tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Brewer, Edward L" <lee.bre...@Vanderbilt.Edu>
Subject Help with Apache Tomcat/7.0.53 SSL issue
Date Tue, 07 Oct 2014 18:30:38 GMT
To all,

I am using Apache Tomcat 7.0.53 and I am having an intermittent issue with SSL.  I am currently
running three environments (Dev, UAT, and Prod. Prod comprises 4 VMs  (uname  states version
as  "2.6.32-431.11.2.el6.x86_x86_64 GNU/Linux" ) with each containing a local version of Java
[ Java(TM) SE Runtime Environment (build 1.7.0_55-b13)  Java HotSpot(TM) 64-Bit Server VM
(build 24.55-b03, mixed mode) ]  As well Tomcat and Java are owned by the user running the
app.  The VMs are load balanced over two pair of LTMs (LTM1 balances node 1 and node 2;  LTM2
balances node 3 and node 4).  The test environment is scaled down to just one LTM with two
nodes and development is just a single VM.

Now, when I deployed dev and test I did not have any issues with SSL.... everything went as
planned.  When I deployed into production, I started to get complaints about timeouts to the
service.  After much troubleshooting... we were able to discern, using curl, that in production
the LTM was not getting a response back from the application (using TCPDUMP) intermittently.
  Our LTMs are configured to server as a SSL proxy.  On the VM, TCPDUMP shows that traffic
is being presented to the socket but there is no response.  As far as I can tell the three
environments (TOMCAT and JAVA) are the same.   I find nothing in the logs from both access
and catalina.out.  When I restart the servers the problem goes away for about one hour then
it comes back rapidly.  Using top and sar I do not see any issues with operating system performance.
 Also,  by going done to one node the problem persists.  As well here are the options that
are in setenv.sh

export JAVA_OPTS="$JAVA_OPTS\
-verbosegc\
-Xms256m\
-XX:+DisableExplicitGC\
-Xmx2g"


Here is the error that I see from curl

curl: (52) SSL read: error:00000000:lib(0):func(0):reason(0), errno 104

Help,
Lee Brewer

Lee Brewer | Application Developer | Information Technology | Vanderbilt University
lee.brewer@vanderbilt.edu | phone 615.343.2802 | it.vanderbilt.edu<http://it.vanderbilt.edu/>
[Vanderbilt IT logo]


Mime
  • Unnamed multipart/related (inline, None, 0 bytes)
View raw message