From: Christopher Schultz
Reply-To: Tomcat Users List
Date: Thursday 11 June 2015 09:12
To: Tomcat Users List
Subject: Re: TCP connections reuse
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Maxim,
On 6/10/15 4:12 AM, Maxim Neshcheret wrote:
I have java http client which sends periodic
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Arthur,
On 6/11/15 4:34 PM, Arthur Ramsey wrote:
> On 06/11/2015 02:35 PM, Christopher Schultz wrote: Arthur,
>
> On 6/11/15 2:14 PM, Arthur Ramsey wrote:
Is anyone aware of a way to mitigate the Logjam attack with
tomcat 7 and java 7?
>
On 06/11/2015 02:35 PM, Christopher Schultz wrote:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Arthur,
On 6/11/15 2:14 PM, Arthur Ramsey wrote:
Is anyone aware of a way to mitigate the Logjam attack with tomcat
7 and java 7?
Disable DHE_EXPORT on the server?
I believe I have, but Qualys S
Exactly!
When I run "keytool -list ...", the PrivateKeyEntry now has the
fingerprint for SSL certificate.
I belived that I had lost private key, and I would have to do it all
again (keystore/CSR/intermed/SSL).
I still import the SSL certificate with alias tomcat, and it appears in
keytool as a t
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Adriano,
On 6/11/15 2:31 PM, Adriano Matos Meier wrote:
> I had success when I re-import SSL certificate using same name
> alias of PrivateKeyEntry and name alias used when I generate CSR
> (repository).
That was going to be my second suggestion.
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Arthur,
On 6/11/15 2:14 PM, Arthur Ramsey wrote:
> Is anyone aware of a way to mitigate the Logjam attack with tomcat
> 7 and java 7?
Disable DHE_EXPORT on the server?
> I use tcnative and openssl-1.0.2a both compiled from source in
> production
Chris.
I had success when I re-import SSL certificate using same name alias of
PrivateKeyEntry and name alias used when I generate CSR (repository).
It's ok now!
Thank you very much!!!
Adriano
Em Qui, 2015-06-11 às 09:59 -0400, Christopher Schultz escreveu:
> Adriano,
>
> On 6/11/15 9:45 AM,
Is anyone aware of a way to mitigate the Logjam attack with tomcat 7 and
java 7? I use tcnative and openssl-1.0.2a both compiled from source in
production today, but I would be open to JSSE too. I believe I need
Java 8 to mitigate CVE-2015-4000 with JSSE. I don't see anyway to use a
unique 2
Configuration reference:
https://tomcat.apache.org/tomcat-7.0-doc/jdbc-pool.html
On Thu, Jun 11, 2015 at 6:58 PM, Filip Hanik wrote:
> set the properties
>
> logAbandoned="true"
> removeAbandoned="true"
> removeAbandonedTimeout="60" (value is in seconds, should be larger than
> your longest runn
set the properties
logAbandoned="true"
removeAbandoned="true"
removeAbandonedTimeout="60" (value is in seconds, should be larger than
your longest running transaction)
timeBetweenEvictionRunsMillis="15000" (value is in milliseconds)
if you have a leak (meaning your code is not returning the conne
Good Day All,
I am having a problem with a connection pool and I was hoping for some guidance.
I have defined the connection pool below for two deployed applications to use.
When I bounce the server I can see that it immediately crates 100 connections
to the DB. (I am ok with this, but that i
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Adriano,
On 6/11/15 9:45 AM, Adriano Matos Meier wrote:
>>> I tried to add keyAlias="server" in my server.xml, but I
>>> received this error:
>>
>> What does "keytool -list" show for that keystore?
>
> It returns 3 entries:
>
> 1 PrivateKeyEntry
Hi Chris.
It returns 3 entries:
1 PrivateKeyEntry (Private Key) - alias repository
1 trustedCertEntry (Intermediate certificate) - alias intermed
1 trustedCertEntry (SSL certificate) - alias server
Thanks for your attention!
Adriano
Em Qui, 2015-06-11 às 09:35 -0400, Christopher Schultz escr
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Adriano,
On 6/11/15 7:18 AM, Adriano Matos Meier wrote:
> I need update the SSL certificate in Tomcat 6.x.
>
> First I did:
>
> 1) Generate keystore keytool -genkeypair -alias repository -keyalg
> RSA -keysize 2048 -sigalg SHA256withRSA -keystore
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Leonid,
On 6/11/15 4:18 AM, Leonid Rozenblyum wrote:
> Hello. Just to double-check. By writing own login-handler, do you
> mean, overriding FormAuthenticator.authenticate() (looks risky
> since it's a big method which can change from one to another
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Chedana,
On 6/11/15 12:42 AM, chedana jayasinghe wrote:
> HI, In my web application, in a jsp there is a javascript which
> sends request to a servlet every twenty seconds, so it kills my
> applications user idle time tracking by resetting the last
Hi.
I need update the SSL certificate in Tomcat 6.x.
First I did:
1) Generate keystore
keytool -genkeypair -alias repository -keyalg RSA -keysize 2048 -sigalg
SHA256withRSA -keystore /usr/local/tomcat6/keystore/keystore2015.jks
2) Generate CSR
keytool -certreq -alias repository -keyalg RSA -key
Hello.
Just to double-check.
By writing own login-handler, do you mean, overriding
FormAuthenticator.authenticate() (looks risky since it's a big method
which can change from one to another Tomcat version)?
Or are there more painless ways to inject such custom login handler?
On Thu, May 28, 2015
18 matches
Mail list logo
