Servoy Forum

[Juan Etec]

Hi,
I'am installing a SSL Certificate.
The certificate I have is from COMODO and they send to me 3 files:
Root CA Certificate - AddTrustExternalCARoot.crt
Intermediate CA Certificate - COMODOHigh-AssuranceSecureServerCA.crt
Your PremiumSSL Certificate - www_etecsoft_com.crt
I created a selfsigned certifcate in new java keystore and imported the certificate in the keystore (Import Root certificate, Import Root intermediate and Import Root your certificate: ( *.crt file))
The keystore is in C:\Servoy\application_server\server\conf

Following the wiki instructions https://wiki.servoy.com/display/Serv7/Network+Related+Settings :

-In C:\Servoy\application_server\server\conf\server.xml

Code: Select all

<Connector port="8080"
            protocol="HTTP/1.1"
             maxThreads="500" connectionTimeout="60000"
             redirectPort="8443" useBodyEncodingForURI="true"
             compression="4096"
             compressableMimeType="text/html,text/xml,text/plain,text/javascript,text/css" />
      
<Connector port="8443"
      maxThreads="500"
           connectionTimeout="60000"
      scheme="https"
      secure="true"
      SSLEnabled="true"
      keystoreFile="conf/etecsoft.keystore"
      keystorePass="myPassWord"
      clientAuth="false" sslProtocol="TLS"
      compressableMimeType="text/html,text/xml,text/plain,text/javascript,text/css"
   />

-In C:\Servoy\application_server\server\webapps\ROOT\WEB-INF\web.xml
add before </web-app>

Code: Select all

<security-constraint>
    <web-resource-collection>
      <web-resource-name>Automatic SLL Forwarding</web-resource-name>
      <url-pattern>/</url-pattern>
    </web-resource-collection>
    <user-data-constraint>
      <transport-guarantee>CONFIDENTIAL</transport-guarantee>
    </user-data-constraint>
  </security-constraint>

-in the servoy properties:

Code: Select all

SocketFactory.compress=true
SocketFactory.rmiServerFactory=com.servoy.j2db.rmi.DefaultServerRMIServerSocketFactoryFactory
SocketFactory.tunnelConnectionMode=2waysocket
SocketFactory.tunnelUseSSLForHttp=false
SocketFactory.useSSL=true
SocketFactory.useTwoWaySocket=true
SocketFactory.SSLKeystorePath=C:/Servoy/application_server/server/conf/etecsoft.keystore
SocketFactory.SSLKeystorePassphrase=myPassWord

and all the encrypted\ pasword put into visible text https://www.servoy.com/forum/viewtopic.php?f=5&t=13565&p=70269&hilit=encripted+ssl#p70269

When I turn on the servoy service it stop and didn't start.

Looking in the C:\Servoy\application_server\.service_log.txt:

Code: Select all

Launching a JVM...
INFO   | jvm 1    | 2015/03/22 18:36:12 | WrapperManager: Initializing...
INFO   | jvm 1    | 2015/03/22 18:36:12 | log4j:WARN No appenders could be found for logger (com.servoy.j2db.util.Debug).
INFO   | jvm 1    | 2015/03/22 18:36:12 | log4j:WARN Please initialize the log4j system properly.
INFO   | jvm 1    | 2015/03/22 18:36:12 | log4j:WARN See http://logging.apache.org/log4j/1.2/faq.html#noconfig for more info.
STATUS | wrapper  | 2015/03/22 18:36:14 | on_exit trigger matched.  Restarting the JVM.  (Exit code: 1)

[Juan Etec]

Launching servoy with servoy_server.bat and using de command -Dlog4j.debug the servoy crash an say:

Code: Select all

log4j: Trying to find [log4j.xml] using context classloader sun.misc.Launcher$Ap
pClassLoader@44b1406b.
log4j: Trying to find [log4j.xml] using sun.misc.Launcher$AppClassLoader@44b1406
b class loader.
log4j: Trying to find [log4j.xml] using ClassLoader.getSystemResource().
log4j: Trying to find [log4j.properties] using context classloader sun.misc.Laun
cher$AppClassLoader@44b1406b.
log4j: Trying to find [log4j.properties] using sun.misc.Launcher$AppClassLoader@
44b1406b class loader.
log4j: Trying to find [log4j.properties] using ClassLoader.getSystemResource().
log4j: Could not find resource: [null].
log4j:WARN No appenders could be found for logger (com.servoy.j2db.util.Debug).
log4j:WARN Please initialize the log4j system properly.
log4j:WARN See http://logging.apache.org/log4j/1.2/faq.html#noconfig for more in
fo.

If I remove this paramerter from de servoy.properties

Code: Select all

SocketFactory.SSLKeystorePath=D:/Empresa/Ficheros/Servoy/application_server/server/conf/etecsoft.keystore
SocketFactory.SSLKeystorePassphrase=fuenTeror5

and launch it again it works.

Does any one know the way I can follow?

[jcompagner]

if you add a keystore to servoy in the servoy properties file
then that is also used for encrypting/decrypting the passwords of your database

So you need to make sure that those are then once in a plain text (not encrypted) and start it up
then you can press save on the admin page so that the passwords are crypted again with your new keystore/certificate

[GabrielWyss]

I get also the error message as following 5 times and the application server would not start.

Code: Select all

INFO   | jvm 1    | 2015/12/22 15:48:17 | WrapperManager: Initializing...
INFO   | jvm 1    | 2015/12/22 15:48:17 | log4j:WARN No appenders could be found for logger (com.servoy.j2db.util.Debug).
INFO   | jvm 1    | 2015/12/22 15:48:17 | log4j:WARN Please initialize the log4j system properly.
INFO   | jvm 1    | 2015/12/22 15:48:17 | log4j:WARN See http://logging.apache.org/log4j/1.2/faq.html#noconfig for more info.


All passwords are as clear text in servoy.properties.

Has any one a idea, what could be the problem?

[jcompagner]

the log4j properties are also in the servoy.properties file
It seems that that file is not found then somehow (or is quite empty)

[GabrielWyss]

Wich file is not found?

[patrick]

I think he means the servoy.properties file. That would also explain why the app server doesn't start. The logging issue should not be the reason for that. What's strange is: I think when the servoy.properties are not found, new ones are created and those contain log4j setup. So maybe the properties can be found, but not accessed (access rights?)?

[GabrielWyss]

The servoy.properties file is there. The service starts with locale system account and has the right to write.
For test i removed all log4j lines in servoy.properties but without success.

If i rename the file name in 'SocketFactory.SSLKeystorePath=server\\conf\\mykeystore.ks' to a incorrect name, the application server will start. In this case the following lines ar once in service_log.txt As you can see, the log4j error warning is also there but only once.

Code: Select all

STATUS | wrapper  | 2015/12/24 08:54:12 | --> Wrapper Started as Service
STATUS | wrapper  | 2015/12/24 08:54:12 | Java Service Wrapper Standard Edition 64-bit 3.3.5
STATUS | wrapper  | 2015/12/24 08:54:12 |   Copyright (C) 1999-2009 Tanuki Software, Ltd.  All Rights Reserved.
STATUS | wrapper  | 2015/12/24 08:54:12 |     http://wrapper.tanukisoftware.org
STATUS | wrapper  | 2015/12/24 08:54:12 |   Licensed to Servoy for ServoyApplicationServer
STATUS | wrapper  | 2015/12/24 08:54:12 |
INFO   | wrapperp | 2015/12/24 08:54:12 | port 1777 already in use, using port 32002 instead.
STATUS | wrapper  | 2015/12/24 08:54:12 | Launching a JVM...
INFO   | jvm 1    | 2015/12/24 08:54:13 | WrapperManager: Initializing...
INFO   | jvm 1    | 2015/12/24 08:54:13 | log4j:WARN No appenders could be found for logger (com.servoy.j2db.util.Debug).
INFO   | jvm 1    | 2015/12/24 08:54:13 | log4j:WARN Please initialize the log4j system properly.
INFO   | jvm 1    | 2015/12/24 08:54:13 | log4j:WARN See http://logging.apache.org/log4j/1.2/faq.html#noconfig for more info.
INFO   | jvm 1    | 2015/12/24 08:54:20 | Dez 24, 2015 8:54:20 AM org.apache.coyote.http11.Http11Protocol init
INFO   | jvm 1    | 2015/12/24 08:54:20 | INFO: Initializing Coyote HTTP/1.1 on http-8082
INFO   | jvm 1    | 2015/12/24 08:54:20 | Dez 24, 2015 8:54:20 AM org.apache.coyote.http11.Http11Protocol init
INFO   | jvm 1    | 2015/12/24 08:54:20 | INFO: Initializing Coyote HTTP/1.1 on http-8443
INFO   | jvm 1    | 2015/12/24 08:54:20 | Dez 24, 2015 8:54:20 AM org.apache.catalina.startup.Catalina load
INFO   | jvm 1    | 2015/12/24 08:54:20 | INFO: Initialization processed in 232 ms
INFO   | jvm 1    | 2015/12/24 08:54:20 | Dez 24, 2015 8:54:20 AM org.apache.catalina.core.StandardService start
INFO   | jvm 1    | 2015/12/24 08:54:20 | INFO: Starting service Catalina
INFO   | jvm 1    | 2015/12/24 08:54:20 | Dez 24, 2015 8:54:20 AM org.apache.catalina.core.StandardEngine start
INFO   | jvm 1    | 2015/12/24 08:54:20 | INFO: Starting Servlet Engine: Apache Tomcat/6.0.37
INFO   | jvm 1    | 2015/12/24 08:54:20 | Dez 24, 2015 8:54:20 AM org.apache.catalina.startup.HostConfig deployDirectory
INFO   | jvm 1    | 2015/12/24 08:54:20 | INFO: Deploying web application directory ROOT
INFO   | jvm 1    | 2015/12/24 08:54:21 | Dez 24, 2015 8:54:21 AM org.apache.coyote.http11.Http11Protocol start
INFO   | jvm 1    | 2015/12/24 08:54:21 | INFO: Starting Coyote HTTP/1.1 on http-8082
INFO   | jvm 1    | 2015/12/24 08:54:21 | Dez 24, 2015 8:54:21 AM org.apache.coyote.http11.Http11Protocol start
INFO   | jvm 1    | 2015/12/24 08:54:21 | INFO: Starting Coyote HTTP/1.1 on http-8443
INFO   | jvm 1    | 2015/12/24 08:54:21 | Dez 24, 2015 8:54:21 AM org.apache.catalina.startup.Catalina start
INFO   | jvm 1    | 2015/12/24 08:54:21 | INFO: Server startup in 791 ms


If the correct name of the keystore file is defined, the application server will not start and the following entries are in service_log.

Code: Select all

STATUS | wrapper  | 2015/12/24 08:51:24 | --> Wrapper Started as Service
STATUS | wrapper  | 2015/12/24 08:51:24 | Java Service Wrapper Standard Edition 64-bit 3.3.5
STATUS | wrapper  | 2015/12/24 08:51:24 |   Copyright (C) 1999-2009 Tanuki Software, Ltd.  All Rights Reserved.
STATUS | wrapper  | 2015/12/24 08:51:24 |     http://wrapper.tanukisoftware.org
STATUS | wrapper  | 2015/12/24 08:51:24 |   Licensed to Servoy for ServoyApplicationServer
STATUS | wrapper  | 2015/12/24 08:51:24 |
INFO   | wrapperp | 2015/12/24 08:51:24 | port 1777 already in use, using port 32002 instead.
STATUS | wrapper  | 2015/12/24 08:51:25 | Launching a JVM...
INFO   | jvm 1    | 2015/12/24 08:51:25 | WrapperManager: Initializing...
INFO   | jvm 1    | 2015/12/24 08:51:25 | log4j:WARN No appenders could be found for logger (com.servoy.j2db.util.Debug).
INFO   | jvm 1    | 2015/12/24 08:51:25 | log4j:WARN Please initialize the log4j system properly.
INFO   | jvm 1    | 2015/12/24 08:51:25 | log4j:WARN See http://logging.apache.org/log4j/1.2/faq.html#noconfig for more info.
INFO   | jvm 1    | 2015/12/24 08:51:27 | Java HotSpot(TM) 64-Bit Server VM warning: ignoring option MaxPermSize=128m; support was removed in 8.0
STATUS | wrapper  | 2015/12/24 08:51:27 | on_exit trigger matched.  Restarting the JVM.  (Exit code: 1)
INFO   | wrapperp | 2015/12/24 08:51:31 | port 1777 already in use, using port 32002 instead.
STATUS | wrapper  | 2015/12/24 08:51:32 | Launching a JVM...
INFO   | jvm 2    | 2015/12/24 08:51:32 | WrapperManager: Initializing...
INFO   | jvm 2    | 2015/12/24 08:51:32 | log4j:WARN No appenders could be found for logger (com.servoy.j2db.util.Debug).
INFO   | jvm 2    | 2015/12/24 08:51:32 | log4j:WARN Please initialize the log4j system properly.
INFO   | jvm 2    | 2015/12/24 08:51:32 | log4j:WARN See http://logging.apache.org/log4j/1.2/faq.html#noconfig for more info.
INFO   | jvm 2    | 2015/12/24 08:51:34 | Java HotSpot(TM) 64-Bit Server VM warning: ignoring option MaxPermSize=128m; support was removed in 8.0
STATUS | wrapper  | 2015/12/24 08:51:34 | on_exit trigger matched.  Restarting the JVM.  (Exit code: 1)
INFO   | wrapperp | 2015/12/24 08:51:39 | port 1777 already in use, using port 32002 instead.
STATUS | wrapper  | 2015/12/24 08:51:39 | Launching a JVM...
INFO   | jvm 3    | 2015/12/24 08:51:39 | WrapperManager: Initializing...
INFO   | jvm 3    | 2015/12/24 08:51:39 | log4j:WARN No appenders could be found for logger (com.servoy.j2db.util.Debug).
INFO   | jvm 3    | 2015/12/24 08:51:39 | log4j:WARN Please initialize the log4j system properly.
INFO   | jvm 3    | 2015/12/24 08:51:39 | log4j:WARN See http://logging.apache.org/log4j/1.2/faq.html#noconfig for more info.
INFO   | jvm 3    | 2015/12/24 08:51:41 | Java HotSpot(TM) 64-Bit Server VM warning: ignoring option MaxPermSize=128m; support was removed in 8.0
STATUS | wrapper  | 2015/12/24 08:51:41 | on_exit trigger matched.  Restarting the JVM.  (Exit code: 1)
INFO   | wrapperp | 2015/12/24 08:51:46 | port 1777 already in use, using port 32002 instead.
STATUS | wrapper  | 2015/12/24 08:51:46 | Launching a JVM...
INFO   | jvm 4    | 2015/12/24 08:51:46 | WrapperManager: Initializing...
INFO   | jvm 4    | 2015/12/24 08:51:47 | log4j:WARN No appenders could be found for logger (com.servoy.j2db.util.Debug).
INFO   | jvm 4    | 2015/12/24 08:51:47 | log4j:WARN Please initialize the log4j system properly.
INFO   | jvm 4    | 2015/12/24 08:51:47 | log4j:WARN See http://logging.apache.org/log4j/1.2/faq.html#noconfig for more info.
INFO   | jvm 4    | 2015/12/24 08:51:48 | Java HotSpot(TM) 64-Bit Server VM warning: ignoring option MaxPermSize=128m; support was removed in 8.0
STATUS | wrapper  | 2015/12/24 08:51:48 | on_exit trigger matched.  Restarting the JVM.  (Exit code: 1)
INFO   | wrapperp | 2015/12/24 08:51:53 | port 1777 already in use, using port 32002 instead.
STATUS | wrapper  | 2015/12/24 08:51:53 | Launching a JVM...
INFO   | jvm 5    | 2015/12/24 08:51:53 | WrapperManager: Initializing...
INFO   | jvm 5    | 2015/12/24 08:51:54 | log4j:WARN No appenders could be found for logger (com.servoy.j2db.util.Debug).
INFO   | jvm 5    | 2015/12/24 08:51:54 | log4j:WARN Please initialize the log4j system properly.
INFO   | jvm 5    | 2015/12/24 08:51:54 | log4j:WARN See http://logging.apache.org/log4j/1.2/faq.html#noconfig for more info.
INFO   | jvm 5    | 2015/12/24 08:51:55 | Java HotSpot(TM) 64-Bit Server VM warning: ignoring option MaxPermSize=128m; support was removed in 8.0
STATUS | wrapper  | 2015/12/24 08:51:56 | on_exit trigger matched.  Restarting the JVM.  (Exit code: 1)
FATAL  | wrapper  | 2015/12/24 08:51:56 | There were 5 failed launches in a row, each lasting less than 300 seconds.  Giving up.
FATAL  | wrapper  | 2015/12/24 08:51:56 |   There may be a configuration problem: please check the logs.
STATUS | wrapper  | 2015/12/24 08:51:56 | <-- Wrapper Stopped


[jcompagner]

but that is just all wrapper logging
what does your servoy logging tell you? (servoy log file)

I guess it can't find the repository server because it can't connect to the database?


that keystore file is to encrypt/decrypt the passwords that are in the servoy.properties file.
If you configure that property (through the admin page) then you have to make sure that you save the properties file through the admin page
If you change that property first in the servoy.properties file yourself then you have to change all the password things to plain text
Then it should start fine and the next time your start (and you save the properties file) it should encrypt the password with your keystore.