Tomcat for Ubuntu
Objective 3Sixty 4.3.0 requires a change from Tomcat 9 to Tomcat 10.
Tomcat 10 deprecated the current SSL/HTTPS connector protocol use and the changes below also address the certificate issues found on Windows and Unix hosts.
Windows Server Example
-
Go to Service Manager and stop the Apache Tomcat 9 service.
-
Go to properties and disable the service.
-
Go to Apache Tomcat download site and download the windows 32-bit/64-bit service installer
-
When prompted select the c:\objective\tomcat directory (or other directory)
-
Select for all features including the 'Native' feature. Set a username and password
-
Set Apache to run as a service account.
-
If you copied over the existing Tomcat 9 directories skip this step
-
Copy the shared/classes directory and contents from the Tomcat 9 configuration.
-
Edit the conf/catalina.properties file and set the shared.loader="${catalina.base}/shared/classes" on line 90
-
Delete the 3Sixty war files and directories from /webapp and /working/Catalina/local
-
Add the new 3sxity war files to /webapp
-
Edit the simflofy-global.properties file in /shared/classes - set the following values to true (remember to turn these back to false after the first successful run of updated war files):
Copysimflofy.initialize.bootstrap="true"
simflofy.initialize.update="true"
simflofy.initialize.runallpatches="true" -
Copy the tau.objectivedemo.com.pfx file into the /conf directory
-
Follow the instructions for the Tomcat server.xml protocol update below
If you have the Keystore Explorer (jks) application installed. De-install it.
-
Doubleclick the tau.objectivedemo.com.pfx file and add it as a system certificate using the automatic method.
This fixes the issue where the local host was timing out accessing the tomcat pages.
If you want it back - reinstall it again - https://keystore-explorer.org/
Unix Server Example
-
Stop the tomcat service
-
Check the java version (java --version) to confirm jdk-17 or a variant is in use
-
Verify the location of jdk-17 or a variant (it should be in /usr/lib/jvm)
-
Go to apache Tomcat 10 download and get the debian tar.gz file
-
Go to the /opt/tomcat folder and delete the 'latest' symbolic reference
-
Extract the Apache Tomcat 10 file to the /opt/tomcat folder
sudo -xvf <apachetomcatfile> /opt/tomcat -
Create a new symbolic link called latest pointing to the apache tomcat 10 folder
sudo ln s /opt/tomcat/apache-tomcat-10.1.20 latest -
Set permissions sudo chmod 777 -R /opt/tomcat
-
Edit /etc/systemd/system/tomcat.service (sudo nano etc/systemd/system/tomcat.service)
-
Check that the Environment variables for 'Catalina*' all point to /opt/tomcat/latest in their paths
-
Copy the shared/classes directory and contents from the Tomcat 9 configuration.
-
Edit the conf/catalina.properties file and set the shared.loader="${catalina.base}/shared/classes" on line 90
-
Delete the 3Sixty war files and directories from /webapp and /working/Catalina/local
-
Add the new 3sxity war files to /webapp
-
Edit the simflofy-global.properties file in /shared/classes - set the following values to true (remember to turn these back to false after the first successful run of updated war files):
Copysimflofy.initialize.bootstrap="true"
simflofy.initialize.update="true"
simflofy.initialize.runallpatches="true" -
Copy the tau.objectivedemo.com.pfx file into the /conf directory rename the file to sigma.objectivedemo.com.pfx
-
Follow the instructions for the Tomcat server.xml protocol update below
Tomcat server.xml protocol update Example
The lower section of the server.xml file needs to be changed.
Add this entry in the Connector section below the current valid text
<Connector port="8443" protocol="org.apache.coyote.http11.Http11NioProtocol"
maxThreads="150" SSLEnabled="true" maxParameterCount="1000">
<SSLHostConfig>
<Certificate certificateKeystoreFile="conf/tau.objectivedemo.com.pfx"
certificateKeystorePassword="objective" type="RSA" />
</SSLHostConfig>
</Connector>Replace "conf/tau.objectivedemo.com.pfx" with "conf/sigma.objectivedemo.com.pfx" is using the ubuntu server