4.10.2

docker · Jan 1, 2024 · a043968 · a043968
1 parent dab061f
commit a043968
Showing 11 changed files with 391 additions and 38 deletions.
diff --git a/Dockerfile b/Dockerfile
@@ -9,7 +9,7 @@ LABEL author="tier-packaging@internet2.edu <tier-packaging@internet2.edu>" \
 ARG GROUPER_CONTAINER_VERSION
 
 ENV GROUPER_VERSION=4.10.1 \
-    GROUPER_CONTAINER_VERSION=4.10.1 \
+    GROUPER_CONTAINER_VERSION=4.10.2 \
     JAVA_HOME=/usr/lib/jvm/java-17-amazon-corretto \
     PATH=$PATH:$JAVA_HOME/bin \
     GROUPER_HOME=/opt/grouper/grouperWebapp/WEB-INF
@@ -48,7 +48,9 @@ RUN cd /tmp \
 # docker exec -it mygrouper bash
 
 WORKDIR /opt/grouper/grouperWebapp/WEB-INF/
-EXPOSE 80 443
+EXPOSE 80 443 8080 8443
 HEALTHCHECK NONE
 
 ENTRYPOINT ["/usr/local/bin/entrypoint.sh"]
+#ENTRYPOINT ["ping"]
+#CMD ["google.com"]
diff --git a/container_files/certs/client/localhost.pem b/container_files/certs/client/localhost.pem
@@ -0,0 +1,34 @@
+-----BEGIN CERTIFICATE-----
+MIIF4zCCA8ugAwIBAgIJAIGLhBfhRQ1IMA0GCSqGSIb3DQEBCwUAMIGGMQswCQYD
+VQQGEwJYWDESMBAGA1UECAwJU3RhdGVOYW1lMREwDwYDVQQHDAhDaXR5TmFtZTEU
+MBIGA1UECgwLQ29tcGFueU5hbWUxGzAZBgNVBAsMEkNvbXBhbnlTZWN0aW9uTmFt
+ZTEdMBsGA1UEAwwUQ29tbW9uTmFtZU9ySG9zdG5hbWUwIBcNMjMxMjI5MjAyOTE1
+WhgPMjA1MTA1MTYyMDI5MTVaMIGGMQswCQYDVQQGEwJYWDESMBAGA1UECAwJU3Rh
+dGVOYW1lMREwDwYDVQQHDAhDaXR5TmFtZTEUMBIGA1UECgwLQ29tcGFueU5hbWUx
+GzAZBgNVBAsMEkNvbXBhbnlTZWN0aW9uTmFtZTEdMBsGA1UEAwwUQ29tbW9uTmFt
+ZU9ySG9zdG5hbWUwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQCx09MP
+vAx8q5tzHQ6wdg7E7DtIFpBWds///mM1eP114510kmm4Fe+uleYLXSydzA47fDqH
+HqWOu7mOAyRJuXGGXJ/KWFwBnam0GDhq4kxBUM3wvQbPDcpw1CrUhXaCkeM8ddFI
+wQQ0t0dEzJfRuJgriXk3lIfcPMDgHP16gV7KwFdWKN+JQwGHVYXJabCH93hbr1+d
++pzHWyr/g/DEdWVJ9coGL++w3xLJUxjPX8DzJX55NUIbrBA4JIjZMZh96qPQOXii
+UvfVQaelnQNLF3YD0GkJ7ZdO3AucwGjfyQBtBhaS/wiXe7xm6PxGdWmDa350sWO9
+XVQUx32KJvoW8ViybPceoJkdhN6IE66lNjwJGzQ4zVA2Cs6Tl03DJ9TKiiTi4z2k
+1Yor9l+yYm4c1p74FSOdPcqT8yaoXwW4s7WpSZZMHP0FCzWN2E+Fw+Bp+nnQVI7G
+rVeFiaBm898DBChb1wVZuBHeeXumx89oUKdww+Mly5tmdgtaCI7ac22AauK9SKEL
+xsceWWjz7Y8r8QZNzJpezlT/gmZz+JGg6CuC6oN4Zuu2QbBoaNFOv3Vvs6SFg0T+
+1OZ3hu5aiSpRUDM9qFsaAXxqbFwafd/Yc3rcaKTiUICusjJQjysaT/0ANCDIIooW
+Vc4I01crHQJIRDVm5cLK5psZk4bBDuzioziu9wIDAQABo1AwTjAdBgNVHQ4EFgQU
+oKZqZBHHaKTPJFRj44vl+wQoMtowHwYDVR0jBBgwFoAUoKZqZBHHaKTPJFRj44vl
++wQoMtowDAYDVR0TBAUwAwEB/zANBgkqhkiG9w0BAQsFAAOCAgEAkvPB/463LNJC
+gmEIpldcse4dHs7o2GrtGLAA3XH0hGRSOa+6revsq/QQTYlYXPz6S2yv+byEA/ru
+nMd33kOYtRTfzajxQ8uNNLf/EycfPvKZhO9S4tPy3HWnLMt+PzTjK2zubyNCilxz
+Y6nfkNwFDl2+mmf+oSE8XqGvcjLAotoAIpp/lrqK224vaLxZrHH/07brmC4cOWWz
+c6ibDhMmvMjcXJh7yQ0RxIAHpUhht7nDJfZMPCdn2PWOtJFwn0ep3lXTc4fjd7qq
+UH+aQyOIVQo3PWa538kR7hBMTTUVgSM9ueeJvQRCwtRp38Yv2+a6gDNZRwE1Nt6V
+apTL99GZqE0WURHIByqV/mHZBVT5tjv9ypv49Cy6HiEo+UtYXbF06qHJqjjhbmb4
+mK/+1F2qmc5apIQPrk+MURF+0N6126OfRMg9nN3epsa13gvFrXi9k8HnwY+SXod6
+eX7/XnZzMWLZHHtsCHAozTFYDQGpihFvq24CH4MlDhGJxFYs53txX7eKcwyKC2i8
+ZPPsHe8/PltHwdnonuHZ1pp0XU6EtjI0n17CVeVFjZI+nfd30MTkBl+tnQm8caYd
+CsxEiUuVzCceJjlqqB/Cug767QWkzxr3HcRYgkQQ5UUW1alqjMgI3mnr6MrqyJFq
+i1A4cbdYt2h0WcSM/5M+ABe4CG8JOgc=
+-----END CERTIFICATE-----
diff --git a/container_files/certs/keys/localhost.key b/container_files/certs/keys/localhost.key
@@ -0,0 +1,52 @@
+-----BEGIN PRIVATE KEY-----
+MIIJQQIBADANBgkqhkiG9w0BAQEFAASCCSswggknAgEAAoICAQCx09MPvAx8q5tz
+HQ6wdg7E7DtIFpBWds///mM1eP114510kmm4Fe+uleYLXSydzA47fDqHHqWOu7mO
+AyRJuXGGXJ/KWFwBnam0GDhq4kxBUM3wvQbPDcpw1CrUhXaCkeM8ddFIwQQ0t0dE
+zJfRuJgriXk3lIfcPMDgHP16gV7KwFdWKN+JQwGHVYXJabCH93hbr1+d+pzHWyr/
+g/DEdWVJ9coGL++w3xLJUxjPX8DzJX55NUIbrBA4JIjZMZh96qPQOXiiUvfVQael
+nQNLF3YD0GkJ7ZdO3AucwGjfyQBtBhaS/wiXe7xm6PxGdWmDa350sWO9XVQUx32K
+JvoW8ViybPceoJkdhN6IE66lNjwJGzQ4zVA2Cs6Tl03DJ9TKiiTi4z2k1Yor9l+y
+Ym4c1p74FSOdPcqT8yaoXwW4s7WpSZZMHP0FCzWN2E+Fw+Bp+nnQVI7GrVeFiaBm
+898DBChb1wVZuBHeeXumx89oUKdww+Mly5tmdgtaCI7ac22AauK9SKELxsceWWjz
+7Y8r8QZNzJpezlT/gmZz+JGg6CuC6oN4Zuu2QbBoaNFOv3Vvs6SFg0T+1OZ3hu5a
+iSpRUDM9qFsaAXxqbFwafd/Yc3rcaKTiUICusjJQjysaT/0ANCDIIooWVc4I01cr
+HQJIRDVm5cLK5psZk4bBDuzioziu9wIDAQABAoICABtZ2TyyT7ldK6uo7Hl3rw3a
+x8NutQSXgaZ+GgQ/d7yKJc2oN1p5BUR1Ccz1p8cde5LqqJXfwNcTSJbvJMWyICPq
+WylkLcKR3Wg10XefFtt08jf02vc9x8VS3MOTQ4cRqUHDXU0zYtI43l1WmoNHQSBx
+JJPH5J2bOo895j7RZyMIMmauIrOZ+sI2BT3VY7GF/p0bfDlwMmz3OMXUJVQSOmIF
+y+znspYhuWH9xfMfZy3+tlUuO9zFujjoZaQCXNIBJPEB5ewRlszWLFLss3T5Rs2P
+YJiGUp9ueNrDPV4uLEKYjSBO2aNzBKdPbn3n0TLFdc28+vpFQIlxpX16QT0GIf4N
+vyCevCj0oRKBSJ5UxMcag/Pj8DXxh+vQ7x+NduYqL8ciNJLHMvyoy4591RJMOQbM
+P3YNqZ/hY8IdPMVMww4t8wm1R7GhHZaVcDAEUiebtE/Wd2pdyPNZ/9d3m91a7MLl
+KnVU3qdDXKmcC0uxat2xlb2sIJthHwjUj2sjNJ+xGxMiqxBbg9VNyQ7DmwKHyTL1
+6YngahdrFQXjA6Df1iuf6Xzh7nNmV5GfT+yKny+rTSszUx5fZNo1qvJ2oTC87gUe
+HV7qYO6+vzaM8hUpb3vSAzmgjynymmq9m8A0Yim/GkxGHt7GJ+JqMrwSKz5zT+3f
+qZJFAuraKJJVZ9A2/C0BAoIBAQDjlRxnXO9Co0OafJcn8ylHEOfcTAKQkb9Ncsoh
+r4LLTmkhZFs830C6WG4PXZOtKbYElqTk2AQZeZlKLN217etMoC6jh1fCjDrlGE9R
+btzWEsT6j+Ol6yOClAznZoQQClyQiI7ycijANrPhnoNKrIqC23L56ZklHQktfWoy
+smwnm6ulNh7UeYkX/jv02j1I1zaUjGWA0CPm/xzpjYeUWkdwgelzqBxPOCzPv9oT
+bvNoyNqSj/5ZuTPBtI+n4GH/tJxk51hYSb9+igpx98wMux7XxHgthwSiqa5Lwlkq
+OJWnTwXFV7heDDcTjVorxXE3lhU3iDbqvqQdQQaUBLQHjhgjAoIBAQDICD868TeV
+r01ab9RrqoDCyl2+hmNh6TBODCDu0eLxewN1kGymVkzdi/VBGEDMhdd3mro/wxTa
+ZXPUrBeznMwvUVlnI2s7RZKrhrf1O5w7Qv4TG09kZKIn4aXYx5uhxxgDgc7aPxjS
+XQAWbAZtbrtFaaXEvC0rsExLatfOJXgURiYDXKBiwV8rg//65YnPtVHBfVGiWF3p
+62EDZYYkGHVuF5UpbVHm0DVT8xW5ixmwhpNcBqKM+WobPaZEwGbULu75bvSqA7Sw
+g4Cz6m7aCL/3TQVEEpdS4HkEqqN7ClsTn+VMqOWPkAbtkzTHmrDjn0n4ZtIw9g/y
+70PgpJXZ7fEdAoIBAApr1I4jIk2h3kGfvOg2aUh4zLU4wdFO6zynqfva5plasNO3
+nbnu2y7tR7Tqaw294DjbkRdtkNp9x/guj8R57ZFnsFsKooklFLlS4Kbw9anT2DNF
+DX6WgtzC3Mhn2FpHry9rIWiWs6kBmEEXmhl8Rydw1xX8jWe2qansmUVTCELUDQsW
+rFi8a/uuR56Rs8a3HCe3Ohqo7UvxmKhVM8UmUSkkucTzCMDT6LFmrpy/MuQ0dlXJ
+xDLlmSogk4dzbelgoty3/0KjteIcfhfz6eMXWnU06O/kw+CS9ok/kAev6aJsqu37
+c1TTKF571Yo1k1ahR71wPluHeUphpOR4Rqol5pMCggEAadaTPiirdHPQxe0tw9nv
+TyGsAEczBndPq7wXIMXFAmhIKEhGdKxs9zw6hDrE7nJS02H28g3SVswfQYPc9pgc
+IV01pLDE6BOjy0X4x7TGsUR9Erb8hu4ILnniOpVC75JcTl68iBWimIvEpBh8PiK8
+y7lekH3QmLErbSwXC2gf5PpI2raD1jziki/BnYseI9yYaXxZWUDQUBjOt/FbzHV0
+jM/FiKnjD/FShhy0ffvvl8tc5PBNybGeRtOTygTTY6mBoFDo+5wCWvL5gjikdpDy
+oXMLOj1r+9nxrlprLYsJLZUIyksDS7a1M7cT0hkzRvzdMqWUyXsobS3UCGSNNUYE
+sQKCAQAgUoFwyU32kbabX1w+rq+mMY5fHtactIGI6Fj+s05jEmiAG0IQDcArA3Yf
+HsU4WD5hSAYJ2Pe4JFBiRT1qaxZGTLGsDHWPf1t/Likx6W7CKvlY1oMd5/48EEkk
+MuGUdor3nlG2FfHeIj/2Qxb5M4wxEnCu5UlHVTwwQq3JKVdjSae0p+DMemE6jt4U
+55ctAR054R1Y+y83KMmjgaoBHFiRjIiN83Rbi/r+9LqJhEgSO4xyJg2munsGhSDc
+TKX2Kq2rbkop9lmIB4dxFlAc0hkYRaErgO6i7eBolhpflw+WRGp1fx1aoJcTrT+1
+64pohvmZMxTgi91XAfPdirMLS7MQ
+-----END PRIVATE KEY-----
diff --git a/container_files/docker-build-bin/containerDockerfileInstall.sh b/container_files/docker-build-bin/containerDockerfileInstall.sh
@@ -75,9 +75,9 @@ returnCode=$?
 echo "grouperDockerfile; INFO: (containerDockerfileInstall.sh) rm -rf /opt/grouper/$GROUPER_VERSION, result: $returnCode"
 if [ $returnCode != 0 ]; then exit $returnCode; fi
 
-rm -rf /opt/tomcat/webapps/docs/ /opt/tomcat/webapps/host-manager/ /opt/tomcat/webapps/manager/ /opt/tomcat/logs/* /opt/tomcat/temp/* /opt/tomcat/work/* /opt/tomcat/conf/logging.properties
+rm -rf /opt/tomcat/webapps/ROOT /opt/tomcat/webapps/examples /opt/tomcat/webapps/docs/ /opt/tomcat/webapps/host-manager/ /opt/tomcat/webapps/manager/ /opt/tomcat/logs/* /opt/tomcat/temp/* /opt/tomcat/work/* /opt/tomcat/conf/logging.properties
 returnCode=$?
-echo "grouperDockerfile; INFO: (containerDockerfileInstall.sh) rm -rf /opt/tomcat/webapps/docs/ /opt/tomcat/webapps/host-manager/ /opt/tomcat/webapps/manager/ /opt/tomcat/logs/* /opt/tomcat/temp/* /opt/tomcat/work/*\ /opt/tomcat/conf/logging.properties, result: $returnCode"
+echo "grouperDockerfile; INFO: (containerDockerfileInstall.sh) rm -rf /opt/tomcat/webapps/ROOT /opt/tomcat/webapps/examples /opt/tomcat/webapps/docs/ /opt/tomcat/webapps/host-manager/ /opt/tomcat/webapps/manager/ /opt/tomcat/logs/* /opt/tomcat/temp/* /opt/tomcat/work/*\ /opt/tomcat/conf/logging.properties, result: $returnCode"
 if [ $returnCode != 0 ]; then exit $returnCode; fi
 
 cp -R /opt/container_files/grouperWebapp/* /opt/grouper/grouperWebapp

diff --git a/container_files/docker-build-bin/containerDockerfileInstallPermissions.sh b/container_files/docker-build-bin/containerDockerfileInstallPermissions.sh
@@ -75,6 +75,11 @@ if [ $lines -ne 0 ]; then
   if [ $returnCode != 0 ]; then exit $returnCode; fi
 fi
 
+chmod 660 /opt/grouper/certs/keys/*
+returnCode=$?
+echo "grouperDockerfile; INFO: (containerDockerfileInstall.sh) chmod 660 /opt/grouper/certs/keys/*, result: $returnCode"
+if [ $returnCode != 0 ]; then exit $returnCode; fi
+
 /opt/container_files/docker-build-bin/containerDockerfileInstallDos2unix.sh /usr/local/bin
 returnCode=$?
 echo "grouperDockerfile; INFO: (containerDockerfileInstallPermissions.sh) /opt/container_files/docker-build-bin/containerDockerfileInstallDos2unix.sh /usr/local/bin, result: $returnCode"

diff --git a/container_files/tomcat/conf/Catalina/localhost/rewrite.config.grouper b/container_files/tomcat/conf/Catalina/localhost/rewrite.config.grouper
@@ -0,0 +1 @@
+RewriteRule ^/$ /__CONTEXT__/ [R]
diff --git a/container_files/tomcat/conf/server.xml.grouper b/container_files/tomcat/conf/server.xml.grouper
@@ -66,11 +66,12 @@
          APR (HTTP/AJP) Connector: /docs/apr.html
          Define a non-SSL/TLS HTTP/1.1 Connector on port 8080
     -->
-    <Connector port="8080" protocol="HTTP/1.1"
+    <!--GROUPER_HTTP_CONNECTOR-->
+    <!--Connector port="8080" protocol="HTTP/1.1"
                connectionTimeout="20000"
                redirectPort="8443"
-               maxParameterCount="10000"
-               />
+               maxParameterCount="1000"
+    -->
     <!-- A "Connector" using the shared thread pool-->
     <!--
     <Connector executor="tomcatThreadPool"
@@ -98,6 +99,7 @@
         </SSLHostConfig>
     </Connector>
     -->
+    <!--GROUPER_HTTPS_CONNECTOR-->
     <!-- Define an SSL/TLS HTTP/1.1 Connector on port 8443 with HTTP/2
          This connector uses the APR/native implementation which always uses
          OpenSSL for TLS.
@@ -167,7 +169,11 @@
         <!--
         <Valve className="org.apache.catalina.authenticator.SingleSignOn" />
         -->
-        <!--GROUPER_REMOTE_CIDR_VALVE-->
+        <!--GROUPER_TOMCAT_REMOTE_CIDR_VALVE-->
+
+        <!--GROUPER_TOMCAT_REMOTE_IP_VALVE-->
+
+        <Valve className="org.apache.catalina.valves.rewrite.RewriteValve" />
 
         <!-- Access log processes all example.
              Documentation at: /docs/config/valve.html

diff --git a/container_files/tomcat/conf/server.xml.grouper.patch b/container_files/tomcat/conf/server.xml.grouper.patch
@@ -1,15 +1,29 @@
---- server.xml.original	2023-06-27 13:54:24.000000000 -0400
-+++ server.xml.grouper	2023-07-03 02:37:07.000000000 -0400
-@@ -69,7 +69,7 @@
-     <Connector port="8080" protocol="HTTP/1.1"
+--- server.xml.original	2023-08-21 10:59:20.000000000 -0400
++++ server.xml.grouper	2024-01-01 15:43:53.000000000 -0500
+@@ -66,11 +66,12 @@
+          APR (HTTP/AJP) Connector: /docs/apr.html
+          Define a non-SSL/TLS HTTP/1.1 Connector on port 8080
+     -->
+-    <Connector port="8080" protocol="HTTP/1.1"
++    <!--GROUPER_HTTP_CONNECTOR-->
++    <!--Connector port="8080" protocol="HTTP/1.1"
                 connectionTimeout="20000"
                 redirectPort="8443"
--               maxParameterCount="1000"
-+               maxParameterCount="10000"
-                />
+                maxParameterCount="1000"
+-               />
++    -->
      <!-- A "Connector" using the shared thread pool-->
      <!--
-@@ -128,7 +128,8 @@
+     <Connector executor="tomcatThreadPool"
+@@ -98,6 +99,7 @@
+         </SSLHostConfig>
+     </Connector>
+     -->
++    <!--GROUPER_HTTPS_CONNECTOR-->
+     <!-- Define an SSL/TLS HTTP/1.1 Connector on port 8443 with HTTP/2
+          This connector uses the APR/native implementation which always uses
+          OpenSSL for TLS.
+@@ -128,7 +130,8 @@
                 maxParameterCount="1000"
                 />
      -->
@@ -19,11 +33,15 @@
      <!-- An Engine represents the entry point (within Catalina) that processes
           every request.  The Engine implementation for Tomcat stand alone
           analyzes the HTTP headers included with the request, and passes them
-@@ -166,13 +167,12 @@
+@@ -166,13 +169,16 @@
          <!--
          <Valve className="org.apache.catalina.authenticator.SingleSignOn" />
          -->
-+        <!--GROUPER_REMOTE_CIDR_VALVE-->
++        <!--GROUPER_TOMCAT_REMOTE_CIDR_VALVE-->
++
++        <!--GROUPER_TOMCAT_REMOTE_IP_VALVE-->
++
++        <Valve className="org.apache.catalina.valves.rewrite.RewriteValve" />
 
          <!-- Access log processes all example.
               Documentation at: /docs/config/valve.html

diff --git a/container_files/usr-local-bin/libraryPrep.sh b/container_files/usr-local-bin/libraryPrep.sh
@@ -389,6 +389,10 @@ prep_finishBegin() {
       echo "grouperContainer; INFO: (libraryPrep.sh-prep_finishBegin) export GROUPER_TOMCAT_HTTP_PORT=8080"
       export GROUPER_TOMCAT_HTTP_PORT=8080
     fi
+    if [ -z "$GROUPER_TOMCAT_HTTPS_PORT" ]; then 
+      echo "grouperContainer; INFO: (libraryPrep.sh-prep_finishBegin) export GROUPER_TOMCAT_HTTPS_PORT=-1"
+      export GROUPER_TOMCAT_HTTPS_PORT=-1
+    fi
     if [ -z "$GROUPER_TOMCAT_MAX_HEADER_COUNT" ]; then 
       echo "grouperContainer; INFO: (libraryPrep.sh-prep_finishBegin) export GROUPER_TOMCAT_MAX_HEADER_COUNT=200"
       export GROUPER_TOMCAT_MAX_HEADER_COUNT=200
@@ -402,6 +406,11 @@ prep_finishBegin() {
       export GROUPER_TOMCAT_SHUTDOWN_PORT=8005
     fi
 
+    if [ -z "$GROUPER_TOMCAT_LOG_ACCESS_DIRECTORY" ]; then 
+      echo "grouperContainer; INFO: (libraryPrep.sh-prep_finishBegin) export GROUPER_TOMCAT_LOG_ACCESS_DIRECTORY=/opt/grouper/logs"
+      export GROUPER_TOMCAT_LOG_ACCESS_DIRECTORY=/opt/grouper/logs
+    fi
+
     if [ -z "$GROUPER_SHIB_LOG_USE_PIPE" ]; then 
       echo "grouperContainer; INFO: (libraryPrep.sh-prep_finishBegin) export GROUPER_SHIB_LOG_USE_PIPE=true"
       export GROUPER_SHIB_LOG_USE_PIPE=true
@@ -476,6 +485,10 @@ prep_finishEnd() {
       echo "grouperContainer; INFO: (libraryPrep.sh-prep_finishEnd) export GROUPERUI_LOGOUT_REDIRECTTOURL=/Shibboleth.sso/Logout"
       export GROUPERUI_LOGOUT_REDIRECTTOURL=/Shibboleth.sso/Logout
     fi
+    if [ -z "$GROUPER_TOMCAT_REMOTE_IP_VALVE" ]; then 
+      echo "grouperContainer; INFO: (libraryPrep.sh-prep_finishEnd) export GROUPER_TOMCAT_REMOTE_IP_VALVE=false"
+      export GROUPER_TOMCAT_REMOTE_IP_VALVE=false
+    fi
     if [ -z "$GROUPER_REDIRECT_FROM_SLASH_TO_GROUPER" ]; then 
       if [ "$GROUPER_PROXY_PASS" = "#" ]; then 
 

diff --git a/container_files/usr-local-bin/librarySetupFilesApache.sh b/container_files/usr-local-bin/librarySetupFilesApache.sh
@@ -68,7 +68,7 @@ setupFilesApache_ssl() {
 
         sed -i "s|__GROUPER_SSL_CHAIN_FILE__|$GROUPER_SSL_CHAIN_FILE|g" /etc/httpd/conf.d/ssl-enabled.conf
         returnCode=$?
-        echo "grouperContainer; INFO: (librarySetupFilesApache.sh-setupFilesApache_ports) No chain setting: sed -i \"s|SSLCertificateChainFile __GROUPER_SSL_CHAIN_FILE__|$GROUPER_SSL_CHAIN_FILE|g\" /etc/httpd/conf.d/ssl-enabled.conf , result: $?"
+        echo "grouperContainer; INFO: (librarySetupFilesApache.sh-setupFilesApache_ports) Setting chain: sed -i \"s|SSLCertificateChainFile __GROUPER_SSL_CHAIN_FILE__|$GROUPER_SSL_CHAIN_FILE|g\" /etc/httpd/conf.d/ssl-enabled.conf , result: $?"
         if [ $returnCode != 0 ]; then exit $returnCode; fi
 
 

diff --git a/container_files/usr-local-bin/librarySetupFilesTomcat.sh b/container_files/usr-local-bin/librarySetupFilesTomcat.sh