GZIP not working for Apache tomcat - windows

apache tomcat(8.0.36)
1.I have added .htaccess file in root then also its not working
2.I have added following code in server.xml
<Connector connectionTimeout="20000" port="80" protocol="HTTP/1.1"
disableUploadTimeout="true"
compression="on"
compressionMinSize="2048"
noCompressionUserAgents="gozilla, traviata"
compressableMimeType="text/html,
text/xml,text/plain,text/javascript,text/css,application/json"/>

Related

How to configure tomcat for https when you already setup https in application level

There are thousands of articles on how to set up HTTPS in either tomcat or at the application level in your spring boot application. But I didn't find a way to configure tomcat for an application that already has configured HTTPS.
I've already set up my spring boot application to run on HTTPS by configuring these properties:
server.port=7070
server.ssl.enabled=true
server.ssl.key-store-password=my_password
server.ssl.key-store-type=PKCS12
server.ssl.key-store=keystore-path
server.ssl.key-alias=key_alias
And it perfectly works when I run my IDE(Intellij) and serves on https://localhost:7070 on my machine.
On the other hand, When I deploy my app into the tomcat. it runs on the port of tomcat which is defined on server.xml connector. for instance :
<Connector port="7071" protocol="HTTP/1.1" connectionTimeout="20000" />
By doing so, The connector port in tomcat overrides the port number on the application.properties.
So if I want to run my application in HTTPS in tomcat, Documents says I need to define a new connector, for example :
<Connector port="8443" protocol="org.apache.coyote.http11.Http11NioProtocol"
maxThreads="150" SSLEnabled="true">
<SSLHostConfig>
<Certificate certificateKeystoreFile="conf/localhost-rsa.jks"
type="RSA" />
</SSLHostConfig>
</Connector>
or
<Connector port="8443" protocol="org.apache.coyote.http11.Http11AprProtocol"
maxThreads="150" SSLEnabled="true" >
<UpgradeProtocol className="org.apache.coyote.http2.Http2Protocol" />
<SSLHostConfig>
<Certificate certificateKeyFile="conf/localhost-rsa-key.pem"
certificateFile="conf/localhost-rsa-cert.pem"
certificateChainFile="conf/localhost-rsa-chain.pem"
type="RSA" />
</SSLHostConfig>
</Connector>
But these ways, I have to configure my Keystore, password, alias, and ... again in my tomcat.
I'm wondering is there any other way around not configuring again my Keystore, password and .. again in tomcat?
No, there is no other way around it. server.* properties are only applied when running the application in an embedded container. When deploying to an existing Tomcat instance, they are not used.

SSL enabling in Tomcat Windows server

I want to enable https on my website which is on a Windows Server 2008 and tomcat 7.
I have the following files from a certificate website: .ca, .crt, .pem, .csr, .pkcs
I know that i have to add in tomcat's server.xml the following:
<Connector port="8443" protocol="HTTP/1.1" SSLEnabled="true"
maxThreads="150" scheme="https" secure="true"
clientAuth="false" sslProtocol="TLS"
keystoreFile="/path/to/Tomcat/keystore.jks"
keystorePass="password" />
How to get that .jks from those files ?
Convert your .pem to a .jks: see https://docs.oracle.com/cd/E35976_01/server.740/es_admin/src/tadm_ssl_convert_pem_to_jks.html
If your using tomcat 7 newest version you can install the certificate to the windows secure keystore (cert manager) and refer it in the server.xml. In this way you don't need to worry about having the SSL certificate and the passphrase on the physical disk.
To install the cert to cert manager double click the certificate pfx file and follow the wizard steps. You can extract the pfx (refer https://www.sslshopper.com/article-most-common-openssl-commands.html?jn554906de).
This feature is available on tomcat version 7.0.52 or above.
<Connector port="8443"
protocol="org.apache.coyote.http11.Http11NioProtocol"
SSLEnabled="true"
maxThreads="150"
scheme="https"
secure="true"
keyAlias="<common name of the cert>"
keystoreFile=""
keystoreType="Windows-My"
clientAuth="false"
sslProtocol="TLS"
keepAliveTimeout="200000" />

Spring web application displays blank page for the first request

I am working in a spring web application and faces a strange behavior.
when hitting the application URL, the browser displays blank page and I should reload the page to work properly.
The application runs behind nginx and there are a chunk of redirection rules.
I can not find more specific words to describe this issue.
Where to start debugging ?
my server.xml
`
<Resource name="UserDatabase" auth="Container"
type="org.apache.catalina.UserDatabase"
description="User database that can be updated and saved"
factory="org.apache.catalina.users.MemoryUserDatabaseFactory"
pathname="conf/tomcat-users.xml" />
<Connector port="8080" protocol="HTTP/1.1" URIEncoding="UTF-8"
connectionTimeout="20000" maxThreads="600" minSpareThreads="25" maxSpareThreads="75"
useBodyEncodingForURI="true" enableLookups="false"
redirectPort="8443" />
<Connector port="443" protocol="HTTP/1.1" SSLEnabled="true"
scheme="https" secure="true"
clientAuth="false" sslProtocol="TLS"
URIEncoding="UTF-8"
keystoreFile="my key store"
keystorePass="my password"
/>
<Connector port="8013" protocol="AJP/1.3" redirectPort="443" URIEncoding="UTF-8"
connectionTimeout="20000" maxThreads="600" minSpareThreads="25" maxSpareThreads="75"
useBodyEncodingForURI="true" enableLookups="false"
/>
<Engine name="Catalina" defaultHost="localhost">
<Realm className="org.apache.catalina.realm.UserDatabaseRealm"
resourceName="UserDatabase"/>
<Host name="localhost" appBase="webapps"
unpackWARs="true" autoDeploy="true"
xmlValidation="false" xmlNamespaceAware="false">
</Host>
</Engine>
`

mod_jk utf-8 character set setup

I am running httpd + mod_jk + 2 tomcat servers in Ubuntu. When I submit a form in a non-Latin language I get garbage in the DB.
If I submit the same form through Tomcat directly bypassing httpd everything looks good.
following is my configuration:
/etc/apache2/conf.d/charset:
AddDefaultCharset UTF-8
tomcat1:
< Connector port="8080" protocol="AJP/1.3" connectionTimeout="20000" redirectPort="8443" URIEncoding="UTF-8" />
tomcat2:
< Connector port="9080" protocol="AJP/1.3" connectionTimeout="20000" redirectPort="9443" URIEncoding="UTF-8" />
JDBC connection:
jdbc:mysql://localhost:3306/myapp?useEncoding=true&characterEncoding=UTF-8
/etc/apache2/mods-available/jk.conf (the same file I set up my loadbalancer)
JkOptions +ForwardURICompatUnparsed
Am I missing something?
Thank You!
I found my problem, I mixed up the HTTP connector with the AJP connector which was declared twice in Tomcat's server.xml . The second declaration did not even include the attribute URIEncoding.
<Connector URIEncoding="UTF-8" port="8009" protocol="AJP/1.3" connectionTimeout="10000" keepAliveTimeout="10000" redirectPort="8443"/>
work fine for me

Edit tomcats server.xml using ksh?

I'm wondering whats the easiest way to change some settings in tomcats conf/server.xml configuration file through a ksh script?
For example, I want to change the default ports on these 2 snippets:
Replace this:
<Connector port="8080" protocol="HTTP/1.1" connectionTimeout="20000" redirectPort="8443" />
With this:
<Connector port="8081" protocol="HTTP/1.1" connectionTimeout="20000" redirectPort="8443" />
And,
Replace this:
<Server port="8005" shutdown="SHUTDOWN">
With this:
<Server port="8006" shutdown="SHUTDOWN">
Many thanks!
I guess you want to change this in the config? This would be a simple sed, you can make it a bit safer by adding more than just the number:
sed -i 's/8005/8006' server.xml

Resources