> From: Caldarale, Charles R
> Subject: RE: Webapp reloading issue and intermittent 404 errors
>
> Given the test on lines 129-130, it is impossible to have a -1 at line
> 131 - unless there's a JVM bug.

6u21 was just released tonight, so you might give that a shot and see if the problem has been addressed.

Included in 6u21 are fixes for the problems described here:
http://bugs.sun.com/bugdatabase/view_bug.do?bug_id=6875866
http://bugs.sun.com/bugdatabase/view_bug.do?bug_id=6935535

Both seem to have a lot in common with the issue under discussion.

There's another String-related fix in the bug list, but the details are not retrievable at the moment:
http://bugs.sun.com/bugdatabase/view_bug.do?bug_id=6948602

- Chuck


THIS COMMUNICATION MAY CONTAIN CONFIDENTIAL AND/OR OTHERWISE PROPRIETARY MATERIAL and is thus for use only by the intended recipient. If you received this in error, please contact the sender and delete the e-mail and its attachments from all computers.

2010/7/8 Caldarale, Charles R <Chuck.Caldarale@(protected)>:
>> From: Caldarale, Charles R
>> Subject: RE: Webapp reloading issue and intermittent 404 errors
>>
>> Given the test on lines 129-130, it is impossible to have a -1 at line
>> 131 - unless there's a JVM bug.
>
> 6u21 was just released tonight, so you might give that a shot and see if the problem has been addressed.
>
> Included in 6u21 are fixes for the problems described here:
> http://bugs.sun.com/bugdatabase/view_bug.do?bug_id=6875866
> http://bugs.sun.com/bugdatabase/view_bug.do?bug_id=6935535
>
> Both seem to have a lot in common with the issue under discussion.
>
> There's another String-related fix in the bug list, but the details are not retrievable at the moment:
> http://bugs.sun.com/bugdatabase/view_bug.do?bug_id=6948602
>

Oh. It matches this case.

The issue names mention "SSE 4.2", so it supposedly happens only on
certain families of Intel CPUs.

http://en.wikipedia.org/wiki/SSE4

Best regards,
Konstantin Kolinko

> From: Konstantin Kolinko [mailto:knst.kolinko@(protected)]
> Subject: Re: Webapp reloading issue and intermittent 404 errors
>
> Oh. It matches this case.

All three seem to.

> The issue names mention "SSE 4.2", so it supposedly happens only on
> certain families of Intel CPUs.

Right - just Nehalem chips (i7). The OP didn't say what the hardware was; even if it's not an i7, the fixes might address the problem, since Sun often doesn't give complete descriptions of fixes.

- Chuck


THIS COMMUNICATION MAY CONTAIN CONFIDENTIAL AND/OR OTHERWISE PROPRIETARY MATERIAL and is thus for use only by the intended recipient. If you received this in error, please contact the sender and delete the e-mail and its attachments from all computers.

> From: Allen Razdow [mailto:arazdow@(protected)]
> Subject: SSL problem
>
> Using Tomcat 6.0.14 on an amazon EC2 server instance

Don't suppose you'd like to try this on a version that's a bit less than three years old? Pretty pointless to debug on something that ancient. Also, what JVM are you using with Tomcat?

> Running keytool -list on it reveals 3 entries:

Are you sure one of those is your Go Daddy certificate? (Use the -v option with -list to display the details.)

> javax.net.ssl.SSLException: No available certificate or key
> corresponds to the SSL cipher suites which are enabled.

What signature algorithms does -list -v show for the Go Daddy certificate?

- Chuck


THIS COMMUNICATION MAY CONTAIN CONFIDENTIAL AND/OR OTHERWISE PROPRIETARY MATERIAL and is thus for use only by the intended recipient. If you received this in error, please contact the sender and delete the e-mail and its attachments from all computers.

Thanks Charles, I was offline most of today...

I'm using a public machine image from Amazon, and that was the version
given. Maybe I'll just start from scratch with the latest.

The sigalg seems to be SHA1withRSA. I gather there is something like a
cipher suite associated with JSEE...not sure how to specify one (the right
one).

JAVA VERSION:

java version "1.6.0_17"
Java(TM) SE Runtime Environment (build 1.6.0_17-b04)

I thought versions above 1.4 had JSEE installed, but maybe there are missing
pieces. I sure wish one of the cert vendors would just sell you a .keystore
file that worked!

-Allen

Verbose keytool -list -v:


#1: ObjectId: 2.5.29.15 Criticality=true
KeyUsage [
Key_CertSign
Crl_Sign
]

#2: ObjectId: 2.5.29.19 Criticality=true
BasicConstraints:[
CA:true
PathLen:0
]

#3: ObjectId: 2.5.29.14 Criticality=false
SubjectKeyIdentifier [
KeyIdentifier [
0000: FD AC 61 32 93 6C 45 D6  E2 EE 85 5F 9A BA E7 76 ..a2.lE...._...v
0010: 99 68 CC E7                           .h..
]
]

#4: ObjectId: 1.3.6.1.5.5.7.1.1 Criticality=false
AuthorityInfoAccess [
[accessMethod: 1.3.6.1.5.5.7.48.1
 accessLocation: URIName: http://ocsp.godaddy.com]
]

#5: ObjectId: 2.5.29.31 Criticality=false
CRLDistributionPoints [
[DistributionPoint:
  [URIName: http://certificates.godaddy.com/repository/gdroot.crl]
]]

#6: ObjectId: 2.5.29.32 Criticality=false
CertificatePolicies [
[CertificatePolicyId: [2.5.29.32.0]
[PolicyQualifierInfo: [
qualifierID: 1.3.6.1.5.5.7.2.1
qualifier: 0000: 16 2A 68 74 74 70 3A 2F  2F 63 65 72 74 69 66 69
.*http://certifi
0010: 63 61 74 65 73 2E 67 6F  64 61 64 64 79 2E 63 6F cates.godaddy.co
0020: 6D 2F 72 65 70 6F 73 69  74 6F 72 79         m/repository

]] ]
]

#7: ObjectId: 2.5.29.35 Criticality=false
AuthorityKeyIdentifier [
KeyIdentifier [
0000: D2 C4 B0 D2 91 D4 4C 11  71 B3 61 CB 3D A1 FE DD ......L.q.a.=...
0010: A8 6A D4 E3                           .j..
]

]



*******************************************
*******************************************


Alias name: tomcat
Creation date: Jul 8, 2010
Entry type: trustedCertEntry

Owner: CN=*.truenumbers.com, OU=Domain Control Validated,
O=*.truenumbers.com
Issuer: SERIALNUMBER=07969287, CN=Go Daddy Secure Certification Authority,
OU=http://certificates.godaddy.com/repository, O="GoDaddy.com, Inc.",
L=Scottsdale, ST=Arizona, C=US
Serial number: 449ec6f045efd
Valid from: Sun Jun 27 19:22:11 EDT 2010 until: Mon Jun 27 19:22:11 EDT 2011
Certificate fingerprints:
     MD5: 73:B5:1A:91:E5:F5:56:A1:10:8A:95:E1:A5:7A:0D:AF
     SHA1: ED:C0:D5:7D:C1:DB:BF:12:68:F9:87:99:63:1D:59:3C:75:6B:C9:84
     Signature algorithm name: SHA1withRSA
     Version: 3

Extensions:

#1: ObjectId: 2.5.29.15 Criticality=true
KeyUsage [
DigitalSignature
Key_Encipherment
]

#2: ObjectId: 2.5.29.19 Criticality=true
BasicConstraints:[
CA:false
PathLen:2147483647
]

#3: ObjectId: 2.5.29.14 Criticality=false
SubjectKeyIdentifier [
KeyIdentifier [
0000: 22 75 BA 70 0B 1D AB BF  C3 77 64 8B 70 23 35 5E "u.p.....wd.p#5^
0010: C9 AB D9 7F                           ....
]
]

#4: ObjectId: 1.3.6.1.5.5.7.1.1 Criticality=false
AuthorityInfoAccess [
[accessMethod: 1.3.6.1.5.5.7.48.1
 accessLocation: URIName: http://ocsp.godaddy.com/, accessMethod:
1.3.6.1.5.5.7.48.2
 accessLocation: URIName:
http://certificates.godaddy.com/repository/gd_intermediate.crt]
]

#5: ObjectId: 2.5.29.31 Criticality=false
CRLDistributionPoints [
[DistributionPoint:
  [URIName: http://crl.godaddy.com/gds1-19.crl]
]]

#6: ObjectId: 2.5.29.32 Criticality=false
CertificatePolicies [
[CertificatePolicyId: [2.16.840.1.114413.1.7.23.1]
[PolicyQualifierInfo: [
qualifierID: 1.3.6.1.5.5.7.2.1
qualifier: 0000: 16 2B 68 74 74 70 3A 2F  2F 63 65 72 74 69 66 69
.+http://certifi
0010: 63 61 74 65 73 2E 67 6F  64 61 64 64 79 2E 63 6F cates.godaddy.co
0020: 6D 2F 72 65 70 6F 73 69  74 6F 72 79 2F       m/repository/

]] ]
]

#7: ObjectId: 2.5.29.37 Criticality=false
ExtendedKeyUsages [
serverAuth
clientAuth
]

#8: ObjectId: 2.5.29.35 Criticality=false
AuthorityKeyIdentifier [
KeyIdentifier [
0000: FD AC 61 32 93 6C 45 D6  E2 EE 85 5F 9A BA E7 76 ..a2.lE...._...v
0010: 99 68 CC E7                           .h..
]

]

#9: ObjectId: 2.5.29.17 Criticality=false
SubjectAlternativeName [
DNSName: *.truenumbers.com
DNSName: truenumbers.com
]



*******************************************
*******************************************


Alias name: cross
Creation date: Jul 8, 2010
Entry type: trustedCertEntry

Owner: OU=Go Daddy Class 2 Certification Authority, O="The Go Daddy Group,
Inc.", C=US
Issuer: EMAILADDRESS=info@(protected)/,
OU=ValiCert Class 2 Policy Validation Authority, O="ValiCert, Inc.",
L=ValiCert Validation Network
Serial number: 10d
Valid from: Tue Jun 29 13:06:20 EDT 2004 until: Sat Jun 29 13:06:20 EDT 2024
Certificate fingerprints:
     MD5: 82:BD:9A:0B:82:6A:0E:3E:91:AD:3E:27:04:2B:3F:45
     SHA1: DE:70:F4:E2:11:6F:7F:DC:E7:5F:9D:13:01:2B:7E:68:7A:3B:2C:62
     Signature algorithm name: SHA1withRSA
     Version: 3

Extensions:

#1: ObjectId: 2.5.29.15 Criticality=true
KeyUsage [
Key_CertSign
Crl_Sign
]

#2: ObjectId: 2.5.29.19 Criticality=true
BasicConstraints:[
CA:true
PathLen:2147483647
]

#3: ObjectId: 2.5.29.14 Criticality=false
SubjectKeyIdentifier [
KeyIdentifier [
0000: D2 C4 B0 D2 91 D4 4C 11  71 B3 61 CB 3D A1 FE DD ......L.q.a.=...
0010: A8 6A D4 E3                           .j..
]
]

#4: ObjectId: 1.3.6.1.5.5.7.1.1 Criticality=false
AuthorityInfoAccess [
[accessMethod: 1.3.6.1.5.5.7.48.1
 accessLocation: URIName: http://ocsp.godaddy.com]
]

#5: ObjectId: 2.5.29.31 Criticality=false
CRLDistributionPoints [
[DistributionPoint:
  [URIName: http://certificates.godaddy.com/repository/root.crl]
]]

#6: ObjectId: 2.5.29.32 Criticality=false
CertificatePolicies [
[CertificatePolicyId: [2.5.29.32.0]
[PolicyQualifierInfo: [
qualifierID: 1.3.6.1.5.5.7.2.1
qualifier: 0000: 16 2A 68 74 74 70 3A 2F  2F 63 65 72 74 69 66 69
.*http://certifi
0010: 63 61 74 65 73 2E 67 6F  64 61 64 64 79 2E 63 6F cates.godaddy.co
0020: 6D 2F 72 65 70 6F 73 69  74 6F 72 79         m/repository

]] ]
]

#7: ObjectId: 2.5.29.35 Criticality=false
AuthorityKeyIdentifier [
[EMAILADDRESS=info@(protected)
Class 2 Policy Validation Authority, O="ValiCert, Inc.", L=ValiCert
Validation Network]
SerialNumber: [   01]
]



*******************************************
*******************************************


[root@(protected) ~]#

> -----Original Message-----
> From: Caldarale, Charles R [mailto:Chuck.Caldarale@(protected)]
> Sent: Thursday, July 08, 2010 2:41 PM
> To: Tomcat Users List
> Subject: RE: SSL problem
>
> > From: Allen Razdow [mailto:arazdow@(protected)]
> > Subject: SSL problem
> >
> > Using Tomcat 6.0.14 on an amazon EC2 server instance
>
> Don't suppose you'd like to try this on a version that's a bit less than
> three years old? Pretty pointless to debug on something that ancient.
> Also, what JVM are you using with Tomcat?
>
> > Running keytool -list on it reveals 3 entries:
>
> Are you sure one of those is your Go Daddy certificate? (Use the -v
> option with -list to display the details.)
>
> > javax.net.ssl.SSLException: No available certificate or key
> > corresponds to the SSL cipher suites which are enabled.
>
> What signature algorithms does -list -v show for the Go Daddy certificate?
>
> - Chuck
>
>
> THIS COMMUNICATION MAY CONTAIN CONFIDENTIAL AND/OR OTHERWISE PROPRIETARY
> MATERIAL and is thus for use only by the intended recipient. If you
> received this in error, please contact the sender and delete the e-mail
> and its attachments from all computers.
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: users-unsubscribe@(protected)
> For additional commands, e-mail: users-help@(protected)

I am surprised .I installed Tomcat and when ever I am trying to access
http://192.168.1.5:9090
it is not starting.

Here are the error logs which say port 9090 is already in use where as
I have just rebooted the server.
http://pastebin.com/7t9q9AJv
http://pastebin.com/fUeR1ASj
http://pastebin.com/i7mEubXf
is there any clue as what might have happned.

--
Tapas
http://mightydreams.blogspot.com
http://wiki.xensource.com/xenwiki/Xen_on_4_app_servers

On 8 Jul 2010, at 08:03, Tapas Mishra <mightydreams@(protected):

> I am surprised .I installed Tomcat and when ever I am trying to access
> http://192.168.1.5:9090
> it is not starting.
>
> Here are the error logs which say port 9090 is already in use where as
> I have just rebooted the server.
> http://pastebin.com/7t9q9AJv
> http://pastebin.com/fUeR1ASj
> http://pastebin.com/i7mEubXf
> is there any clue as what might have happned.

I can't get pastebin to work on this device.

Which exact version of Tomcat, JVM, OS are you using.

Please post your server.xml with all comments and passwords removed.


p


>
> --
> Tapas
> http://mightydreams.blogspot.com
> http://wiki.xensource.com/xenwiki/Xen_on_4_app_servers
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: users-unsubscribe@(protected)
> For additional commands, e-mail: users-help@(protected)
>

Hi thanks for your reply I have removed Tomcat from the server and re
installed it.
It is working now.

On Thu, Jul 8, 2010 at 2:46 PM, Pid <pid@(protected):
> On 8 Jul 2010, at 08:03, Tapas Mishra <mightydreams@(protected):
>
>> I am surprised .I installed Tomcat and when ever I am trying to access
>> http://192.168.1.5:9090
>> it is not starting.
>>
>> Here are the error logs which say port 9090 is already in use where as
>> I have just rebooted the server.
>> http://pastebin.com/7t9q9AJv
>> http://pastebin.com/fUeR1ASj
>> http://pastebin.com/i7mEubXf
>> is there any clue as what might have happned.
>
> I can't get pastebin to work on this device.
>
> Which exact version of Tomcat, JVM, OS are you using.
>
> Please post your server.xml with all comments and passwords removed.
>
>
> p
>
>
>>
>> --
>> Tapas
>> http://mightydreams.blogspot.com
>> http://wiki.xensource.com/xenwiki/Xen_on_4_app_servers
>>
>> ---------------------------------------------------------------------
>> To unsubscribe, e-mail: users-unsubscribe@(protected)
>> For additional commands, e-mail: users-help@(protected)
>>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: users-unsubscribe@(protected)
> For additional commands, e-mail: users-help@(protected)
>
>



--
Tapas
http://mightydreams.blogspot.com
http://wiki.xensource.com/xenwiki/Xen_on_4_app_servers