Copy link to clipboard
Copied
Trying to upgrade the server config to teh new structure for the connectors , uncommented works but tring to get to the one commented out, doing this with a cfusion and cfusion1 on the same server, also have the commented configuration working on a stright Tomcat 9.9.22 instance:
<Connector SSLEnabled="true" ciphers="TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256, TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA, TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384, TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA, TLS_ECDHE_RSA_WITH_RC4_128_SHA, TLS_RSA_WITH_AES_128_CBC_SHA256, TLS_RSA_WITH_AES_128_CBC_SHA,TLS_RSA_WITH_AES_256_CBC_SHA256, TLS_RSA_WITH_AES_256_CBC_SHA,SSL_RSA_WITH_RC4_128_SHA" clientAuth="false" keystoreFile="D:\web\Certificates\eagnmnss58b.usps.gov.jks" keystorePass="password" maxThreads="150" port="8550" protocol="HTTP/1.1" scheme="https" secure="true" sslEnabledProtocols="TLSv1,TLSv1.1,TLSv1.2" sslProtocol="TLS"/>
<Connector connectionTimeout="60000" maxThreads="500" packetSize="65535" port="8018" protocol="AJP/1.3" />
<!-- Alternate
<Connector protocol="HTTP/1.1" SSLEnabled="true" scheme="https" port="8554"
maxThreads="150" secure="true" sslProtocol="TLS" defaultSSLHostConfigName="_default_">
<SSLHostConfig protocols="TLSv1.1,TLSv1.2,TLSv1.3" hostName="_default_"
ciphers="TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256, TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA, TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384, TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA, TLS_ECDHE_RSA_WITH_RC4_128_SHA, TLS_RSA_WITH_AES_128_CBC_SHA256, TLS_RSA_WITH_AES_128_CBC_SHA,TLS_RSA_WITH_AES_256_CBC_SHA256, TLS_RSA_WITH_AES_256_CBC_SHA,SSL_RSA_WITH_RC4_128_SHA"
certificateVerification="none" >
<Certificate
certificateFile="D:\web\keystore\eagnmnss58b.usps.gov.jks"
certificateChainFile="D:\web\keystore\eagnmnss58b.usps.gov.jks"
certificateKeyAlias="eagnmnss58b.usps.gov"
certificateKeyPassword="password"
certificateKeystoreFile="D:\web\keystore\eagnmnss58b.usps.gov.jks"
certificateKeystorePassword="password"
type="RSA"
/>
when unommented get the following:
</SSLHostConfig>
</Connector>
-->
coldfusion-error.log
----------
Apr 13, 2020 2:28:31 PM org.apache.catalina.startup.SetAllPropertiesRule begin
WARNING: [SetAllPropertiesRule]{Server/Service/Connector} Setting property 'protocol' to 'HTTP/1.1' did not find a matching property.
Apr 13, 2020 2:28:31 PM org.apache.tomcat.util.digester.Digester endElement
WARNING: No rules found matching [Server/Service/Connector/SSLHostConfig/Certificate]
Apr 13, 2020 2:28:31 PM org.apache.tomcat.util.digester.Digester endElement
WARNING: No rules found matching [Server/Service/Connector/SSLHostConfig]
Apr 13, 2020 2:28:31 PM org.apache.catalina.startup.SetAllPropertiesRule begin
WARNING: [SetAllPropertiesRule]{Server/Service/Connector} Setting property 'protocol' to 'AJP/1.3' did not find a matching property.
Apr 13, 2020 2:28:31 PM org.apache.tomcat.util.digester.Digester endElement
WARNING: No rules found matching [Server/Service/Engine/Manager]
Apr 13, 2020 2:28:32 PM org.apache.catalina.core.AprLifecycleListener lifecycleEvent
INFO: Loaded APR based Apache Tomcat Native library [1.2.21] using APR version [1.6.5].
Apr 13, 2020 2:28:32 PM org.apache.catalina.core.AprLifecycleListener lifecycleEvent
INFO: APR capabilities: IPv6 [true], sendfile [true], accept filters [false], random [true].
Apr 13, 2020 2:28:32 PM org.apache.catalina.core.AprLifecycleListener lifecycleEvent
INFO: APR/OpenSSL configuration: useAprConnector [false], useOpenSSL [true]
Apr 13, 2020 2:28:32 PM org.apache.catalina.core.AprLifecycleListener initializeSSL
INFO: OpenSSL successfully initialized [OpenSSL 1.1.1a 20 Nov 2018]
Apr 13, 2020 2:28:32 PM org.apache.coyote.AbstractProtocol init
INFO: Initializing ProtocolHandler ["https-openssl-nio-8554"]
Apr 13, 2020 2:28:33 PM org.apache.catalina.util.LifecycleBase handleSubClassException
SEVERE: Failed to initialize component [Connector[HTTP/1.1-8554]]
org.apache.catalina.LifecycleException: Protocol handler initialization failed
at org.apache.catalina.connector.Connector.initInternal(Connector.java:983)
at org.apache.catalina.util.LifecycleBase.init(LifecycleBase.java:136)
at org.apache.catalina.core.StandardService.initInternal(StandardService.java:533)
at org.apache.catalina.util.LifecycleBase.init(LifecycleBase.java:136)
at org.apache.catalina.core.StandardServer.initInternal(StandardServer.java:1059)
at org.apache.catalina.util.LifecycleBase.init(LifecycleBase.java:136)
at com.adobe.coldfusion.launcher.Launcher.run(Launcher.java:949)
at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
at java.base/jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
at java.base/java.lang.reflect.Method.invoke(Method.java:566)
at com.adobe.coldfusion.bootstrap.Bootstrap.init(Bootstrap.java:100)
at com.adobe.coldfusion.bootstrap.Bootstrap.main(Bootstrap.java:185)
Caused by: java.lang.IllegalArgumentException
at org.apache.tomcat.util.net.AbstractJsseEndpoint.createSSLContext(AbstractJsseEndpoint.java:99)
at org.apache.tomcat.util.net.AbstractJsseEndpoint.initialiseSsl(AbstractJsseEndpoint.java:71)
at org.apache.tomcat.util.net.NioEndpoint.bind(NioEndpoint.java:218)
at org.apache.tomcat.util.net.AbstractEndpoint.bindWithCleanup(AbstractEndpoint.java:1124)
at org.apache.tomcat.util.net.AbstractEndpoint.init(AbstractEndpoint.java:1137)
at org.apache.coyote.AbstractProtocol.init(AbstractProtocol.java:574)
at org.apache.coyote.http11.AbstractHttp11Protocol.init(AbstractHttp11Protocol.java:74)
at org.apache.catalina.connector.Connector.initInternal(Connector.java:980)
... 12 more
Caused by: java.io.IOException
at org.apache.tomcat.util.net.SSLUtilBase.getKeyManagers(SSLUtilBase.java:299)
at org.apache.tomcat.util.net.openssl.OpenSSLUtil.getKeyManagers(OpenSSLUtil.java:98)
at org.apache.tomcat.util.net.SSLUtilBase.createSSLContext(SSLUtilBase.java:247)
at org.apache.tomcat.util.net.AbstractJsseEndpoint.createSSLContext(AbstractJsseEndpoint.java:97)
... 19 more
Apr 13, 2020 2:28:33 PM org.apache.coyote.AbstractProtocol init
INFO: Initializing ProtocolHandler ["ajp-nio-127.0.0.1-8019"]
-----------------------
Have something to add?