Hi Oleg, I've been looking at the tickets for potential issues with SSL socket timeout values not being honored in some versions of HttpClient, and I must say I'm not clear where things stand.
I have a ManifoldCF user who is seeing socket read timeouts when using SSL. The stack in that case involves the Solr client library (SolrJ). I am passing in an HttpClient instance that's already built: >>>>>> RequestConfig.Builder requestBuilder = RequestConfig.custom() .setCircularRedirectsAllowed(true) .setSocketTimeout(socketTimeout) .setStaleConnectionCheckEnabled(true) .setExpectContinueEnabled(true) .setConnectTimeout(connectionTimeout) .setConnectionRequestTimeout(socketTimeout); HttpClientBuilder clientBuilder = HttpClients.custom() .setConnectionManager(connectionManager) .setMaxConnTotal(1) .disableAutomaticRetries() .setDefaultRequestConfig(requestBuilder.build()) .setRedirectStrategy(new DefaultRedirectStrategy()) .setSSLSocketFactory(myFactory) .setRequestExecutor(new HttpRequestExecutor(socketTimeout)) .setDefaultSocketConfig(SocketConfig.custom() .setTcpNoDelay(true) .setSoTimeout(socketTimeout) .build() ); if (userID != null && userID.length() > 0 && password != null) { CredentialsProvider credentialsProvider = new BasicCredentialsProvider(); Credentials credentials = new UsernamePasswordCredentials(userID, password); if (realm != null) credentialsProvider.setCredentials(new AuthScope(AuthScope.ANY_HOST, AuthScope.ANY_PORT, realm), credentials); else credentialsProvider.setCredentials(AuthScope.ANY, credentials); clientBuilder.setDefaultCredentialsProvider(credentialsProvider); } HttpClient localClient = clientBuilder.build(); <<<<<< It is remotely possible that SolrJ is modifying a parameter in the client, which I am aware would invalidate the builder-based configuration. So my question is simple: IF the HttpClient instance is *not* being configured in SolrJ, would you expect the socket timeout to be honored for SSL requests, on the current codebase? Was there ever a time when that was not true? If there's a buried default SSL socket timeout value that would be used if configuration was overridden by setting a parameter, what is that value? Thanks again for your help. Karl