tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Mark Thomas <ma...@apache.org>
Subject Re: intermittent connectivity failure under ssl
Date Fri, 09 Mar 2018 20:28:25 GMT
On 09/03/18 20:18, Alex O'Ree wrote:
> I'll see what I can cook up. It'll be a complete tomcat setup and it was
> reproducible with just a hello world jsp file + test ssl certs and configs.
> Using any browser or java client connecting to tomcat. Page reloads are
> intermittently failing.  Where's the best place to dump this? And
> obviously, you'll need a windows box to replicate (x64)

Zip up the entire Tomcat dir and put it on dropbox or similar and then
ping me with the download details.

Microsoft kindly provide Apache committers with MSDN subscriptions for
their Apache work so if you include the OS details I can make sure I am
using the same OS.

I'll most likely just extract your changes from the default install and
apply them to a locally built instance. That way I can debug and test
any fixes more easily.

Mark


> 
> On Fri, Mar 9, 2018 at 3:01 PM, Christopher Schultz <
> chris@christopherschultz.net> wrote:
> 
> Alex,
> 
> On 3/9/18 2:50 PM, Mark Thomas wrote:
>>>> On 09/03/18 19:39, Alex O'Ree wrote:
>>>>> So I believe i have a resolution for this issue (still
>>>>> undergoing additional testing). I hate SSL by the way. After
>>>>> exhaustive scanning of the java.net.debug logs i came up with
>>>>> nothing. 0 hints to the problem. I tried with browsers and java
>>>>> http clients and all of them ended with a socket exception
>>>>> (unexpected end of file). Did i mention i'm using the windows
>>>>> variant of tomcat 8.5.28? On a whim, I asked a coworker who has
>>>>> been using tomcat for quite some time. He suggested that issue
>>>>> may be related to OpenSSL. After checking the configs and reading
>>>>> the docs here:
>>>>> http://tomcat.apache.org/tomcat-8.5-doc/ssl-howto.html#Edit_the_Tomca
> t_Configuration_File
>>>>>
>>>>>
> for my setup, it was defaulting to use open ssl since it was not defined
>  in
>>>>> the config file. After changing the JSSEImplementation my
>>>>> problems appear to be sorted. Literally 3 months trying to solve
>>>>> this one. Whatever version of open ssl that comes with the
>>>>> windows build of tomcat has something wrong with it.
>>>>
>>>> Unlikely.
>>>>
>>>> More likely is that there is a bug in the APR/Native connector. But
>>>> with a reliable way to reproduce the problem, we'll never know.
> 
> If you are willing to see if you can come up with a repeatable test
> case, it would be VERY helpful. Mark has a knack for finding and
> fixing irritating bugs like this in the connector very quickly, but
> not if he can't see the problem happen.
> 
> I'd certainly like to see any issue with the native library (or its
> use of OpenSSL) found and fixed for everyone's sake.
> 
> -chris
>>
>> ---------------------------------------------------------------------
>> To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
>> For additional commands, e-mail: users-help@tomcat.apache.org
>>
>>
> 


---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org


Mime
View raw message