tomcat

jps and jstat for tomcat on jdk-1.6.0_24

Recently upgrading to java version "1.6.0_24", jps and jstat seemed to be broken to get monitoring information from running tomcat process.

By default java.io.tmpdir is /tmp, however tomcat usually uses it's own temp directory. That is where jps/jstat looks for hsperfdata_* dirs. If java.io.tmpdir is not set, it would look in /tmp. If jps can't find the hsperfdata directory, it won't report anything.

jps/jstat however allows to specify java.io.tmpdir in case you're using a JVM that places those directories in a different location.

So to get it to work:

$JAVA_HOME/bin/jps -J-Djava.io.tmpdir=/path/to/tomcat/temp -l
$JAVA_HOME/bin/jstat -J-Djava.io.tmpdir=/path/to/tomcat/temp -gc $PID

Importing existing SSL key and certificate for tomcat

  1. Convert key and cert to a single pkcs12 format.

    openssl pkcs12 -export -inkey <pathto>/key.txt -in <pathto>/cert.txt -out cert.pkcs12

  2. Remove existing tomcat aliased PrivateKeyEntry from cacerts.

    keytool -delete -alias tomcat -keystore <pathto>/cacerts

  3. Use java-1.6 keytools to import PKCS12 keystoretype into existing cacerts keystore file.

    keytool -importkeystore -destkeystore cacerts -srckeystore cert.pkcs12 -srcstoretype PKCS12

  4. Note the alias of the newly imported PrivateKeyEntry, which would normally be 1.

    keytool -list -keystore <pathto>/cacerts | grep PrivateKeyEntry

  5. Change the alias to tomcat.

    keytool -changealias -alias 1 -destalias tomcat -keystore <pathto>/cacerts

Comment