Silvio, I am reading your emails... but so far I've had no idea pop into my head.
The only thing I can think of is perhaps replacing the SslContextFactory with exactly the code from 9.4.12 (I think 13 was a bad release for other reasons) and see if that makes any difference. If it works, then you could probably bisect the commits (only about 8 done last year). cheers On Tue, 29 Jan 2019 at 11:51, Silvio Bierman <[email protected]> wrote: > Hello all, > > Another followup on the same topic: triggering a > SslContextFactory.reload on the server consistently and immediately > triggers the problem on the client side, restarting the server is close > to 100% (seems timing related). I was still leaning toward something > fishy in the client code or even the JDK11 SSL client socket code but > now I am almost certain this is going awry on the server side. > > Still JDK11 on both client and server side and Jetty 9.4.14.v20181114 > server, using domain names that are covered by wildcard certificates. > > I am busy setting up a server with 9.4.11 and JDK8 to see what happens > there but since I am packed it may take another week or so to get results. > > I will keep you posted. > > > > >> One addition: this morning I replaced the keystore file on one of the > >> servers because some almost-expired certificates had been updated and > >> subsequently triggered a SslContextFactory.reload through the > >> application. Within 15 minutes the logging showed about two dozen > >> failed requests. Then it silently went away. May be a coincidence of > >> course. > >> > >> Silvio > >> > > _______________________________________________ > jetty-users mailing list > [email protected] > To change your delivery options, retrieve your password, or unsubscribe > from this list, visit > https://www.eclipse.org/mailman/listinfo/jetty-users > -- Greg Wilkins <[email protected]> CTO http://webtide.com
_______________________________________________ jetty-users mailing list [email protected] To change your delivery options, retrieve your password, or unsubscribe from this list, visit https://www.eclipse.org/mailman/listinfo/jetty-users
