LinuxQuestions.org
Review your favorite Linux distribution.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Newbie
User Name
Password
Linux - Newbie This Linux forum is for members that are new to Linux.
Just starting out and have a question? If it is not in the man pages or the how-to's this is the place!

Notices

Reply
 
Search this Thread
Old 04-28-2010, 01:42 AM   #1
fernfrancis
Member
 
Registered: Feb 2009
Location: Goa(India)-Sharjah(UAE)
Distribution: RHEL,centos,fedora,ubuntu
Posts: 224

Rep: Reputation: 18
tomcat issue


hi i had posted a query yesterday regarding this issue but possibly due to some error the query got added twice and i received a message that the post is closed if anyone has a solutionto htis problem please help its urgent

I am trying to configure tomcat on port 8443 using the following document http://thedaneshproject.com/posts/ho...l-on-tomcat-5/

instead of changing the port to 443 i kept it as 8443.
i set the ip tables as follows
/sbin/iptables -A INPUT -i eth0 -p tcp --destination-port 8443 -j ACCEPT

/sbin/iptables -A INPUT -i eth0 -s 10.200.2.0/24 -p tcp --destination-port 8443 -j ACCEPT
service iptables save

restarted the tomcat service tomcat works on http://10.200.2.191:8080/
but it doesnt on https://10.200.2.191:8443


i did a little investigation of my own using nmap and found that the port 8443 is not open instead of making changes in the firewall table

can someone help me with this
 
Old 04-28-2010, 03:26 AM   #2
bathory
Guru
 
Registered: Jun 2004
Location: Piraeus
Distribution: Slackware
Posts: 10,907

Rep: Reputation: 1326Reputation: 1326Reputation: 1326Reputation: 1326Reputation: 1326Reputation: 1326Reputation: 1326Reputation: 1326Reputation: 1326Reputation: 1326
Hi,

Is tomcat running SSL? From the box running tomcat use:
Code:
netstat -tan|grep 8443
to see if it's listening on 8443 port
 
Old 04-28-2010, 04:14 AM   #3
fernfrancis
Member
 
Registered: Feb 2009
Location: Goa(India)-Sharjah(UAE)
Distribution: RHEL,centos,fedora,ubuntu
Posts: 224

Original Poster
Rep: Reputation: 18
netstat -tan | grep 8080 give me
tcp 0 0 :::8080 :::* LISTEN
tcp 0 0 ::ffff:127.0.0.1:55383 ::ffff:127.0.0.1:8080 TIME_WAIT

but netstat -tan | grep 8443
nothing

means it not listening.
 
Old 04-28-2010, 04:33 AM   #4
bathory
Guru
 
Registered: Jun 2004
Location: Piraeus
Distribution: Slackware
Posts: 10,907

Rep: Reputation: 1326Reputation: 1326Reputation: 1326Reputation: 1326Reputation: 1326Reputation: 1326Reputation: 1326Reputation: 1326Reputation: 1326Reputation: 1326
Yes, it means it's not listening on the secure port, because tomcat is not running in ssl mode.
Take a look at catalina.out to see if you find the reason.
Or post the configuration steps you've taken to configure ssl

Regards
 
Old 04-28-2010, 05:52 AM   #5
fernfrancis
Member
 
Registered: Feb 2009
Location: Goa(India)-Sharjah(UAE)
Distribution: RHEL,centos,fedora,ubuntu
Posts: 224

Original Poster
Rep: Reputation: 18
i followed the steps from this website
http://thedaneshproject.com/posts/ho...l-on-tomcat-5/
exactly followed each and every step but it doesnt seems to work
 
Old 04-28-2010, 06:13 AM   #6
bathory
Guru
 
Registered: Jun 2004
Location: Piraeus
Distribution: Slackware
Posts: 10,907

Rep: Reputation: 1326Reputation: 1326Reputation: 1326Reputation: 1326Reputation: 1326Reputation: 1326Reputation: 1326Reputation: 1326Reputation: 1326Reputation: 1326
The guide is quite right, so you must have done something wrong
What is the output of catalina.out?
 
Old 04-28-2010, 06:59 AM   #7
fernfrancis
Member
 
Registered: Feb 2009
Location: Goa(India)-Sharjah(UAE)
Distribution: RHEL,centos,fedora,ubuntu
Posts: 224

Original Poster
Rep: Reputation: 18
i think the problem is with the keystore password i didnt use the default password changeit.
now when i try i get this error
keytool error: java.io.IOException: Keystore was tampered with, or password was incorrect

output of catalina.out
[root@demodb ~]# tail -f /usr/local/tomcat/logs/catalina.out
Apr 28, 2010 2:39:19 PM org.apache.catalina.startup.HostConfig deployDirectory
INFO: Deploying web application directory ROOT
Apr 28, 2010 2:39:19 PM org.apache.coyote.http11.Http11Protocol start
INFO: Starting Coyote HTTP/1.1 on http-8080
Apr 28, 2010 2:39:19 PM org.apache.jk.common.ChannelSocket init
INFO: JK: ajp13 listening on /0.0.0.0:8009
Apr 28, 2010 2:39:19 PM org.apache.jk.server.JkMain start
INFO: Jk running ID=0 time=0/37 config=null
Apr 28, 2010 2:39:19 PM org.apache.catalina.startup.Catalina start
INFO: Server startup in 879 ms

Last edited by fernfrancis; 04-28-2010 at 07:01 AM.
 
Old 04-28-2010, 07:10 AM   #8
bathory
Guru
 
Registered: Jun 2004
Location: Piraeus
Distribution: Slackware
Posts: 10,907

Rep: Reputation: 1326Reputation: 1326Reputation: 1326Reputation: 1326Reputation: 1326Reputation: 1326Reputation: 1326Reputation: 1326Reputation: 1326Reputation: 1326
You have to add keystorePass="password" inside the SSL connector definition. Of course change the word password with the actual password you've used

Regards
 
Old 04-28-2010, 07:21 AM   #9
fernfrancis
Member
 
Registered: Feb 2009
Location: Goa(India)-Sharjah(UAE)
Distribution: RHEL,centos,fedora,ubuntu
Posts: 224

Original Poster
Rep: Reputation: 18
its not taking the actual password nor the original password how do i reset it back to normal
 
Old 04-28-2010, 07:34 AM   #10
bathory
Guru
 
Registered: Jun 2004
Location: Piraeus
Distribution: Slackware
Posts: 10,907

Rep: Reputation: 1326Reputation: 1326Reputation: 1326Reputation: 1326Reputation: 1326Reputation: 1326Reputation: 1326Reputation: 1326Reputation: 1326Reputation: 1326
If by "back to normal" you mean to ditch ssl, you can comment out the ssl connector part in server.xml.
If you want to use ssl, you can re-run the keytool command to create a new keystore with the password you want and use them into the ssl connector definition.

Last edited by bathory; 04-28-2010 at 07:52 AM.
 
Old 04-28-2010, 07:36 AM   #11
fernfrancis
Member
 
Registered: Feb 2009
Location: Goa(India)-Sharjah(UAE)
Distribution: RHEL,centos,fedora,ubuntu
Posts: 224

Original Poster
Rep: Reputation: 18
thanx a lot
problem solved i just uninstalled java and reinstalled it back
keystore started working
then added the passowrd to server.xml
thats it
everything went smooth

thanx once again
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Issue with tomcat ? your_shadow03 Linux - Newbie 1 12-15-2009 01:37 AM
Tomcat 5 issue varun2109 Linux - Server 0 10-06-2009 07:40 AM
Tomcat on REL5 Issue hushpuppies Red Hat 1 08-16-2007 11:51 PM
Tomcat-5.5.23 issue. brave heart Linux - Server 13 08-08-2007 03:44 AM
Tomcat Issue varunbihani Linux - General 0 12-06-2004 05:35 AM


All times are GMT -5. The time now is 10:01 AM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration