tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From 旭东 胡 <xuhu_...@outlook.com>
Subject slow or timeout with client certificate and some http client against tomcat 8.5 with Nio2 OpenSSL implementation
Date Mon, 30 Apr 2018 00:48:04 GMT
Hi,

I met a weird issue during setting up tomcat 8.5 with Http11Nio2Protocol connector and OpenSSLImplementation.
The issue is that a request would be timeout using apache HttpClient and client certificate
after serval previous requests. It also happens with RestAssured and SoapUI. Please note it
works fine for first several requests and then failed with timeout.

However, this issue is not observed when JMeter, tried both JAVA and non-JAVA implementation,
and insomnia REST client being used. I used a static page to rule out application factors.
Also Http11NioProtocol works fine for all above clients. The only thing I changed for Http11NioProtocol
is to specify  protocol="org.apache.coyote.http11.Http11NioProtocol” instead of  protocol="org.apache.coyote.http11.Http11Nio2Protocol”.
Also, I have another  connector configured not checking client certificate. This one also
works fine regardless of Http11NioProtocol or Http11Nio2Protocol being used.

Would you please help to identify if I have anything wrong in my configuration?  I tried to
set the log level to fine. But I did not find anything useful. Please help.

Thank you in advance.
Hugh

Environment Info

Redhat 7.3 
Oracle JAVA: jdk1.8.0_172
native connector: tomcat-native-1.2.16
openssl: openssl-1.1.0h
Tomcat version: apache-tomcat-8.5.30

behavior

http client hangs after serval calls with a valid client certificate. It may get responses
after a long delay or report a timeout error

server.xml
https://pastebin.com/y3ndkLzh

Tow connectors were specified in above configuration. The one with problem is listening to
port 11443.


my testing code
https://pastebin.com/7U205QS4

Mime
View raw message