Jump to content
GCG

Tomcat Sample Configuration

Recommended Posts

We are a national MSP based in Chicago and while working with ESET to test the upcoming ESET ESMC 7.X release GCG decided that we wanted to upgrade the built-in version of Tomcat 7.x (32-bit) to version 9.0.10 (64-bit).  This, of course, meant that we also had to update the Tomcat configuration and update our Java install. 


We don't want to bore everyone with the technical details, but we felt like the overall level of documentation available was lacking so we wanted to share the Tomcat configuration we are using to make configuration and upgrade of the Tomcat install easier for others. 

Our configuration should work for most 32-bit or 64-bit installs of Tomcat 7, 8, or 9.  As part of our upgrade, we migrated away from using keystores and instead referenced the CA, Certificate, and Key directly using (binary) PEM formatted files. 

We are more than happy to share our configuration with the community, so everyone can benefit.

CVE-2018-1336

Quote

CVE-2018-1336 - An improper handing of overflow in the UTF-8 decoder with supplementary characters can lead to an infinite loop in the decoder causing a Denial of Service. Versions Affected: Apache Tomcat 9.0.0.M9 to 9.0.7, 8.5.0 to 8.5.30, 8.0.0.RC1 to 8.0.51, and 7.0.28 to 7.0.86.

 

We have sanitized the configuration for security reasons.  If you have questions about why we have configured things the way, we have we will do our best to respond to questions.
Please make sure to you have a backup of your Tomcat install before overwriting or modifying any files.  We take no responsibility for anyone's actions except our own.
Configuration was verified on Tomcat version 9.0.10 (64-bit) with Java 8 update 181 (64-bit)
GCG SAMPLE TOMCAT CONFIGURATION (ATTACHMENT BELOW)
 

 

Tomcat.zip

Share this post


Link to post
Share on other sites

just give us some credit or contribution credit :)

 

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

  • Recently Browsing   0 members

    No registered users viewing this page.

×