml (so that we can compare with the log)
?

The error messages in the log were apparently about comments (between <!-- and -->),
so if 
these lines are (or contain) comments, copy them anyway.


>
>
>
> John Ellis
>
> 405.285.2500 office
>
>
>
>
> http://biz-e.io
>
> -----Original Message-----
> From: André Warnier (tomcat) [mailto:aw@ice-sa.com]
> Sent: Thursday, September 21, 2017 10:15 AM
> To: users@tomcat.apache.org
> Subject: Re: tomcat ssl setup
>
>
>
> On 21.09.2017 16:43, John Ellis wrote:
>> Thanks so much for the quick reply Andre. There doesn't appear to be
>> anything on line 87 but there is on line 114. See the screenshot I
>> took of the server.xml file below-
>>
>
> Unfortunately, this list strips most attachments, and in fact asks for
> text-only messages.
> (and to avoid top-posting)
>
> See : http://tomcat.apache.org/lists.html#tomcat-users  --> Important
>
> Please paste the corresponding lines directly, as text, in your next
> message.
>
>
>> John Ellis
>>
>> 405.285.2500 office
>>
>> http://biz-e.io
>>
>> -----Original Message-----
>> From: André Warnier (tomcat) [mailto:aw@ice-sa.com]
>> Sent: Wednesday, September 20, 2017 10:41 AM
>> To: users@tomcat.apache.org
>> Subject: Re: tomcat ssl setup
>>
>> On 20.09.2017 17:07, John Ellis wrote:
>>
>>   > All of what I have done so far has been in Tomcat version 9, which
>> I
>>
>>   > downloaded from the Apache Tomcat website. The way I start tomcat
>> is
>>
>>   > by running the command ./startup.sh from within the
>>
>>   > apache-tomcat-9.0.0.M26/bin directory. I stop it by running the
>>
>>   > command ./shutdown.sh from the same directory.
>>
>>   >
>>
>> Ok, perfect. So there is only one tomcat9 we can be talking about, and
>> one server.xml file. And since this is a "standard tomcat", that
>> server.xml must be in .. let me look at the logfile again) ..
>>
>> 08-Sep-2017 10:05:02.911 INFO [main]
>>
>> org.apache.catalina.startup.HostConfig.deployDirectory Deploying web
>> application directory
>> [/home/tomcat9/apache-tomcat-9.0.0.M26/webapps/ROOT]
>>
>> so here : /home/tomcat9/apache-tomcat-9.0.0.M26/conf/server.xml
>>
>> and considering this :
>>
>> 08-Sep-2017 11:31:21.952 SEVERE [main]
>> org.apache.tomcat.util.digester.Digester.fatalError
>>
>> Parse Fatal Error at line 87 column 6: The content of elements must
>> consist of well-formed character data or markup.
>>
>>     org.xml.sax.SAXParseException; systemId:
>>
>> file:/home/tomcat9/apache-tomcat-9.0.0.M26/conf/server.xml; lineNumber:
> 87; columnNumber:
>>
>> 6; The content of elements must consist of well-formed character data or
> markup.
>>
>> there is something on line 87, position 6, that he does not like.
>>
>> And further down also :
>>
>> 08-Sep-2017 13:17:36.947 SEVERE [main]
>> org.apache.tomcat.util.digester.Digester.fatalError
>>
>> Parse Fatal Error at line 114 column 6: The string "--" is not permitted
> within comments.
>>
>>     org.xml.sax.SAXParseException; systemId:
>>
>> file:/home/tomcat9/apache-tomcat-9.0.0.M26/conf/server.xml; lineNumber:
> 114; columnNumber:
>>
>> 6; The string "--" is not permitted within comments.
>>
>> but maybe this is not in the server.xml file itself, but in something
>> else that the server.xml references there (like an external "XML entity"
> or something).
>>
>> Why don't you get those 2 lines from your server.xml and paste them here :
>>
>> ...
>>
>>   > John Ellis
>>
>>   >
>>
>>   > 405.285.2500 office
>>
>>   >
>>
>>   >
>>
>>   >
>>
>>   >
>>
>>   > http://biz-e.io
>>
>>   >
>>
>>   >
>>
>>   > -----Original Message-----
>>
>>   > From: André Warnier (tomcat) [mailto:aw@ice-sa.com]
>>
>>   > Sent: Wednesday, September 20, 2017 10:02 AM
>>
>>   > To: users@tomcat.apache.org <mailto:users@tomcat.apache.org>
>>
>>   > Subject: Re: tomcat ssl setup
>>
>>   >
>>
>>   > On 20.09.2017 15:20, John Ellis wrote:
>>
>>   >> Andre can you tell me which log file you are saying tells where
>> the
>>
>>   >> problem is?
>>
>>   >
>>
>>   > That's the one you uploaded to the dropbox :
>>
>>   >   >>
>>
>>   >
>> https://www.dropbox.com/s/hlcg3cycddteyaz/catalina.2017-09-08.log?dl=0
>>
>>   >
>>
>>   > I have of course no idea at this point, which tomcat or which
>>
>>   > server.xml this was related to, but i suppose you do.
>>
>>   >
>>
>>   > I am not seeing it but I may not be even looking for the right thing.
>>
>>   > I
>>
>>   >> did open the server.xml file up in an XML file editor program and
>> it
>>
>>   >> didn't give any errors.
>>
>>   >
>>
>>   > Then it must be that this tomcat who wrote the logfile, is not
>> looking
>>
>>   > at the same server.xml file than the one you're looking at.
>>
>>   > (Or else your XML file editor is not really good)
>>
>>   >
>>
>>   > How do you start this tomcat, on your server ?
>>
>>   > And where did you get this tomcat from ? Is it the one from the
>> tomcat
>>
>>   > website ?
>>
>>   >
>>
>>   >>
>>
>>   >> John Ellis
>>
>>   >>
>>
>>   >> 405.285.2500 office
>>
>>   >>
>>
>>   >>
>>
>>   >>
>>
>>   >>
>>
>>   >> http://biz-e.io
>>
>>   >>
>>
>>   >>
>>
>>   >> -----Original Message-----
>>
>>   >> From: André Warnier (tomcat) [mailto:aw@ice-sa.com]
>>
>>   >> Sent: Tuesday, September 19, 2017 3:47 PM
>>
>>   >> To: users@tomcat.apache.org <mailto:users@tomcat.apache.org>
>>
>>   >> Subject: Re: tomcat ssl setup
>>
>>   >>
>>
>>   >> On 19.09.2017 20:17, John Ellis wrote:
>>
>>   >>> Here are the tomcat 9 log file DropBox links-
>>
>>   >>>
>>
>>   >>>
>> https://www.dropbox.com/s/hlcg3cycddteyaz/catalina.2017-09-08.log?dl
>>
>>   >>> =
>>
>>   >>> 0
>>
>>   >>
>>
>>   >> Well, there you go. It tells you explicitly where you made the
>>
>>   >> mistakes, up to the file and line  numbers.
>>
>>   >> I can't see your server.xml, but I would bet that you have
>> modified
>>
>>   >> it, by surrounding some XML comment sections by another comment
>> pair
>>
>>   >> <!-- ... --> That crashes because XML does not allow that.
>>
>>   >> You cannot have this kind of thing :
>>
>>   >>
>>
>>   >> <!-- ... <!-- ... -->  -->
>>
>>   >>
>>
>>   >>
>>
>>   >>>
>>
>>   >>>
>> https://www.dropbox.com/s/yj93ub9woxdoie0/localhost_access_log.2017-
>>
>>   >>> 0
>>
>>   >>> 9
>>
>>   >>> -19.txt?dl=0
>>
>>   >>>
>>
>>   >>> Thanks,
>>
>>   >>>
>>
>>   >>> John Ellis
>>
>>   >>>
>>
>>   >>> 405.285.2500 office
>>
>>   >>>
>>
>>   >>> United States
>>
>>   >>>
>>
>>   >>> bize-logo-rgb-original_Ryan_Revised_portal
>>
>>   >>> sizecid:image002.jpg@01CECFDA.65B42CD0
>>
>>   >>>
>>
>>   >>> http://biz-e.io
>>
>>   >>>
>>
>>   >>> *From:*Alejandro Vargas M.
>>
>>   >>> [mailto:alejandro.vargas@kymsolutions.com]
>>
>>   >>> *Sent:* Tuesday, September 19, 2017 11:10 AM
>>
>>   >>> *To:* users@tomcat.apache.org <mailto:users@tomcat.apache.org>
>>
>>   >>> *Subject:* Re: tomcat ssl setup
>>
>>   >>>
>>
>>   >>> Do you see what's on the log files, they can tell you what's the
>>
>>   >>> problem in. Maybe you can share those files too.
>>
>>   >>>
>>
>>   >>> I also saw on line 117 this "|  -->|"  Looks like there's left
over.
>>
>>   >>>
>>
>>   >>> On 09/19/2017 09:31 AM, John Ellis wrote:
>>
>>   >>>
>>
>>   >>>       I have been trying to setup SSL for tomcat 9.00.M26 on a RHEL
>>
>>   >>> (version
>>
>>   >> 6.4) server for
>>
>>   >>>       testing purposes. I downloaded & installed Tomcat9 fine
and I
>>
>>   >>> get a
>>
>>   >> proper webpage on
>>
>>   >>>       port 8080 but when I used the keytool commands and created a
>>
>>   >> certificate from
>>
>>   >>>       cacert.org and then edited the server.xml file to setup the
>>
>>   >>> ssl
>>
>>   >> configuration to run
>>
>>   >>>       on port 8443 I cannot get a webpage on that port; it defaults
>>
>>   >>> back to
>>
>>   >> port 8080. If I
>>
>>   >>>       am not providing all the needed info or asking a wrong
>>
>>   >>> question please
>>
>>   >> forgive me. I
>>
>>   >>>       am not a programmer. My background is in computer hardware.
I
>>
>>   >>> have
>>
>>   >> just been forced to
>>
>>   >>>       learn this to support two products that we use here in our
>>
>>   >>> office;
>>
>>   >> Jira and
>>
>>   >>>       Confluence. I have actually been working on setting them up
>>
>>   >>> for an SSL
>>
>>   >> connection on a
>>
>>   >>>       different server. I got Confluence working on a secure port
>>
>>   >>> but not
>>
>>   >> Jira so my boss
>>
>>   >>>       suggested troubleshooting the issue by trying to first get SSL
>>
>>   >>> setup
>>
>>   >> for Tomcat on
>>
>>   >>>       this other server.
>>
>>   >>>
>>
>>   >>>       I am providing a copy of the Tomcat9 server.sml file here on
a
>>
>>   >>> DropBox
>>
>>   >> link-
>>
>>   >>> https://www.dropbox.com/s/k3l07w9p4n81fas/server.xml?dl=0
>>
>>   >>>
>>
>>   >>>       Thanks in advance!
>>
>>   >>>
>>
>>   >>>       John Ellis
>>
>>   >>>
>>
>>   >>>       405.285.2500 office
>>
>>   >>>
>>
>>   >>>       United States
>>
>>   >>>
>>
>>   >>>       bize-logo-rgb-original_Ryan_Revised_portal
>>
>>   >>> sizecid:image002.jpg@01CECFDA.65B42CD0
>>
>>   >>>
>>
>>   >>> http://biz-e.io
>>
>>   >>>
>>
>>   >>> --
>>
>>   >>>
>>
>>   >>>
>>
>>   >>>
>>
>>   >>> Alejandro Vargas Mayorga
>>
>>   >>> */Gerente Desarrollo C.A. & C./*
>>
>>   >>> *Tel. 506- 7232-3366*
>>
>>   >>> *Email:**alejandro.vargas@kymsolutions.com*
>>
>>   >>> <mailto:%20alejandro.vargas@kymsolutions.com>*
>>
>>   >>> **www.kymsolutions.com* <http://www.kymsolutions.com/>* Visite
>>
>>   >>> nuestra aula virtual! *
>>
>>   >>>
>>
>>   >>
>>
>>   >>
>>
>>   >>
>> ---------------------------------------------------------------------
>>
>>   >> To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
>> <mailto:users-unsubscribe@tomcat.apache.org>
>>
>>   >> For additional commands, e-mail: users-help@tomcat.apache.org
>> <mailto:users-help@tomcat.apache.org>
>>
>>   >>
>>
>>   >>
>>
>>   >>
>>
>>   >>
>> ---------------------------------------------------------------------
>>
>>   >> To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
>> <mailto:users-unsubscribe@tomcat.apache.org>
>>
>>   >> For additional commands, e-mail: users-help@tomcat.apache.org
>> <mailto:users-help@tomcat.apache.org>
>>
>>   >>
>>
>>   >
>>
>>   >
>>
>>   >
>> ---------------------------------------------------------------------
>>
>>   > To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
>> <mailto:users-unsubscribe@tomcat.apache.org>
>>
>>   > For additional commands, e-mail: users-help@tomcat.apache.org
>> <mailto:users-help@tomcat.apache.org>
>>
>>   >
>>
>>   >
>>
>>   >
>>
>>   >
>> ---------------------------------------------------------------------
>>
>>   > To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
>> <mailto:users-unsubscribe@tomcat.apache.org>
>>
>>   > For additional commands, e-mail: users-help@tomcat.apache.org
>> <mailto:users-help@tomcat.apache.org>
>>
>>   >
>>
>> ---------------------------------------------------------------------
>>
>> To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
>> <mailto:users-unsubscribe@tomcat.apache.org>
>>
>> For additional commands, e-mail: users-help@tomcat.apache.org
>> <mailto:users-help@tomcat.apache.org>
>>
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
> For additional commands, e-mail: users-help@tomcat.apache.org
>
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
> For additional commands, e-mail: users-help@tomcat.apache.org
>


---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org


Mime
View raw message