0

My Tomcat stout log file seems to fill up with millions of lines related to certificates, algorithm signatures etc. Basically my log file is 8gb and 99% of it looks similar to:

adding as trusted cert:
  Subject: CN=SomeCNHere CA, O=SomeOHere Corporation, C=SomeCHere
  Issuer:  CN=SomeCNHere CA, O=SomeOHere Corporation, C=SomeCHere
  Algorithm: RSA; Serial number: 0xcf08o5c34256a5bt427bf0eb6903054d0
  Valid from Tue Nov 07 14:31:18 EST 2008 until Mon Dec 31 14:40:55 EST 2039

OR similar related logs regarding the algorithm signatures.

I cant seem to find any log settings that would cause this. I'm thinking maybe it is due to mis-configured trustStore settings or possibly some debug logs are on somewhere.

Where should I look to shut these types of logs off?

Thank you.

vijay kumar
  • 15
  • 4
elementmg
  • 234
  • 2
  • 14
  • 1
    Check if [_JAVA_OPTIONS env var](https://stackoverflow.com/a/30305597/2834978) exists and what's the value. May be it's setting debug for that on JVM options. See also https://stackoverflow.com/a/30104610/2834978 – LMC Jun 28 '23 at 19:44

1 Answers1

1

Educated guess. You don't have a truststore set up, so you're getting logs over and over again every time a certificate is presented.

Try following the suggestions in Configure Truststore in Tomcat to set up a truststore and see if your logs get cleaned up.

btilly
  • 43,296
  • 3
  • 59
  • 88
  • It seems I had -Djavax.net.debug=ssl in my JVM arguments. Will try removing it and restarting. If that doesn't resolve ill review the trustStore suggestion. Thanks! – elementmg Jun 30 '23 at 18:04