On 10/09/2020 21:23, Brian Harris wrote:
> Thanks Christopher. You just nailed it buddy. I changed them all to \r\n
> and it got a 200. I was completely overlooking that as it had never
caused
> a problem before. Something in 8.5.51 would not allow that anymore.
That is the fix for CVE-2020-19
> Also note that calling reloadSslHostConfigs does NOT re-read server.xml.
It re-initializes the existing in-memory configuration. If you want to e.g.
change the key alias, you'll have to make a JMX call to update the alias
and THEN call reloadSslHostConfigs.
*THAT *is probably my problem. Do yo
Thanks Christopher. You just nailed it buddy. I changed them all to \r\n
and it got a 200. I was completely overlooking that as it had never caused
a problem before. Something in 8.5.51 would not allow that anymore.
On Thu, Sep 10, 2020 at 4:07 PM Christopher Schultz <
ch...@christopherschultz
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Eric,
On 9/10/20 15:29, Eric Robinson wrote:
> Chris --
>
>
>> You should also look at worker-thread availability. When you see
>> these "high latency" (which is usually a term reserved for I/O
>> characterization) events, do you have:>> 1. Availab
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Brian,
On 9/10/20 13:13, Brian Harris wrote:
> We’re having an issue when upgrading Tomcat from 8.5.50 to 8.5.51.
> Since moving to this version, requests sent to the http port are
> failing with a 400 error code(bad request). The server.xml is
> c
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Daniel,
On 9/10/20 13:33, Daniel Skiles wrote:
> In this case, I didn't remove every certificate, but I did remove
> the certificate that was originally being referenced after adding a
> new certificate under a new alias.
>
> Original Keystore: Alia
Chris --
> You should also look at worker-thread availability. When you see these "high
> latency" (which is usually a term reserved for I/O
> characterization) events, do you have:
>
> 1. Available worker threads (from the executor thread pool)
> 2. Any other shared/limited resource (e.g. DB con
In this case, I didn't remove every certificate, but I did remove the
certificate that was originally being referenced after adding a new
certificate under a new alias.
Original Keystore:
Alias A
Server.xml _default_ SSLHostConfig points to Alias A
After Modification:
Alias B
Server.xml _default_
We’re having an issue when upgrading Tomcat from 8.5.50 to 8.5.51. Since
moving to this version, requests sent to the http port are failing with a
400 error code(bad request). The server.xml is configured to redirect the
http port to the https port. This has worked for years and did not start
fa
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Daniel,
On 9/10/20 09:09, Daniel Skiles wrote:
> Is it possible to change the keystore alias of the _default_
> SSLHostConfig's certificate while tomcat is running?
>
> At present, I'm trying to move the _default_ certificate from one
> certificate
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Eric,
On 9/9/20 20:42, Eric Robinson wrote:
> Hi Chris --
>
>> Are you have any specific problem you are trying to diagnose or
>> fix? Or are you just academically interested in what conditions
>> might
cause "slow"
>> request processing?
>
> A litt
Is it possible to change the keystore alias of the _default_
SSLHostConfig's certificate while tomcat is running?
At present, I'm trying to move the _default_ certificate from one
certificate in my keystore, to another. I modify the server.xml, then I
call the reloadSslHostConfigs MBean operation
12 matches
Mail list logo
