tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Christopher Schultz <ch...@christopherschultz.net>
Subject Re: TLSv1.2 ALERT: fatal, description = unexpected_message
Date Mon, 06 Jun 2016 19:05:30 GMT
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Venkata,

On 6/5/16 1:45 PM, Venkata Reddy P wrote:
> My current ssl errors are getting only for IE and google chrome 
> browsers.  The same application is working well for the Firefox 
> that's the reason can't suspect the SSL implementation.

I disagree with your assumption here that Firefox and MSIE/Chrome all
work the same way when it comes to TLS. Perhaps MSIE/Chrome use a
particular TLS extension that Firefox does not. Perhaps there is a
cipher suite in the list from MSIE/Chrome that is not in Firefox (or
vice-versa).

> I have also tried with OpenSSL client and confirms the nothing
> wrong with ssl implementation. The same ssl implantation have been
> using from tomcat4 onwards and the same implementation has been
> injected as per the tomcat8 connectors.

Lots of changes have occurred within the Tomcat Connector code between
Tomcat 4 and Tomcat 8. The same implementation can not be successfully
re-used across those versions.

Perhaps if you shared some of the code, we could help debug it. If
not, you will have to debug your own code by yourself.

- -chris

> -----Original Message----- From: Mark Thomas
> [mailto:markt@apache.org] Sent: 05 June 2016 22:23 To: Tomcat Users
> List Subject: Re: TLSv1.2 ALERT: fatal, description =
> unexpected_message
> 
> On 05/06/2016 16:32, Venkata Reddy P wrote:
>> Hi,
>> 
>> I have a setup with Tomcat8.0.33,jre8u91 and with ssl enabled
>> with http connector. <Connector SSLEnabled="true"
>> acceptCount="100" address="10.4.20.46" connectionTimeout="-1" 
>> disableUploadTimeout="true" enableLookups="false" 
>> maxHttpHeaderSize="8192" maxThreads="500" port="50002" 
>> protocol="com.poc.tomcat8.SSLHttp11Protocol" scheme="https"
>> secure="true" />
>> 
>> Most of the application works on ssl without any issues but while
>> downloading JS,CSS files seems to be failing. I can't suspect the
>> ssl implementation.
> 
> Why not? We haven't seen any reports from users using the default
> TLS implementation. You are using a custom TLS implementation any
> you are seeing errors. Absent some VERY strong evidence this is a
> Tomcat bug, all the indications are that the bug is in
> com.poc.tomcat8.SSLHttp11Protocol
> 
> Mark
> 
> 
> ---------------------------------------------------------------------
>
> 
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
> For additional commands, e-mail: users-help@tomcat.apache.org
> 
> 
> ---------------------------------------------------------------------
>
> 
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
> For additional commands, e-mail: users-help@tomcat.apache.org
> 
-----BEGIN PGP SIGNATURE-----
Comment: GPGTools - http://gpgtools.org
Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/

iEYEARECAAYFAldVyXoACgkQ9CaO5/Lv0PBXiACgueSAfA8AJuKZ8Bj8ASyufUKO
rWEAoLypfk0l1ksNuBJzgjfmLbtetOB4
=wKzY
-----END PGP SIGNATURE-----

---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org


Mime
View raw message