I have added below the code in my Tomcat /server.xml for enable the gzip but not work
<Connector port="8080" maxHttpHeaderSize="8192"
maxThreads="150" minSpareThreads="25" maxSpareThreads="75"
enableLookups="false" redirectPort="8443" acceptCount="100"
connectionTimeout="20000" disableUploadTimeout="true"
compression="on"
compressionMinSize="2048"
noCompressionUserAgents="gozilla, traviata"
compressableMimeType="text/html,text/xml"/>
This work me for locally but not on my WEB SERVER i.e tomcat server having Https/SSL protocol
Any buddies can help me ?
Thanks in advance for replying.
Try to use same configuration for SSL port also its basically port 8443,edit you server.xml near SSL port like below. first you need to uncomment this line
<Connector port="8443" protocol="HTTP/1.1" SSLEnabled="true"
maxThreads="150" scheme="https" secure="true" clientAuth="false"
sslProtocol="TLS" acceptCount="100" connectionTimeout="20000"
disableUploadTimeout="true" compression="on" compressionMinSize="2048"
noCompressionUserAgents="gozilla, traviata"
compressableMimeType="text/html,text/xml"/>
Related
In jboss server, in which file we define to look the keystore certificates?
I'm facing errors and when saw the boot.log file, its taking some certificate which is not available in my server.
boot.log file:
DEBUG [ServerInfo] javax.net.ssl.keyStore: C:/jboss/jboss-appserver/server/conf/clientCerts.jks
when boot.log file is generated, which file does it read??
It's in the connector definition
<Connector
port="8443" minSpareThreads="5" maxSpareThreads="75"
enableLookups="true" disableUploadTimeout="true"
acceptCount="100" maxThreads="200"
scheme="https" secure="true" SSLEnabled="true"
SSLCertificateFile="/usr/local/ssl/server.crt"
SSLCertificateKeyFile="/usr/local/ssl/server.pem"
clientAuth="false" sslProtocol="TLS"/>
see https://docs.jboss.org/jbossweb/3.0.x/ssl-howto.html
Here I'm having a problem with server.xml file configuration on tomcat(8.0.9)
my tomcat works when SSLEnabled="false" but otherwise it
provides "This webpage is not available" or "SSL Connection error"
to get additional information I checked log file but
it doesn't give any exception or error.
below is the main part of my server.xml file
<Connector port="8080" protocol="HTTP/1.1"
connectionTimeout="20000"
redirectPort="8443"
URIEncoding="UTF-8"
maxThreads="150" scheme="https" secure="true"
keystoreFile="/home/tomcat_home/conf/some.jks"
keystorePass="somePW"
SSLEnabled="true"
clientAuth="false"
sslProtocols="TLSv1, TLSv1.1, TLSv1.2"
minSpareThreads="5"
maxSpareThreads="75"
enableLookups="true"
disableUploadTimeout="true"
acceptCount="100"
ciphers="TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384,
TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384,
TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384,
TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384,
TLS_DHE_DSS_WITH_AES_256_CBC_SHA256,
TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA"
>
please give me your kind advices.
You need to run https on port 8443. Change the connectors to this and change the password to fit your keystore:
<Connector port="8080" connectionTimeout="20000" protocol="HTTP/1.1" redirectPort="8443" />
<Connector port="8443" keystorePass="changeit" protocol="org.apache.coyote.http11.Http11Protocol" maxThreads="150" SSLEnabled="true" scheme="https" secure="true" clientAuth="false" sslProtocol="TLS" />
I have one web application, in which one specific service needs to go through secure https, and other all service should be http, I did:
<Connector port="8443" protocol="HTTP/1.1" SSLEnabled="true"
maxThreads="150" scheme="https" secure="true"
keystoreFile="${user.home}/keystore/keystore.jks" keystorePass="test"
truststoreFile="${user.home}/keystore/keystore.jks" truststorePass="test"
truststoreType="JKS" disableUploadTimeout="true"
enableLookups="true" maxHttpHeaderSize="8192"
maxSpareThreads="75" minSpareThreads="25"
clientAuth="true" sslProtocol="TLS" />
but it expects every service as https, is their a way I can configure tomcat which fulfill my requirement?
You can run both both HTTP and HTTPS on same server, just add another connector for http.
<Connector port="80" protocol="HTTP/1.1"
maxThreads="150"
disableUploadTimeout="true"
enableLookups="true" maxHttpHeaderSize="8192"
maxSpareThreads="75" minSpareThreads="25" />
<Connector port="8443" protocol="HTTP/1.1" SSLEnabled="true"
maxThreads="150" scheme="https" secure="true"
keystoreFile="${user.home}/keystore/keystore.jks" keystorePass="test"
truststoreFile="${user.home}/keystore/keystore.jks" truststorePass="test"
truststoreType="JKS" disableUploadTimeout="true"
enableLookups="true" maxHttpHeaderSize="8192"
maxSpareThreads="75" minSpareThreads="25"
clientAuth="true" sslProtocol="TLS" />
I am using Tomcat 5.5 & JDK 1.5.0_21. Tomcat 5.5 is successful started. I need to access tomcat in secure mode, but not able to access the application using 'https:localhost' but able to access as 'http:localhost:portno.'.
The SSL settings is as below :
<!-- Define a non-SSL HTTP/1.1 Connector on port 8080 -->
<Connector URIEncoding="UTF-8" acceptCount="100" connectionTimeout="20000" disableUploadTimeout="true" enableLookups="false" maxHttpHeaderSize="8192" maxSpareThreads="75" maxThreads="150" minSpareThreads="25" port="8080" redirectPort="443"/>
<!-- Define a SSL HTTP/1.1 Connector on port 8443 -->
<Connector URIEncoding="UTF-8" acceptCount="100" clientAuth="false" debug="0" disableUploadTimeout="true" enableLookups="false" keystoreFile=".keystore" maxSpareThreads="75" maxThreads="150" minSpareThreads="25" port="443" scheme="https" secure="true" sslProtocol="TLS"/>
Would there be any other server setting issue or browser settings i need to check for ? Please suggest
Thanks in Advance
You have a typo in the SSL configuration.
port="443"
Change it to port="8443"
I am working on alfresco. which is hosted on tomcat.. my clients are connected to CIFS / Webdav .. but at certain period of time i am continuously getting the
java.net.SocketTimeoutException: Read timed out error in the log..
can i decrease the time out period the server.xml file in tomcat
<Connector port="8080" protocol="HTTP/1.1" URIEncoding="UTF-8"
connectionTimeout="20000"
redirectPort="8443" />
Is it help full to resolve the error..
Regards,
Krishna
Try this config:
<Connector port="8080"
protocol="org.apache.coyote.http11.Http11NioProtocol"
redirectPort="8443"
maxHttpHeaderSize="8192"
maxThreads="150"
minSpareThreads="25"
maxSpareThreads="75"
enableLookups="false"
acceptCount="100"
connectionTimeout="20000" disableUploadTimeout="true"
compression="on"
compressionMinSize="2048"
noCompressionUserAgents="gozilla, traviata"
compressableMimeType="text/html,text/xml,text/plain,text/javascript,text/css"
/>
You can turn of the compression if you think you don't need it. This is for Tomcat 6 and up.