- Steps to install apache tomcat native and its dependencies
- Download and Install Apache Tomcat
- Install Java (JDK) [/h2]
- Download and install openssl
- Install APR (Apache Portable Runtime)
- Install Tomcat Native
- Apache Tomcat Native Library
- Headlines
- Building
- Requirements
- UNIX
- Windows
- Install and tests
- Configuring Tomcat
- UNIX
- Windows
- The APR based Apache Tomcat Native library was not found on the java.library.path
- Environmental
- Installation
- Troubleshooting
- Hot Categories
- Hot Tags
Steps to install apache tomcat native and its dependencies
If you are using Apache Tomcat in production then it would be good to install Apache Tomcat native library as it has some optimizations for production use. Below are the steps to install it. The steps were performed on an AWS EC2 instance (Amazon Linux), but should work on most of the linux systems.
- If you are on an amazon box then login as root and change directory to /opt. This is where we will install the tomcat instance. For everyone else, use whatever user you want the tomcat to run as.
Download and Install Apache Tomcat
Download apache tomcat. We will use using the 8.5.16 version. Extract it. The native source code is in the bin directory. Extract it as well.
wget http://mirror.intergrid.com.au/apache/tomcat/tomcat-8/v8.5.16/bin/apache-tomcat-8.5.16.tar.gz tar -xvf apache-tomcat-8.5.16.tar.gz cd apache-tomcat-8.5.16/bin/ tar -xvf tomcat-native.tar.gz
cd /opt mkdir softwares cd softwares
Install Java (JDK) [/h2]
cd /opt wget --no-check-certificate --no-cookies --header "Cookie: oraclelicense=accept-securebackup-cookie" http://download.oracle.com/otn-pub/java/jdk/8u141-b15/336fa29ff2bb4ef291e347e091f7f4a7/jdk-8u141-linux-x64.rpm sudo yum install -y jdk-8u141-linux-x64.rpm
yum groupinstall "Development Tools"Download and install openssl
cd /opt/softwares wget https://www.openssl.org/source/openssl-1.0.2l.tar.gz tar -xvf openssl-1.0.2l.tar.gz cd openssl-1.0.2l ./config -fPIC --prefix=/opt/software/ --openssldir=/opt/software/ make make installInstall APR (Apache Portable Runtime)
cd /opt/softwares/ wget http://apache.mirror.amaze.com.au//apr/apr-1.6.2.tar.gz tar -xvf apr-1.6.2.tar.gz cd apr-1.6.2 ./configure --prefix=/opt/software/ make make installInstall Tomcat Native
cd /opt/apache-tomcat-8.5.16/bin/tomcat-native-1.2.12-src/native/ ./configure --with-apr=/opt/software/ --with-java-home=/usr/java/jdk1.8.0_141/ --with-ssl=/opt/software/ --prefix=/opt/apache-tomcat-8.5.16 make make installvi /opt/apache-tomcat-8.5.16/bin/setenv.sh export JAVA_HOME=/usr/lib/jvm/java-1.8.0 LD_LIBRARY_PATH=$LD_LIBRARY_PATH:$CATALINA_HOME/lib export LD_LIBRARY_PATH/opt/apache-tomcat-8.5.16/bin/startup.shcat /opt/apache-tomcat-8.5.16/logs/catalina.out | more . 09-Aug-2017 00:45:44.312 INFO [main] org.apache.catalina.core.AprLifecycleListener.lifecycleEvent Loaded APR based Apache Tomcat Native library [1.2.12] using APR version [1.6.2]. 09-Aug-2017 00:45:44.313 INFO [main] org.apache.catalina.core.AprLifecycleListener.lifecycleEvent APR capabilities: IPv6 [true], sendfile [true], accept filters [false], random [true]. 09-Aug-2017 00:45:44.313 INFO [main] org.apache.catalina.core.AprLifecycleListener.lifecycleEvent APR/OpenSSL configuration: useAprConnector [false], useOpenSSL [true] 09-Aug-2017 00:45:44.320 INFO [main] org.apache.catalina.core.AprLifecycleListener.initializeSSL OpenSSL successfully initialized [OpenSSL 1.0.2l 25 May 2017]Apache Tomcat Native Library
The Apache Tomcat Native Library is an optional component for use with Apache Tomcat that allows Tomcat to use OpenSSL as a replacement for JSSE to support TLS connections.
Headlines
- 2 June 2023 - TC-Native-2.0.4 released The Apache Tomcat team is proud to announce the immediate availability of Tomcat Native 2.0.4 Stable. The sources and the binaries for selected platforms are available from the Download page. Please see the Changelog for a full list of changes.
Building
Requirements
Build tc-native requires three components to be installed:
In debian based Linux those dependencies could be installed by something like:
apt-get install libapr1.0-dev libssl-devIn rpm based Linux those dependencies could be installed by something like:
yum install apr-devel openssl-develUNIX
On all the POSIX systems (Linux, Solaris, HP-UX, AIX etc. ) a well-known configure and make is used to build tc-native.
In the jni/native runs:
to read the description of all the parameters.
./configure --with-apr=$HOME/APR \ --with-java-home=$JAVA_HOME \ --with-ssl=$HOME/OPENSSL \ --prefix=$CATALINA_HOMEto create the includes and makefiles to be able to build tc-native.
Where:
$HOME/APR is something like /usr/bin/apr-1-config or the path where apr is installed.
$JAVA_HOME is something like /home/jfclere/JAVA/jdk11 or the path to a JDK installation. Any JDK should work but it is advisable to use the same JVM version the JVM you use with Tomcat.
$HOME/OPENSSL is the path where OpenSSL is installed.
$CATALINA_HOME is the path where the produced libraries will be installed. Something like $HOME/apache-tomcat-10.1.0
The configure is able to guess most of OpenSSL standard installations. So most of the time the following will be enough:
./configure --with-apr=/usr/bin/apr-1-config \ --with-java-home=/home/jfclere/JAVA/jdk11 \ --with-ssl=yes \ --prefix=$CATALINA_HOMETo build the libraries and install them:
The libraries will be found in $CATALINA_HOME/lib
Windows
Download the Windows sources of tc-native and extract them.
Obtain the Windows sources for APR and OpenSSL. Apply the patches from native/srclib and build APR and OpenSSL for your platform (X86 or X64).
nmake -f NMAKEMakefile WITH_APR=. WITH_OPENSSL=. APR_DECLARE_STATIC=1More detailed instructions including the steps to create a standard release distribution are provided on the Wiki.
Install and tests
Configuring Tomcat
Apache Tomcat comes with the AprLifecycleListener enabled by default. Still, you should check your conf/server.xml to ensure that something like the following is present, and uncommented:
Please see the Apache Tomcat documentation for configuration specifics.
UNIX
Edit $CATALINA_HOME/bin/setenv.sh (creating the file if necessary) and add the path to the tc-native libraries to LD_LIBRARY_PATH. Something like:
LD_LIBRARY_PATH=$LD_LIBRARY_PATH:$CATALINA_HOME/lib export LD_LIBRARY_PATHStart tomcat and check for the messages like these ones:
15-Jun-2022 11:06:23.274 INFO [main] org.apache.catalina.core.AprLifecycleListener.lifecycleEvent Loaded Apache Tomcat Native library [2.0.0-dev] using APR version [1.7.0] 15-Jun-2022 11:06:23.298 INFO [main] org.apache.catalina.core.AprLifecycleListener.initializeSSL OpenSSL successfully initialized [OpenSSL 3.0.4-dev 3 May 2022]Refer to the tomcat documentation to configure the connectors (See Tomcat 10.1.x, Tomcat 9.0.x and Tomcat 8.5.x)
Windows
Edit $CATALINA_BASE\bin\setenv.bat (creating the file if necessary) and add the path to the tc-native libraries, apr and OpenSSL to PATH. For example:
set PATH=%PATH;C:\cygwin\home\support\tomcat-native-current-win32-src\jni\native\Debug;C:\cygwin\home\support\tomcat-native-current-win32-src\jni\apr\Debug;C:\OpenSSL\lib\VCStart tomcat and check for the messages like these ones:
15-Jun-2022 11:06:23.274 INFO [main] org.apache.catalina.core.AprLifecycleListener.lifecycleEvent Loaded Apache Tomcat Native library [2.0.0-dev] using APR version [1.7.0] 15-Jun-2022 11:06:23.298 INFO [main] org.apache.catalina.core.AprLifecycleListener.initializeSSL OpenSSL successfully initialized [OpenSSL 3.0.4-dev 3 May 2022]The APR based Apache Tomcat Native library was not found on the java.library.path
Many projects of the production environment are using tomcat, so often debugging with tomcat, this blog is mainly about the APR error at Tomcat startup, the error message is as follows:
02-Aug-2017 18:13:00.769 INFO [main] org.apache.catalina.core.AprLifecycleListener.lifecycleEvent The APR based Apache Tomcat Native library which allows optimal performance in production environments was not found on the java.library.path: [/usr/java/packages/lib/amd64:/usr/lib64:/lib64:/lib:/usr/lib]
Environmental
My environment is as follows
Centos7.3_x64
Tomcat8.5.16
Jdk1.8.0_131
Installation
1, Installation under Windows
Directly copy the tcnative-1.dll to the TOMCAT_HOME/bin directory and start it
2, Installation under Linux
2.1 download the installation package
apr-1.6.2.tar.gz
apr-iconv-1.2.1.tar.gz
apr-util-1.6.0.tar.gz
openssl-1.0.2l.tar.gz
2.2 install the APR plug-in
tar zxvf apr-1.6.2.tar
cd apr-1.6.2
./configure --prefix=/usr/local/apr
make
make install
tar -zxvf apr-iconv-1.2.1.tar.gz
cd apr-iconv-1.2.1
./configure --prefix=/usr/local/apr-iconv --with-apr=/usr/local/apr
make
make install
tar zxvf apr-util-1.6.0.tar.gz
cd apr-util-1.6.0
./configure --prefix=/usr/local/apr-util --with-apr=/usr/local/apr --with-apr-iconv=/usr/local/apr-iconv/bin/apriconv
make
make install
this package comes with tomcat, under the bin directory.
tar zxvf tomcat-native.tar.gz
cd tomcat-native-1.2.12-src/native
./configure --with-apr=/usr/local/apr --with-java-home= /usr/java/jdk1.8.0_131 --with-ssl=/usr/local/openssl
make
make install
mark: if compiling with OpenSSL version problem, please check the solution below.
5) add environment variables
Add the following variablein at the end of the file
Using "./catalina configtest" to detect, the error has disappeared.
The normal information is shown below:
02-Aug-2017 18:17:13.908 INFO [main] org.apache.catalina.core.AprLifecycleListener.lifecycleEvent Loaded APR based Apache Tomcat Native library [1.2.12] using APR version [1.6.2]. 02-Aug-2017 18:17:13.908 INFO [main] org.apache.catalina.core.AprLifecycleListener.lifecycleEvent APR capabilities: IPv6 [true], sendfile [true], accept filters [false], random [true]. 02-Aug-2017 18:17:13.908 INFO [main] org.apache.catalina.core.AprLifecycleListener.lifecycleEvent APR/OpenSSL configuration: useAprConnector [false], useOpenSSL [true] 02-Aug-2017 18:17:13.922 INFO [main] org.apache.catalina.core.AprLifecycleListener.initializeSSL OpenSSL successfully initialized [OpenSSL 1.0.2l 25 May 2017]
Troubleshooting
1. Still wrong after the above deployment?
2. SEVERE: Failed to initialize the SSLEngine?
SEVERE: Failed to initialize the SSLEngine. org.apache.tomcat.jni.Error: 70023: This function has not been implemented on this platform
Please turn off SSL listening unless you do use it.
3. OpenSSL version problem?
When compiling native, there is a problem with the OpenSSL version, so must solve the OpenSSL problem first at this point.
configure: error: Your version of OpenSSL is not compatible with this version of tcnative
tar zxf openssl-1.0.2l.tar.gz
./config –prefix=/usr/local/openssl –fPIC
Do add -fPIC parameter, otherwise this error will occur
/usr/local/openssl/lib/libssl.a(s3_meth.o): relocation R_X86_64_32 against `.rodata' can not be used when making a shared object; recompile with –fPIC /usr/local/openssl/lib/libssl.a: could not read symbols: Bad value collect2: error: ld returned 1 exit status make[1]: *** [libtcnative-1.la] Error 1 make[1]: Leaving directory `/usr/local/tomcat-native-1.2.8-src/native' make: *** [all-recursive] Error
Posted by coolesting in Web Server at Aug 04, 2017 - 11:04 AM Tag: Tomcat OpenSSL
Hot Categories
Hot Tags
- Java × 8678
- Python × 3398
- Algorithm × 2157
- Linux × 2069
- Javascript × 1932
- data structure × 1524
- Spring × 1497
- C++ × 1439
- MySQL × 1163
- Database × 1138
- Front-end × 1057
- Design Pattern × 1024