Hello,
Iam a newbie to DigitalOcean. But am knowledgeable in Apache and tomcat.

When I set up the tomcat, I was able to visit the manager(64.225.14.63:8080/manager/html) and host manager(64.225.14.63:8080/host-manager/html/) urls.

Later, iamLost.co was not reachable when I updated for ssl connection between apache2 and tomcat using mod_jk by following the steps in url:
https://www.digitalocean.com/community/tutorials/how-to-encrypt-tomcat-8-connections-with-apache-or-nginx-on-ubuntu-16-04

Therefore I have instead commented JKMount /* ajp13_worker statement recommended by the above url in the files:
/etc/apache2/sites-enabled/default-ssl.conf and
/etc/apache2/sites-enabled/000-default.conf
I completed “Restricting Access to the Tomcat Installation” section as listed in that page.

Now I am unable to visit the manager url to complete my deployment. Please help.

Thank you for your time.

1 comment

These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.

×
1 answer

Hi there @spansoft,

I can see that your domain name is returning an internal 500 error, this is most likely an issue with your Apache configuration.

What I could suggest here is following the steps from this answer here on how to troubleshoot common Apache issues:

https://www.digitalocean.com/community/questions/how-to-troubleshoot-common-apache-issues-on-linux-server

The most important things to check are the configuration test and the Apache error log.

Feel free to share the output here so that I could try to further advise!

Regards,
Bobby

  • Thank you Bobby for your response.
    configuration test for apache and tomcat always says syntax ok.

    root@iamlost-ubuntu-s-4vcpu-8gb-nyc3-01:~# apachectl -t
    Syntax OK
    
    

    Apache error log has the following contents:

    root@iamlost-ubuntu-s-4vcpu-8gb-nyc3-01:~# tail -f /var/log/apache2/error.log
    [Sun Mar 08 00:00:01.698310 2020] [jk:warn] [pid 12056:tid 140207985089600] No JkLogFile defined in httpd.conf. Using default /var/log/apache2/mod_jk.log
    [Sun Mar 08 00:00:01.698377 2020] [jk:warn] [pid 12056:tid 140207985089600] No JkLogFile defined in httpd.conf. Using default /var/log/apache2/mod_jk.log
    [Sun Mar 08 00:00:01.698398 2020] [jk:warn] [pid 12056:tid 140207985089600] No JkShmFile defined in httpd.conf. Using default /var/log/apache2/jk-runtime-status
    [Sun Mar 08 00:00:01.700422 2020] [mpm_event:notice] [pid 12056:tid 140207985089600] AH00489: Apache/2.4.41 (Ubuntu) mod_jk/1.2.46 OpenSSL/1.1.1c configured -- resuming normal operations
    [Sun Mar 08 00:00:01.700437 2020] [core:notice] [pid 12056:tid 140207985089600] AH00094: Command line: '/usr/sbin/apache2'
    
    

    Following is the result for netstat command:

    root@iamlost-ubuntu-s-4vcpu-8gb-nyc3-01:~# netstat -plant | grep '80\|443'
    tcp        0      0 64.225.14.63:47532      104.24.117.209:80       TIME_WAIT   -
    tcp6       0      0 :::443                  :::*                    LISTEN      12056/apache2
    tcp6       0      0 127.0.0.1:8005          :::*                    LISTEN      14477/java
    tcp6       0      0 127.0.0.1:8009          :::*                    LISTEN      14477/java
    tcp6       0      0 :::8080                 :::*                    LISTEN      14477/java
    tcp6       0      0 :::80                   :::*                    LISTEN      12056/apache2
    
    

    The issues I am facing now are
    1) Need to fix the apache - tomcat communication properly so that visiting www.iamlost.co or iamlost.co shows the ssl secured website
    2) show the index.jsp code when someone visits iamlost.co instead of iamlost.co being shown here http://64.225.14.63:8080/IamLost/ For some reason http://www.iamLost.co or iamlost.co is not showing the https site.
    As I am not a networking person, it is little over my head on how to fix the issue.
    Following are the contents of the apache settings
    and tomcat settings:

    apache settings at /etc/apache2/apache2.conf:

    # This is the main Apache server configuration file.  It contains the
    # configuration directives that give the server its instructions.
    # See http://httpd.apache.org/docs/2.4/ for detailed information about
    # the directives and /usr/share/doc/apache2/README.Debian about Debian specific
    # hints.
    #
    #
    # Summary of how the Apache 2 configuration works in Debian:
    # The Apache 2 web server configuration in Debian is quite different to
    # upstream's suggested way to configure the web server. This is because Debian's
    # default Apache2 installation attempts to make adding and removing modules,
    # virtual hosts, and extra configuration directives as flexible as possible, in
    # order to make automating the changes and administering the server as easy as
    # possible.
    
    # It is split into several files forming the configuration hierarchy outlined
    # below, all located in the /etc/apache2/ directory:
    #
    #   /etc/apache2/
    #   |-- apache2.conf
    #   |   `--  ports.conf
    #   |-- mods-enabled
    #   |   |-- *.load
    #   |   `-- *.conf
    #   |-- conf-enabled
    #   |   `-- *.conf
    #   `-- sites-enabled
    #       `-- *.conf
    #
    #
    # * apache2.conf is the main configuration file (this file). It puts the pieces
    #   together by including all remaining configuration files when starting up the
    #   web server.
    #
    # * ports.conf is always included from the main configuration file. It is
    #   supposed to determine listening ports for incoming connections which can be
    #   customized anytime.
    #
    # * Configuration files in the mods-enabled/, conf-enabled/ and sites-enabled/
    #   directories contain particular configuration snippets which manage modules,
    #   global configuration fragments, or virtual host configurations,
    #   respectively.
    #
    #   They are activated by symlinking available configuration files from their
    #   respective *-available/ counterparts. These should be managed by using our
    #   helpers a2enmod/a2dismod, a2ensite/a2dissite and a2enconf/a2disconf. See
    #   their respective man pages for detailed information.
    #
    # * The binary is called apache2. Due to the use of environment variables, in
    #   the default configuration, apache2 needs to be started/stopped with
    #   /etc/init.d/apache2 or apache2ctl. Calling /usr/bin/apache2 directly will not
    #   work with the default configuration.
    
    
    # Global configuration
    #
    
    #
    # ServerRoot: The top of the directory tree under which the server's
    # configuration, error, and log files are kept.
    #
    # NOTE!  If you intend to place this on an NFS (or otherwise network)
    # mounted filesystem then please read the Mutex documentation (available
    # at <URL:http://httpd.apache.org/docs/2.4/mod/core.html#mutex>);
    # you will save yourself a lot of trouble.
    #
    # Do NOT add a slash at the end of the directory path.
    #
    #ServerRoot "/etc/apache2"
    
    #
    # The accept serialization lock file MUST BE STORED ON A LOCAL DISK.
    #
    #Mutex file:${APACHE_LOCK_DIR} default
    
    #
    # The directory where shm and other runtime files will be stored.
    #
    
    DefaultRuntimeDir ${APACHE_RUN_DIR}
    
    #
    # PidFile: The file in which the server should record its process
    # identification number when it starts.
    # This needs to be set in /etc/apache2/envvars
    #
    PidFile ${APACHE_PID_FILE}
    
    #
    # Timeout: The number of seconds before receives and sends time out.
    #
    Timeout 300
    
    #
    # KeepAlive: Whether or not to allow persistent connections (more than
    # one request per connection). Set to "Off" to deactivate.
    #
    KeepAlive On
    
    #
    # MaxKeepAliveRequests: The maximum number of requests to allow
    # during a persistent connection. Set to 0 to allow an unlimited amount.
    # We recommend you leave this number high, for maximum performance.
    #
    MaxKeepAliveRequests 100
    
    #
    # KeepAliveTimeout: Number of seconds to wait for the next request from the
    # same client on the same connection.
    #
    KeepAliveTimeout 5
    
    
    # These need to be set in /etc/apache2/envvars
    User ${APACHE_RUN_USER}
    Group ${APACHE_RUN_GROUP}
    
    #
    # HostnameLookups: Log the names of clients or just their IP addresses
    # e.g., www.apache.org (on) or 204.62.129.132 (off).
    # The default is off because it'd be overall better for the net if people
    # had to knowingly turn this feature on, since enabling it means that
    # each client request will result in AT LEAST one lookup request to the
    # nameserver.
    #
    HostnameLookups Off
    
    # ErrorLog: The location of the error log file.
    # If you do not specify an ErrorLog directive within a <VirtualHost>
    # container, error messages relating to that virtual host will be
    # logged here.  If you *do* define an error logfile for a <VirtualHost>
    # container, that host's errors will be logged there and not here.
    #
    ErrorLog ${APACHE_LOG_DIR}/error.log
    
    #
    # LogLevel: Control the severity of messages logged to the error_log.
    # Available values: trace8, ..., trace1, debug, info, notice, warn,
    # error, crit, alert, emerg.
    # It is also possible to configure the log level for particular modules, e.g.
    # "LogLevel info ssl:warn"
    #
    LogLevel warn
    
    # Include module configuration:
    IncludeOptional mods-enabled/*.load
    IncludeOptional mods-enabled/*.conf
    
    # Include list of ports to listen on
    Include ports.conf
    
    
    # Sets the default security model of the Apache2 HTTPD server. It does
    # not allow access to the root filesystem outside of /usr/share and /var/www.
    # The former is used by web applications packaged in Debian,
    # the latter may be used for local directories served by the web server. If
    # your system is serving content from a sub-directory in /srv you must allow
    # access here, or in any related virtual host.
    <Directory />
        Options FollowSymLinks
        AllowOverride None
        Require all denied
    </Directory>
    
    <Directory /usr/share>
        AllowOverride None
        Require all granted
    </Directory>
    
    <Directory /var/www/>
        Options Indexes FollowSymLinks
        AllowOverride None
        Require all granted
    </Directory>
    
    #<Directory /srv/>
    #   Options Indexes FollowSymLinks
    #   AllowOverride None
    #   Require all granted
    #</Directory>
    
    
    
    
    # AccessFileName: The name of the file to look for in each directory
    # for additional configuration directives.  See also the AllowOverride
    # directive.
    #
    AccessFileName .htaccess
    
    #
    # The following lines prevent .htaccess and .htpasswd files from being
    # viewed by Web clients.
    #
    <FilesMatch "^\.ht">
        Require all denied
    </FilesMatch>
    
    
    #
    # The following directives define some format nicknames for use with
    # a CustomLog directive.
    #
    # These deviate from the Common Log Format definitions in that they use %O
    # (the actual bytes sent including headers) instead of %b (the size of the
    # requested file), because the latter makes it impossible to detect partial
    # requests.
    #
    # Note that the use of %{X-Forwarded-For}i instead of %h is not recommended.
    # Use mod_remoteip instead.
    #
    LogFormat "%v:%p %h %l %u %t \"%r\" %>s %O \"%{Referer}i\" \"%{User-Agent}i\"" vhost_combined
    LogFormat "%h %l %u %t \"%r\" %>s %O \"%{Referer}i\" \"%{User-Agent}i\"" combined
    LogFormat "%h %l %u %t \"%r\" %>s %O" common
    LogFormat "%{Referer}i -> %U" referer
    LogFormat "%{User-agent}i" agent
    
    # Include of directories ignores editors' and dpkg's backup files,
    # see README.Debian for details.
    
    # Include generic snippets of statements
    IncludeOptional conf-enabled/*.conf
    
    # Include the virtual host configurations:
    IncludeOptional sites-enabled/*.conf
    
    # vim: syntax=apache ts=4 sw=4 sts=4 sr noet
    ServerName 64.225.14.63
    
    

    file contents of /etc/apache2/sites-enabled/000-default-le-ssl.conf

    <IfModule mod_ssl.c>
    <VirtualHost *:443>
        # The ServerName directive sets the request scheme, hostname and port that
        # the server uses to identify itself. This is used when creating
        # redirection URLs. In the context of virtual hosts, the ServerName
        # specifies what hostname must appear in the request's Host: header to
        # match this virtual host. For the default virtual host (this file) this
        # value is not decisive as it is used as a last resort host regardless.
        # However, you must set it for any further virtual host explicitly.
        #ServerName www.example.com
    
        ServerAdmin webmaster@localhost
        DocumentRoot /var/www/html
    
        # Available loglevels: trace8, ..., trace1, debug, info, notice, warn,
        # error, crit, alert, emerg.
        # It is also possible to configure the loglevel for particular
        # modules, e.g.
        #LogLevel info ssl:warn
    
        ErrorLog ${APACHE_LOG_DIR}/error.log
        CustomLog ${APACHE_LOG_DIR}/access.log combined
    
        # For most configuration files from conf-available/, which are
        # enabled or disabled at a global level, it is possible to
        # include a line for only one particular virtual host. For example the
        # following line enables the CGI configuration for this host only
        # after it has been globally disabled with "a2disconf".
        #Include conf-available/serve-cgi-bin.conf
            JKMount /* ajp13_worker
    
    ServerName iamlost.co
    SSLCertificateFile /etc/letsencrypt/live/iamlost.co/fullchain.pem
    SSLCertificateKeyFile /etc/letsencrypt/live/iamlost.co/privkey.pem
    Include /etc/letsencrypt/options-ssl-apache.conf
    </VirtualHost>
    </IfModule>
    
    
    • Hi there @spansoft,

      The configuration actually seems correct, are there any errors in the JK log? You can check that by running

      • tail -100 /var/log/apache2/mod_jk.log

      Also if you run sudo apachectl -M do you see the jk module?

      Regards,
      Bobby

Submit an Answer