Re: [VOTE] Release Apache Tomcat 9.0.0.M2

Sat, 23 Jan 2016 11:03:46 -0800 

Hi Rémy,


On Sat, Jan 23, 2016 at 6:37 PM, Rémy Maucherat <r...@apache.org> wrote:

> 2016-01-23 17:51 GMT+01:00 Martin Grigorov <mgrigo...@apache.org>:
>
> > Hi,
> > 23-Jan-2016 17:36:58.900 SEVERE [main]
> > org.apache.coyote.AbstractProtocol.init Failed to initialize end point
> > associated with ProtocolHandler ["https-apr-8443"]
> >  java.lang.NullPointerException
> >         at
> > org.apache.tomcat.util.net.AprEndpoint.bind(AprEndpoint.java:366)
> >
>
>
> > Line 366 is: for (String protocol : sslHostConfig.getEnabledProtocols())
> {
> > sshHostConfig is used earlier, so it seems the result of
> > #getEnabledProtocols() is null.
> >
> > My conf/server.conf looks like:
> > <Connector port="8443"
> > protocol="org.apache.coyote.http11.Http11AprProtocol"
> >                maxThreads="150" SSLEnabled="true" >
> >         <UpgradeProtocol
> className="org.apache.coyote.http2.Http2Protocol"
> > />
> >         <SSLHostConfig honorCipherOrder="false" >
> >             <Certificate
> > certificateKeyFile="/tmp/tc9.0.0.M2/private-key.pem"
> >                          certificateFile="/tmp/tc9.0.0.M2/cert.pem"
> >                          type="RSA" />
> >         </SSLHostConfig>
> >     </Connector>
> >
> > I just uncommented it and changed the paths to the certificate files.
> >
> > I run Ubuntu 15.10, Apr 1.5.2, Openssl 1.0.2e, Tomcat Native 1.2.4.
> > Please let me know if you need more information!
> >
> > Ok, well, it doesn't work ... Maybe it would be a great time to give a
> shot to the NIO(2) + OpenSSL support ! :)
>

What changes I should apply to be able to test HTTP2 ?
I've changed the protocol:
<Connector port="8443"
protocol="org.apache.coyote.http11.Http11Nio2Protocol"
               maxThreads="150" SSLEnabled="true" >
        <UpgradeProtocol className="org.apache.coyote.http2.Http2Protocol"
/>
        <SSLHostConfig honorCipherOrder="false" >
            <Certificate certificateKeyFile="/tmp/tc9.0.1/private-key.pem"
                         certificateFile="/tmp/tc9.0.1/cert.pem"
                         type="RSA" />
        </SSLHostConfig>
    </Connector>

and created ~/.keystore.
Now I can start Tomcat and test my apps successfully with HTTP 1.1.
The "Server" response header is "Apache-Coyote/1.1". And my plugin for
Google Chrome says that SPDY/HTTP2 is not enabled.


>
> Besides that, the JSSE code went into a refactoring, and the APR connector
> didn't get it. The enabled protocols are now parsed in the superclass of
> the SSLUtil and the set on the host config, that doesn't happen with APR. I
> don't really understand why the APR connector didn't continue using
> sslHostConfig.getProtocols.
>
> Rémy
>

Reply via email to