Return-Path: <users-return-257944-archive-asf-public=cust-asf.ponee.io@tomcat.apache.org>
X-Original-To: archive-asf-public-internal@cust-asf2.ponee.io
Delivered-To: archive-asf-public-internal@cust-asf2.ponee.io
Received: from cust-asf.ponee.io (cust-asf.ponee.io [163.172.22.183])
	by cust-asf2.ponee.io (Postfix) with ESMTP id 3466B200AE1
	for <archive-asf-public-internal@cust-asf2.ponee.io>; Mon,  6 Jun 2016 21:06:05 +0200 (CEST)
Received: by cust-asf.ponee.io (Postfix)
	id 32BF7160A24; Mon,  6 Jun 2016 19:06:05 +0000 (UTC)
Delivered-To: archive-asf-public@cust-asf.ponee.io
Received: from mail.apache.org (hermes.apache.org [140.211.11.3])
	by cust-asf.ponee.io (Postfix) with SMTP id 77BF0160A1E
	for <archive-asf-public@cust-asf.ponee.io>; Mon,  6 Jun 2016 21:06:04 +0200 (CEST)
Received: (qmail 80952 invoked by uid 500); 6 Jun 2016 19:06:03 -0000
Mailing-List: contact users-help@tomcat.apache.org; run by ezmlm
Precedence: bulk
List-Help: <mailto:users-help@tomcat.apache.org>
List-Unsubscribe: <mailto:users-unsubscribe@tomcat.apache.org>
List-Post: <mailto:users@tomcat.apache.org>
List-Id: <users.tomcat.apache.org>
Reply-To: "Tomcat Users List" <users@tomcat.apache.org>
Delivered-To: mailing list users@tomcat.apache.org
Received: (qmail 80939 invoked by uid 99); 6 Jun 2016 19:06:02 -0000
Received: from pnap-us-west-generic-nat.apache.org (HELO spamd1-us-west.apache.org) (209.188.14.142)
    by apache.org (qpsmtpd/0.29) with ESMTP; Mon, 06 Jun 2016 19:06:02 +0000
Received: from localhost (localhost [127.0.0.1])
	by spamd1-us-west.apache.org (ASF Mail Server at spamd1-us-west.apache.org) with ESMTP id 52D17C05B4
	for <users@tomcat.apache.org>; Mon,  6 Jun 2016 19:06:02 +0000 (UTC)
X-Virus-Scanned: Debian amavisd-new at spamd1-us-west.apache.org
X-Spam-Flag: NO
X-Spam-Score: 1.513
X-Spam-Level: *
X-Spam-Status: No, score=1.513 tagged_above=-999 required=6.31
	tests=[KAM_ASCII_DIVIDERS=0.8, KAM_LAZY_DOMAIN_SECURITY=1,
	NO_RDNS_DOTCOM_HELO=0.433, RCVD_IN_DNSWL_LOW=-0.7,
	RCVD_IN_MSPIKE_H3=-0.01, RCVD_IN_MSPIKE_WL=-0.01] autolearn=disabled
Received: from mx2-lw-us.apache.org ([10.40.0.8])
	by localhost (spamd1-us-west.apache.org [10.40.0.7]) (amavisd-new, port 10024)
	with ESMTP id f7BeoBjnDY1F for <users@tomcat.apache.org>;
	Mon,  6 Jun 2016 19:06:00 +0000 (UTC)
Received: from vms173019pub.verizon.net (vms173019pub.verizon.net [206.46.173.19])
	by mx2-lw-us.apache.org (ASF Mail Server at mx2-lw-us.apache.org) with ESMTPS id EE0905F1BE
	for <users@tomcat.apache.org>; Mon,  6 Jun 2016 19:05:59 +0000 (UTC)
Received: from vz-proxy-l008.mx.aol.com ([64.236.82.153])
 by vms173019.mailsrvcs.net
 (Oracle Communications Messaging Server 7.0.5.32.0 64bit (built Jul 16 2014))
 with ESMTPA id <0O8D005NF6D65X20@vms173019.mailsrvcs.net> for
 users@tomcat.apache.org; Mon, 06 Jun 2016 14:05:35 -0500 (CDT)
X-CMAE-Score: 0
X-CMAE-Analysis: v=2.1 cv=WpDWSorv c=1 sm=1 tr=0	a=FJ1kTJ0/xm5uTekQe8vMdQ==:117
 a=IkcTkHD0fZMA:10 a=pD_ry4oyNxEA:10	a=mV9VRH-2AAAA:8 a=j4nzMFrpAAAA:8
 a=QfKxxUxMAAAA:8 a=3gMcCDsys_PJDafOKwQA:9	a=QEXdDO2ut3YA:10
Received: by 71.127.40.115 with SMTP id 19867dc4; Mon, 06 Jun 2016 19:05:35 GMT
Subject: Re: TLSv1.2 ALERT: fatal, description = unexpected_message
To: Tomcat Users List <users@tomcat.apache.org>
References: 
 <SG2PR04MB09740FF88FD13090800F27AF8D5B0@SG2PR04MB0974.apcprd04.prod.outlook.com>
 <4476e729-44b7-5fcb-f93c-7f10c5d1cbb9@apache.org>
 <SG2PR04MB0974CE74CD6F2114F15BAF318D5B0@SG2PR04MB0974.apcprd04.prod.outlook.com>
From: Christopher Schultz <chris@christopherschultz.net>
Message-id: <5bc85e17-38b4-d5a7-d264-e0b0825cfc1e@christopherschultz.net>
Date: Mon, 06 Jun 2016 15:05:30 -0400
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.11; rv:45.0)
 Gecko/20100101 Thunderbird/45.1.1
MIME-version: 1.0
In-reply-to: 
 <SG2PR04MB0974CE74CD6F2114F15BAF318D5B0@SG2PR04MB0974.apcprd04.prod.outlook.com>
Content-type: text/plain; charset=utf-8
Content-transfer-encoding: 7bit
archived-at: Mon, 06 Jun 2016 19:06:05 -0000

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Venkata,

On 6/5/16 1:45 PM, Venkata Reddy P wrote:
> My current ssl errors are getting only for IE and google chrome 
> browsers.  The same application is working well for the Firefox 
> that's the reason can't suspect the SSL implementation.

I disagree with your assumption here that Firefox and MSIE/Chrome all
work the same way when it comes to TLS. Perhaps MSIE/Chrome use a
particular TLS extension that Firefox does not. Perhaps there is a
cipher suite in the list from MSIE/Chrome that is not in Firefox (or
vice-versa).

> I have also tried with OpenSSL client and confirms the nothing
> wrong with ssl implementation. The same ssl implantation have been
> using from tomcat4 onwards and the same implementation has been
> injected as per the tomcat8 connectors.

Lots of changes have occurred within the Tomcat Connector code between
Tomcat 4 and Tomcat 8. The same implementation can not be successfully
re-used across those versions.

Perhaps if you shared some of the code, we could help debug it. If
not, you will have to debug your own code by yourself.

- -chris

> -----Original Message----- From: Mark Thomas
> [mailto:markt@apache.org] Sent: 05 June 2016 22:23 To: Tomcat Users
> List Subject: Re: TLSv1.2 ALERT: fatal, description =
> unexpected_message
> 
> On 05/06/2016 16:32, Venkata Reddy P wrote:
>> Hi,
>> 
>> I have a setup with Tomcat8.0.33,jre8u91 and with ssl enabled
>> with http connector. <Connector SSLEnabled="true"
>> acceptCount="100" address="10.4.20.46" connectionTimeout="-1" 
>> disableUploadTimeout="true" enableLookups="false" 
>> maxHttpHeaderSize="8192" maxThreads="500" port="50002" 
>> protocol="com.poc.tomcat8.SSLHttp11Protocol" scheme="https"
>> secure="true" />
>> 
>> Most of the application works on ssl without any issues but while
>> downloading JS,CSS files seems to be failing. I can't suspect the
>> ssl implementation.
> 
> Why not? We haven't seen any reports from users using the default
> TLS implementation. You are using a custom TLS implementation any
> you are seeing errors. Absent some VERY strong evidence this is a
> Tomcat bug, all the indications are that the bug is in
> com.poc.tomcat8.SSLHttp11Protocol
> 
> Mark
> 
> 
> ---------------------------------------------------------------------
>
> 
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
> For additional commands, e-mail: users-help@tomcat.apache.org
> 
> 
> ---------------------------------------------------------------------
>
> 
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
> For additional commands, e-mail: users-help@tomcat.apache.org
> 
-----BEGIN PGP SIGNATURE-----
Comment: GPGTools - http://gpgtools.org
Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/

iEYEARECAAYFAldVyXoACgkQ9CaO5/Lv0PBXiACgueSAfA8AJuKZ8Bj8ASyufUKO
rWEAoLypfk0l1ksNuBJzgjfmLbtetOB4
=wKzY
-----END PGP SIGNATURE-----

---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org