tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From André Warnier (tomcat) ...@ice-sa.com>
Subject Re: Connection reset while trying to access a web service running under Tomcat
Date Thu, 23 Feb 2017 23:13:57 GMT
On 23.02.2017 22:35, James H. H. Lampert wrote:
> We've got a problem, and I'm not sure where it is.
>
> We've got a remote box, belonging to a customer, that's trying to access a web service
> hosted by a Tomcat server on one of our boxes (part of a new webapp).
>
> The customer box is getting "Connection Resets" while trying to access our web service.
> Here is some of the debug output:
>> (GSKit) I/O: A connection with a remote socket was reset by that socket.
>> ssl_error(406): (GSKit) I/O: A connection with a remote socket was reset by that
socket.
>> SetError() #30: SSL Handshake: (GSKit) I/O: A connection with a remote socket was
reset
>> by that

It seems to say right up here what the problem is : the customer system cannot establish a

HTTPS connection with your server. The connection attempt starts, but then your server 
rejects it and closes the connection.
Maybe they cannot agree on a common SSL protocol ?

As for why, I'll leave that one to someone else, because there are a billion SSL 
protocols, with a trillion of variations, and a kazillion possible reasons for why they 
could not agree on one; and this is really not my thing..

>
> I think initially, the problem was in the customer's firewall not letting the requests
out
> on the port this server runs. They say they've got that fixed, but the connection resets
> continue.
>
> According to the statistics on our firewall appliance/router (a TP-Link WDR4300), it's
> getting some packet traffic intended for the server in question, but nothing is being
> logged by the webapp itself. And nothing seems to be getting logged to Catalina*.* from
> any of this traffic, whether failed sign-ons from the customer box, or successful traffic
> from one of our other boxes. Is there anything we can do to determine whether Tomcat
is
> seeing any of these request? And what it could be doing with them?
>
> --
> JHHL
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
> For additional commands, e-mail: users-help@tomcat.apache.org
>


---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org


Mime
View raw message