Java – SSL configuration in Tomcat and APR
•
Java
I encountered a problem setting my Tomcat using APR native lib,
Tomcat: 7.0.42 Java: 1.7.0_40-b43 OS: Centos 6.4 (2.6.32-358.18.1.el6.i686) APR: 1.3.9 Native lib: 1.1.27 OpenSSL: openssl-1.0.0-27.el6_4.2.i686
My server XML looks like:
... <Listener className="org.apache.catalina.core.AprLifecycleListener" SSLEngine="on" /> ... <Connector port="8443" protocol="HTTP/1.1" SSLEnabled="true" maxThreads="150" scheme="https" secure="true" clientAuth="false" sslProtocol="TLS" SSLCertificateFile="/tmp/monitoringPortalCert.pem" SSLCertificateKeyFile="/tmp/monitoringPortalKey.pem" SSLPassword="hide" /> ...
I compiled the native library as follows:
./configure --with-apr=/usr/bin/apr-1-config --with-ssl=yes --prefix=$CATALINA_HOME make && make install
APR loaded:
Oct 06,2013 7:55:14 PM org.apache.catalina.core.AprLifecycleListener init INFO: Loaded APR based Apache Tomcat Native library 1.1.27 using APR version 1.3.9.
But I still have this mistake:
SEVERE: Failed to initialize the SSLEngine. org.apache.tomcat.jni.Error: 70023: This function has not been implemented on this platform
Can you help me understand where my mistake is? What did I miss?
Thank you for your support
Thanks for Mark's comments. Here's the/ Configure / make & & make install result:/ to configure
[root@localhost native]# ./configure --with-apr=/usr/bin/apr-1-config --with-ssl=yes -- prefix=$CATALINA_HOME && make && make install
checking build system type... i686-pc-linux-gnu
checking host system type... i686-pc-linux-gnu
checking target system type... i686-pc-linux-gnu
checking for a BSD-compatible install... /usr/bin/install -c
checking for working mkdir -p... yes
Tomcat Native Version: 1.1.27
checking for chosen layout... tcnative
checking for APR... yes
setting CC to "gcc"
setting CPP to "gcc -E"
checking for JDK location (please wait)... /usr/java/jdk1.7.0_40 from environment
checking Java platform... checking Java platform...
checking for sablevm... NONE
adding "-I/usr/java/jdk1.7.0_40/include" to TCNATIVE_PRIV_INCLUDES
checking os_type directory... linux
adding "-I/usr/java/jdk1.7.0_40/include/linux" to TCNATIVE_PRIV_INCLUDES
checking for gcc... gcc
checking whether the C compiler works... yes
checking for C compiler default output file name... a.out
checking for suffix of executables...
checking whether we are cross compiling... no
checking for suffix of object files... o
checking whether we are using the GNU C compiler... yes
checking whether gcc accepts -g... yes
checking for gcc option to accept ISO C89... none needed
checking for OpenSSL library... using openssl from /usr/lib and /usr/include
checking OpenSSL library version... ok
checking for OpenSSL DSA support... yes
setting TCNATIVE_LDFLAGS to "-lssl -lcrypto"
adding "-DHAVE_OPENSSL" to CFLAGS
setting TCNATIVE_LIBS to ""
setting TCNATIVE_LIBS to " /usr/lib/libapr-1.la -lpthread"
configure: creating ./config.status
config.status: creating tcnative.pc
config.status: creating Makefile
config.status: executing default commands
make[1]: Entering directory `/usr/apache-tomcat-7.0.42/bin/tomcat-native-1.1.27- src/jni/native'
make[1]: Nothing to be done for `local-all'.
make[1]: Leaving directory `/usr/apache-tomcat-7.0.42/bin/tomcat-native-1.1.27- src/jni/native'
make[1]: Entering directory `/usr/apache-tomcat-7.0.42/bin/tomcat-native-1.1.27- src/jni/native'
make[1]: Nothing to be done for `local-all'.
make[1]: Leaving directory `/usr/apache-tomcat-7.0.42/bin/tomcat-native-1.1.27- src/jni/native'
/usr/lib/apr-1/build/mkdir.sh /usr/apache-tomcat-7.0.42/include/apr-1 /usr/apache- tomcat-7.0.42/lib/pkgconfig \
/usr/apache-tomcat-7.0.42/lib /usr/apache-tomcat-7.0.42/bin
/usr/bin/install -c -m 644 tcnative.pc /usr/apache-tomcat-7.0.42/lib/pkgconfig/tcnative- 1.pc
list=''; for i in $list; do \
( cd $i ; make DESTDIR= install ); \
done
/bin/sh /usr/lib/apr-1/build/libtool --mode=install /usr/bin/install -c -m 755 libtcnative-1.la /usr/apache-tomcat-7.0.42/lib
libtool: install: /usr/bin/install -c -m 755 .libs/libtcnative-1.so.0.1.27 /usr/apache- tomcat-7.0.42/lib/libtcnative-1.so.0.1.27
libtool: install: (cd /usr/apache-tomcat-7.0.42/lib && { ln -s -f libtcnative- 1.so.0.1.27 libtcnative-1.so.0 || { rm -f libtcnative-1.so.0 && ln -s libtcnative- 1.so.0.1.27 libtcnative-1.so.0; }; })
libtool: install: (cd /usr/apache-tomcat-7.0.42/lib && { ln -s -f libtcnative- 1.so.0.1.27 libtcnative-1.so || { rm -f libtcnative-1.so && ln -s libtcnative-1.so.0.1.27 libtcnative-1.so; }; })
libtool: install: /usr/bin/install -c -m 755 .libs/libtcnative-1.lai /usr/apache-tomcat- 7.0.42/lib/libtcnative-1.la
libtool: install: /usr/bin/install -c -m 755 .libs/libtcnative-1.a /usr/apache-tomcat- 7.0.42/lib/libtcnative-1.a
libtool: install: chmod 644 /usr/apache-tomcat-7.0.42/lib/libtcnative-1.a
libtool: install: ranlib /usr/apache-tomcat-7.0.42/lib/libtcnative-1.a
libtool: install: warning: remember to run `libtool --finish /usr/local/apr/lib'
Manufacturing & & make install:
make[1]: Entering directory `/usr/apache-tomcat-7.0.42/bin/tomcat-native-1.1.27- src/jni/native'
make[1]: Nothing to be done for `local-all'.
make[1]: Leaving directory `/usr/apache-tomcat-7.0.42/bin/tomcat-native-1.1.27- src/jni/native'
make[1]: Entering directory `/usr/apache-tomcat-7.0.42/bin/tomcat-native-1.1.27- src/jni/native'
make[1]: Nothing to be done for `local-all'.
make[1]: Leaving directory `/usr/apache-tomcat-7.0.42/bin/tomcat-native-1.1.27- src/jni/native'
/usr/lib/apr-1/build/mkdir.sh /usr/apache-tomcat-7.0.42/include/apr-1 /usr/apache- tomcat-7.0.42/lib/pkgconfig \
/usr/apache-tomcat-7.0.42/lib /usr/apache-tomcat-7.0.42/bin
/usr/bin/install -c -m 644 tcnative.pc /usr/apache-tomcat-7.0.42/lib/pkgconfig/tcnative- 1.pc
list=''; for i in $list; do \
( cd $i ; make DESTDIR= install ); \
done
/bin/sh /usr/lib/apr-1/build/libtool --mode=install /usr/bin/install -c -m 755 libtcnative-1.la /usr/apache-tomcat-7.0.42/lib
libtool: install: /usr/bin/install -c -m 755 .libs/libtcnative-1.so.0.1.27 /usr/apache- tomcat-7.0.42/lib/libtcnative-1.so.0.1.27
libtool: install: (cd /usr/apache-tomcat-7.0.42/lib && { ln -s -f libtcnative- 1.so.0.1.27 libtcnative-1.so.0 || { rm -f libtcnative-1.so.0 && ln -s libtcnative- 1.so.0.1.27 libtcnative-1.so.0; }; })
libtool: install: (cd /usr/apache-tomcat-7.0.42/lib && { ln -s -f libtcnative- 1.so.0.1.27 libtcnative-1.so || { rm -f libtcnative-1.so && ln -s libtcnative-1.so.0.1.27 libtcnative-1.so; }; })
libtool: install: /usr/bin/install -c -m 755 .libs/libtcnative-1.lai /usr/apache-tomcat- 7.0.42/lib/libtcnative-1.la
libtool: install: /usr/bin/install -c -m 755 .libs/libtcnative-1.a /usr/apache-tomcat- 7.0.42/lib/libtcnative-1.a
libtool: install: chmod 644 /usr/apache-tomcat-7.0.42/lib/libtcnative-1.a
libtool: install: ranlib /usr/apache-tomcat-7.0.42/lib/libtcnative-1.a
libtool: install: warning: remember to run `libtool --finish /usr/local/apr/lib'
It seems that everything is fine, but the mistakes are not self-evident
Solution
I also have a definite problem The problem is that it does not detect a properly installed native library
When you install native libraries, install them first
For Ubuntu: sudo apt get install libapr1 dev libssl dev
These libraries are required, not libtcnative After successful installation, configure your application in this way
sudo ./configure --with-apr=`which apr-1-config` --with-java-home=$JAVA_HOME --with-ssl=yes --prefix=$CATALINA_HOME
Here's Catalina_ Home is the Tomcat home page you set up or use / opt / Apache directly_ tomcat_ version
then
sudo make sudo make install
When the installation is complete, it will be updated. You have put the file library in the Lib folder of Tomcat
Configure your setenv like this
export LD_LIBRARY_PATH=/opt/apache-tomcat-7.0.42/lib:$LD_LIBRARY_PATH
Restart your tomcat, you're all done!
Cheers!
The content of this article comes from the network collection of netizens. It is used as a learning reference. The copyright belongs to the original author.
THE END
二维码