I am trying to change server.xml with Tomcat 8.5 and get the following error when trying to start tomcat:
09-Feb-2017 06:23:25.278 WARNING [main] org.apache.catalina.startup.Catalina.load Catalina.start using conf/server.xml: Error at (135, 20) : Multiple SSLHostConfig elements were provided for the host name [default]. Host names must be unique.
Relevant server.xml code:
<Connector port="8443" protocol="org.apache.coyote.http11.Http11AprProtocol" SSLEnabled="true"
maxThreads="150" scheme="https" secure="true"
clientAuth="false" >
<SSLHostConfig>
keystoreFile="/saswork/sasadmin/tomcat/certs/eccerts"
keystorePass="xxxxxxxx"
storepass="xxxxxxxx"
truststoreFile="/saswork/sasadmin/tomcat/certs/eccerts"
sslProtocol="TLS"
</SSLHostConfig>
Advice appreciated on what the error means and suggestions on a solution welcome.
maxPostSize. The maximum size in bytes of the POST which will be handled by the container FORM URL parameter parsing. The limit can be disabled by setting this attribute to a value less than or equal to 0. If not specified, this attribute is set to 2097152 (2 megabytes).
The AJP Connector element represents a Connector component that communicates with a web connector via the AJP protocol.
Tomcat can use three different implementations of SSL: JSSE implementation provided as part of the Java runtime. JSSE implementation that uses OpenSSL. APR implementation, which uses the OpenSSL engine by default.
A quite confusing error "Multiple SSLHostConfig elements" when you clearly only have one.
Turns out this is caused by using deprecated directives.
If you put any of these deprecated attributes in the Connector
directive, tomcat assumes you are using the old way and auto creates a SSLHostConfig
itself, which then conflicts with the one you are creating.
In your particular case you were using clientAuth="false"
on the Connector
directive which has become certificateVerification="none"
on the SSLHostConfig
directive
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With