RE: Strange connection error
Thanks for replies. Everything is working for me now, and I have a bit more of an understanding of how this all works. :) Mark Claassen Senior Software Engineer Donnell Systems, Inc. 130 South Main Street Leighton Plaza Suite 375 South Bend, IN 46601 E-mail: mailto:mclaas...@ocie.net Voice: (574)232-3784 Fax: (574)232-4014 Disclaimer: The opinions provided herein do not necessarily state or reflect those of Donnell Systems, Inc.(DSI). DSI makes no warranty for and assumes no legal liability or responsibility for the posting. -Original Message- From: Mark Thomas Sent: Friday, June 11, 2021 5:00 PM To: users@tomcat.apache.org Subject: Re: Strange connection error On 11/06/2021 21:01, Mark A. Claassen wrote: > RESOLVED. (Sort of, I have questions) I had to add a -TLSv1.3 > protocols="all -SSLv3 -TLSv1 -TLSv1.3" > > https://stackoverflow.com/questions/57601284/java-11-and-12-ssl-socket > s-fail-on-a-handshake-failure-error-with-tlsv1-3-enable > > Why does the version of Tomcat matter? I thought OpenSSL was managing all > this. > Where is the line between all them? OpenSSL only does what it is told. From the 9.0.x changelog 9.0.13 ... Add TLS 1.3 support for the APR/Native connector and the NIO/NIO2 connector when using the OpenSSL backed JSSE implementation. ... Mark > > Thanks, > > Mark Claassen > Senior Software Engineer > > Donnell Systems, Inc. > 130 South Main Street > Leighton Plaza Suite 375 > South Bend, IN 46601 > E-mail: mailto:mclaas...@ocie.net > Voice: (574)232-3784 > Fax: (574)232-4014 > > --- > Confidentiality Notice: OCIESERVICE > --- > The contents of this e-mail message and any attachments are intended solely > for the addressee(s) named in this message. This communication is intended to > be and to remain confidential. If you are not the intended recipient of this > message, or if this message has been addressed to you in error, please > immediately alert the sender by reply e-mail and then delete this message and > its attachments. Do not deliver, distribute, copy, disclose the contents or > take any action in reliance upon the information contained in the > communication or any attachments. > > > -Original Message- > From: Mark A. Claassen > Sent: Friday, June 11, 2021 3:42 PM > To: Tomcat Users List > Subject: RE: Strange connection error > > I have tried so many things, I am getting a bit confused. :) > > The exception was probably using the NIO connector. With the APR one I get: > FINER: Destroying socket [140,404,292,849,904] java.lang.Exception > at > org.apache.tomcat.util.net.AprEndpoint.destroySocketInternal(AprEndpoint.java:750) > at > org.apache.tomcat.util.net.AprEndpoint.access$200(AprEndpoint.java:80) > at org.apache.tomcat.util.net.AprEndpoint$P > > Mark Claassen > Senior Software Engineer > > Donnell Systems, Inc. > 130 South Main Street > Leighton Plaza Suite 375 > South Bend, IN 46601 > E-mail: mailto:mclaas...@ocie.net > Voice: (574)232-3784 > Fax: (574)232-4014 > > --- > Confidentiality Notice: OCIESERVICE > --- > The contents of this e-mail message and any attachments are intended solely > for the addressee(s) named in this message. This communication is intended to > be and to remain confidential. If you are not the intended recipient of this > message, or if this message has been addressed to you in error, please > immediately alert the sender by reply e-mail and then delete this message and > its attachments. Do not deliver, distribute, copy, disclose the contents or > take any action in reliance upon the information contained in the > communication or any attachments. > > > -Original Message- > From: Mark A. Claassen > Sent: Friday, June 11, 2021 3:27 PM > To: Tomcat Users List > Subject: Re: Strange connection error > > I turned all the logging to .FINEST, re-enabled the HTTP APR connector (which > produces the odd access log entry) and got this exception. Now, I just need > to figure out what caused this. > > java.io.EOFException > at > org.apache.tomcat.util.net.NioEndpoint$NioSocketWrapper.fillReadBuffer(NioEndpoint.java:1345) > at > org.apache.tomcat.util.net.NioEndpoint$NioSocketWrapper.read(NioEndpoint.java:1255) > at > org.apache.coyote.http11.Http11InputBuffer.fill(Http11InputBuffer.java:799) > at > org.apache.coyote.http11.Http11InputBuffer.parseRequestLine(Http11InputBuffer.java:359) > at > org.apache.coyote.http11.Http11P
Re: Strange connection error
On 11/06/2021 21:01, Mark A. Claassen wrote: RESOLVED. (Sort of, I have questions) I had to add a -TLSv1.3 protocols="all -SSLv3 -TLSv1 -TLSv1.3" https://stackoverflow.com/questions/57601284/java-11-and-12-ssl-sockets-fail-on-a-handshake-failure-error-with-tlsv1-3-enable Why does the version of Tomcat matter? I thought OpenSSL was managing all this. Where is the line between all them? OpenSSL only does what it is told. From the 9.0.x changelog 9.0.13 ... Add TLS 1.3 support for the APR/Native connector and the NIO/NIO2 connector when using the OpenSSL backed JSSE implementation. ... Mark Thanks, Mark Claassen Senior Software Engineer Donnell Systems, Inc. 130 South Main Street Leighton Plaza Suite 375 South Bend, IN 46601 E-mail: mailto:mclaas...@ocie.net Voice: (574)232-3784 Fax: (574)232-4014 --- Confidentiality Notice: OCIESERVICE --- The contents of this e-mail message and any attachments are intended solely for the addressee(s) named in this message. This communication is intended to be and to remain confidential. If you are not the intended recipient of this message, or if this message has been addressed to you in error, please immediately alert the sender by reply e-mail and then delete this message and its attachments. Do not deliver, distribute, copy, disclose the contents or take any action in reliance upon the information contained in the communication or any attachments. -Original Message- From: Mark A. Claassen Sent: Friday, June 11, 2021 3:42 PM To: Tomcat Users List Subject: RE: Strange connection error I have tried so many things, I am getting a bit confused. :) The exception was probably using the NIO connector. With the APR one I get: FINER: Destroying socket [140,404,292,849,904] java.lang.Exception at org.apache.tomcat.util.net.AprEndpoint.destroySocketInternal(AprEndpoint.java:750) at org.apache.tomcat.util.net.AprEndpoint.access$200(AprEndpoint.java:80) at org.apache.tomcat.util.net.AprEndpoint$P Mark Claassen Senior Software Engineer Donnell Systems, Inc. 130 South Main Street Leighton Plaza Suite 375 South Bend, IN 46601 E-mail: mailto:mclaas...@ocie.net Voice: (574)232-3784 Fax: (574)232-4014 --- Confidentiality Notice: OCIESERVICE --- The contents of this e-mail message and any attachments are intended solely for the addressee(s) named in this message. This communication is intended to be and to remain confidential. If you are not the intended recipient of this message, or if this message has been addressed to you in error, please immediately alert the sender by reply e-mail and then delete this message and its attachments. Do not deliver, distribute, copy, disclose the contents or take any action in reliance upon the information contained in the communication or any attachments. -Original Message- From: Mark A. Claassen Sent: Friday, June 11, 2021 3:27 PM To: Tomcat Users List Subject: Re: Strange connection error I turned all the logging to .FINEST, re-enabled the HTTP APR connector (which produces the odd access log entry) and got this exception. Now, I just need to figure out what caused this. java.io.EOFException at org.apache.tomcat.util.net.NioEndpoint$NioSocketWrapper.fillReadBuffer(NioEndpoint.java:1345) at org.apache.tomcat.util.net.NioEndpoint$NioSocketWrapper.read(NioEndpoint.java:1255) at org.apache.coyote.http11.Http11InputBuffer.fill(Http11InputBuffer.java:799) at org.apache.coyote.http11.Http11InputBuffer.parseRequestLine(Http11InputBuffer.java:359) at org.apache.coyote.http11.Http11Processor.service(Http11Processor.java:261) at org.apache.coyote.AbstractProcessorLight.process(AbstractProcessorLight.java:65) at org.apache.coyote.AbstractProtocol$ConnectionHandler.process(AbstractProtocol.java:893) at org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.doRun(NioEndpoint.java:1707) at org.apache.tomcat.util.net.SocketProcessorBase.run(SocketProcessorBase.java:49) at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1149) at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:624) at org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:61) at java.lang.Thread.run(Thread.java:748) Also, I am not sure why OpenSSL is complaining about the keys when it did not with the earlier version of Tomcat? Jun 11, 2021 3:13:34 PM org.apache.tomcat.util.net.openssl.OpenSSLEngine getLastError FINE: OpenSSL error: [336462231] message: [error:140E0197:SSL routines:SSL_shutdown:shutdown while in init] Jun 11, 2021 3:13:34 PM org.apache.tomcat.util.net.openssl.OpenSSLEngine getLastError FINE: Ope
RE: Strange connection error
RESOLVED. (Sort of, I have questions) I had to add a -TLSv1.3 protocols="all -SSLv3 -TLSv1 -TLSv1.3" https://stackoverflow.com/questions/57601284/java-11-and-12-ssl-sockets-fail-on-a-handshake-failure-error-with-tlsv1-3-enable Why does the version of Tomcat matter? I thought OpenSSL was managing all this. Where is the line between all them? Thanks, Mark Claassen Senior Software Engineer Donnell Systems, Inc. 130 South Main Street Leighton Plaza Suite 375 South Bend, IN 46601 E-mail: mailto:mclaas...@ocie.net Voice: (574)232-3784 Fax: (574)232-4014 --- Confidentiality Notice: OCIESERVICE --- The contents of this e-mail message and any attachments are intended solely for the addressee(s) named in this message. This communication is intended to be and to remain confidential. If you are not the intended recipient of this message, or if this message has been addressed to you in error, please immediately alert the sender by reply e-mail and then delete this message and its attachments. Do not deliver, distribute, copy, disclose the contents or take any action in reliance upon the information contained in the communication or any attachments. -Original Message- From: Mark A. Claassen Sent: Friday, June 11, 2021 3:42 PM To: Tomcat Users List Subject: RE: Strange connection error I have tried so many things, I am getting a bit confused. :) The exception was probably using the NIO connector. With the APR one I get: FINER: Destroying socket [140,404,292,849,904] java.lang.Exception at org.apache.tomcat.util.net.AprEndpoint.destroySocketInternal(AprEndpoint.java:750) at org.apache.tomcat.util.net.AprEndpoint.access$200(AprEndpoint.java:80) at org.apache.tomcat.util.net.AprEndpoint$P Mark Claassen Senior Software Engineer Donnell Systems, Inc. 130 South Main Street Leighton Plaza Suite 375 South Bend, IN 46601 E-mail: mailto:mclaas...@ocie.net Voice: (574)232-3784 Fax: (574)232-4014 --- Confidentiality Notice: OCIESERVICE --- The contents of this e-mail message and any attachments are intended solely for the addressee(s) named in this message. This communication is intended to be and to remain confidential. If you are not the intended recipient of this message, or if this message has been addressed to you in error, please immediately alert the sender by reply e-mail and then delete this message and its attachments. Do not deliver, distribute, copy, disclose the contents or take any action in reliance upon the information contained in the communication or any attachments. -Original Message- From: Mark A. Claassen Sent: Friday, June 11, 2021 3:27 PM To: Tomcat Users List Subject: Re: Strange connection error I turned all the logging to .FINEST, re-enabled the HTTP APR connector (which produces the odd access log entry) and got this exception. Now, I just need to figure out what caused this. java.io.EOFException at org.apache.tomcat.util.net.NioEndpoint$NioSocketWrapper.fillReadBuffer(NioEndpoint.java:1345) at org.apache.tomcat.util.net.NioEndpoint$NioSocketWrapper.read(NioEndpoint.java:1255) at org.apache.coyote.http11.Http11InputBuffer.fill(Http11InputBuffer.java:799) at org.apache.coyote.http11.Http11InputBuffer.parseRequestLine(Http11InputBuffer.java:359) at org.apache.coyote.http11.Http11Processor.service(Http11Processor.java:261) at org.apache.coyote.AbstractProcessorLight.process(AbstractProcessorLight.java:65) at org.apache.coyote.AbstractProtocol$ConnectionHandler.process(AbstractProtocol.java:893) at org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.doRun(NioEndpoint.java:1707) at org.apache.tomcat.util.net.SocketProcessorBase.run(SocketProcessorBase.java:49) at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1149) at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:624) at org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:61) at java.lang.Thread.run(Thread.java:748) Also, I am not sure why OpenSSL is complaining about the keys when it did not with the earlier version of Tomcat? Jun 11, 2021 3:13:34 PM org.apache.tomcat.util.net.openssl.OpenSSLEngine getLastError FINE: OpenSSL error: [336462231] message: [error:140E0197:SSL routines:SSL_shutdown:shutdown while in init] Jun 11, 2021 3:13:34 PM org.apache.tomcat.util.net.openssl.OpenSSLEngine getLastError FINE: OpenSSL error: [337604709] message: [error:141F7065:SSL routines:final_key_share:no suitable key share] Mark Claassen Senior Software Engineer Donnell Systems, Inc. 130 South Main Street Leighton Plaza Suite 375 South Bend, IN 46601 E-mail: mailto:mclaas...@ocie.net Voice: (57
RE: Strange connection error
I have tried so many things, I am getting a bit confused. :) The exception was probably using the NIO connector. With the APR one I get: FINER: Destroying socket [140,404,292,849,904] java.lang.Exception at org.apache.tomcat.util.net.AprEndpoint.destroySocketInternal(AprEndpoint.java:750) at org.apache.tomcat.util.net.AprEndpoint.access$200(AprEndpoint.java:80) at org.apache.tomcat.util.net.AprEndpoint$P Mark Claassen Senior Software Engineer Donnell Systems, Inc. 130 South Main Street Leighton Plaza Suite 375 South Bend, IN 46601 E-mail: mailto:mclaas...@ocie.net Voice: (574)232-3784 Fax: (574)232-4014 --- Confidentiality Notice: OCIESERVICE --- The contents of this e-mail message and any attachments are intended solely for the addressee(s) named in this message. This communication is intended to be and to remain confidential. If you are not the intended recipient of this message, or if this message has been addressed to you in error, please immediately alert the sender by reply e-mail and then delete this message and its attachments. Do not deliver, distribute, copy, disclose the contents or take any action in reliance upon the information contained in the communication or any attachments. -Original Message- From: Mark A. Claassen Sent: Friday, June 11, 2021 3:27 PM To: Tomcat Users List Subject: Re: Strange connection error I turned all the logging to .FINEST, re-enabled the HTTP APR connector (which produces the odd access log entry) and got this exception. Now, I just need to figure out what caused this. java.io.EOFException at org.apache.tomcat.util.net.NioEndpoint$NioSocketWrapper.fillReadBuffer(NioEndpoint.java:1345) at org.apache.tomcat.util.net.NioEndpoint$NioSocketWrapper.read(NioEndpoint.java:1255) at org.apache.coyote.http11.Http11InputBuffer.fill(Http11InputBuffer.java:799) at org.apache.coyote.http11.Http11InputBuffer.parseRequestLine(Http11InputBuffer.java:359) at org.apache.coyote.http11.Http11Processor.service(Http11Processor.java:261) at org.apache.coyote.AbstractProcessorLight.process(AbstractProcessorLight.java:65) at org.apache.coyote.AbstractProtocol$ConnectionHandler.process(AbstractProtocol.java:893) at org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.doRun(NioEndpoint.java:1707) at org.apache.tomcat.util.net.SocketProcessorBase.run(SocketProcessorBase.java:49) at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1149) at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:624) at org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:61) at java.lang.Thread.run(Thread.java:748) Also, I am not sure why OpenSSL is complaining about the keys when it did not with the earlier version of Tomcat? Jun 11, 2021 3:13:34 PM org.apache.tomcat.util.net.openssl.OpenSSLEngine getLastError FINE: OpenSSL error: [336462231] message: [error:140E0197:SSL routines:SSL_shutdown:shutdown while in init] Jun 11, 2021 3:13:34 PM org.apache.tomcat.util.net.openssl.OpenSSLEngine getLastError FINE: OpenSSL error: [337604709] message: [error:141F7065:SSL routines:final_key_share:no suitable key share] Mark Claassen Senior Software Engineer Donnell Systems, Inc. 130 South Main Street Leighton Plaza Suite 375 South Bend, IN 46601 E-mail: mailto:mclaas...@ocie.net Voice: (574)232-3784 Fax: (574)232-4014 --- Confidentiality Notice: OCIESERVICE --- The contents of this e-mail message and any attachments are intended solely for the addressee(s) named in this message. This communication is intended to be and to remain confidential. If you are not the intended recipient of this message, or if this message has been addressed to you in error, please immediately alert the sender by reply e-mail and then delete this message and its attachments. Do not deliver, distribute, copy, disclose the contents or take any action in reliance upon the information contained in the communication or any attachments. -Original Message- From: calder Sent: Thursday, June 10, 2021 7:36 PM To: Tomcat Users List Subject: [Possible Spam] Re: Strange connection error Importance: Low On Thu, Jun 10, 2021, 15:11 Mark A. Claassen wrote: > Anyway, I will do some research on the debugging technique mentioned > earlier. > https://support.f5.com/csp/article/K50557518 > - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: Strange connection error
I turned all the logging to .FINEST, re-enabled the HTTP APR connector (which produces the odd access log entry) and got this exception. Now, I just need to figure out what caused this. java.io.EOFException at org.apache.tomcat.util.net.NioEndpoint$NioSocketWrapper.fillReadBuffer(NioEndpoint.java:1345) at org.apache.tomcat.util.net.NioEndpoint$NioSocketWrapper.read(NioEndpoint.java:1255) at org.apache.coyote.http11.Http11InputBuffer.fill(Http11InputBuffer.java:799) at org.apache.coyote.http11.Http11InputBuffer.parseRequestLine(Http11InputBuffer.java:359) at org.apache.coyote.http11.Http11Processor.service(Http11Processor.java:261) at org.apache.coyote.AbstractProcessorLight.process(AbstractProcessorLight.java:65) at org.apache.coyote.AbstractProtocol$ConnectionHandler.process(AbstractProtocol.java:893) at org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.doRun(NioEndpoint.java:1707) at org.apache.tomcat.util.net.SocketProcessorBase.run(SocketProcessorBase.java:49) at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1149) at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:624) at org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:61) at java.lang.Thread.run(Thread.java:748) Also, I am not sure why OpenSSL is complaining about the keys when it did not with the earlier version of Tomcat? Jun 11, 2021 3:13:34 PM org.apache.tomcat.util.net.openssl.OpenSSLEngine getLastError FINE: OpenSSL error: [336462231] message: [error:140E0197:SSL routines:SSL_shutdown:shutdown while in init] Jun 11, 2021 3:13:34 PM org.apache.tomcat.util.net.openssl.OpenSSLEngine getLastError FINE: OpenSSL error: [337604709] message: [error:141F7065:SSL routines:final_key_share:no suitable key share] Mark Claassen Senior Software Engineer Donnell Systems, Inc. 130 South Main Street Leighton Plaza Suite 375 South Bend, IN 46601 E-mail: mailto:mclaas...@ocie.net Voice: (574)232-3784 Fax: (574)232-4014 --- Confidentiality Notice: OCIESERVICE --- The contents of this e-mail message and any attachments are intended solely for the addressee(s) named in this message. This communication is intended to be and to remain confidential. If you are not the intended recipient of this message, or if this message has been addressed to you in error, please immediately alert the sender by reply e-mail and then delete this message and its attachments. Do not deliver, distribute, copy, disclose the contents or take any action in reliance upon the information contained in the communication or any attachments. -Original Message- From: calder Sent: Thursday, June 10, 2021 7:36 PM To: Tomcat Users List Subject: [Possible Spam] Re: Strange connection error Importance: Low On Thu, Jun 10, 2021, 15:11 Mark A. Claassen wrote: > Anyway, I will do some research on the debugging technique mentioned > earlier. > https://support.f5.com/csp/article/K50557518 > - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: Strange connection error
On Thu, Jun 10, 2021, 15:11 Mark A. Claassen wrote: > Anyway, I will do some research on the debugging technique mentioned > earlier. > https://support.f5.com/csp/article/K50557518 >
RE: Strange connection error
> "useAprConnector [false], useOpenSSL [true]" I looked at an old server and it said the same, so this is probably not related to my problem. Mark Claassen Senior Software Engineer Donnell Systems, Inc. 130 South Main Street Leighton Plaza Suite 375 South Bend, IN 46601 E-mail: mailto:mclaas...@ocie.net Voice: (574)232-3784 Fax: (574)232-4014 --- Confidentiality Notice: OCIESERVICE --- The contents of this e-mail message and any attachments are intended solely for the addressee(s) named in this message. This communication is intended to be and to remain confidential. If you are not the intended recipient of this message, or if this message has been addressed to you in error, please immediately alert the sender by reply e-mail and then delete this message and its attachments. Do not deliver, distribute, copy, disclose the contents or take any action in reliance upon the information contained in the communication or any attachments. -Original Message- From: Mark A. Claassen Sent: Thursday, June 10, 2021 4:46 PM To: Tomcat Users List Subject: RE: Strange connection error I am still trying to figure out the debugging, but I did see that, going through the reverse proxy and direct, it is using TLS1.2. From wireshark (no debugging) Going through the reverse proxy, there is a ClientHello, two ACK, and then a ServerHello Going direct, I get the ClientHello and two ACK, but no ServerHello. The forth message there is the error response. I am still confused as to why any of this is changed since I am using OpenSSL. Unless the problem is from: "useAprConnector [false], useOpenSSL [true]" Mark Claassen Senior Software Engineer Donnell Systems, Inc. 130 South Main Street Leighton Plaza Suite 375 South Bend, IN 46601 E-mail: mailto:mclaas...@ocie.net Voice: (574)232-3784 Fax: (574)232-4014 --- Confidentiality Notice: OCIESERVICE --- The contents of this e-mail message and any attachments are intended solely for the addressee(s) named in this message. This communication is intended to be and to remain confidential. If you are not the intended recipient of this message, or if this message has been addressed to you in error, please immediately alert the sender by reply e-mail and then delete this message and its attachments. Do not deliver, distribute, copy, disclose the contents or take any action in reliance upon the information contained in the communication or any attachments. -Original Message- From: Mark A. Claassen Sent: Thursday, June 10, 2021 4:11 PM To: Tomcat Users List Subject: RE: Strange connection error Here is what I get in catalina.out now. Hopefully this is all correct. I am a bit confused by "useAprConnector [false], useOpenSSL [true]" Anyway, I will do some research on the debugging technique mentioned earlier. -- Jun 10, 2021 4:05:42 PM org.apache.catalina.core.AprLifecycleListener lifecycleEvent INFO: Loaded Apache Tomcat Native library [1.2.28] using APR version [1.6.3]. Jun 10, 2021 4:05:42 PM org.apache.catalina.core.AprLifecycleListener lifecycleEvent INFO: APR capabilities: IPv6 [true], sendfile [true], accept filters [false], random [true]. Jun 10, 2021 4:05:42 PM org.apache.catalina.core.AprLifecycleListener lifecycleEvent INFO: APR/OpenSSL configuration: useAprConnector [false], useOpenSSL [true] Jun 10, 2021 4:05:42 PM org.apache.catalina.core.AprLifecycleListener initializeSSL INFO: OpenSSL successfully initialized [OpenSSL 1.1.1 11 Sep 2018] Jun 10, 2021 4:05:42 PM org.apache.coyote.http11.AbstractHttp11Protocol configureUpgradeProtocol INFO: The ["http-apr-127.0.0.1-8608"] connector has been configured to support HTTP upgrade to [h2c] Mark Claassen Senior Software Engineer Donnell Systems, Inc. 130 South Main Street Leighton Plaza Suite 375 South Bend, IN 46601 E-mail: mailto:mclaas...@ocie.net Voice: (574)232-3784 Fax: (574)232-4014 Disclaimer: The opinions provided herein do not necessarily state or reflect those of Donnell Systems, Inc.(DSI). DSI makes no warranty for and assumes no legal liability or responsibility for the posting. -Original Message- From: Mark A. Claassen Sent: Thursday, June 10, 2021 2:41 PM To: Tomcat Users List Subject: Re: Strange connection error Thanks for the tip. To be honest, I am not exactly sure how to set that up, but since it involves the rebuilding of the native libraries, I will start with that. Maybe that alone will solve the issue. If not, I will try to figure out how to debug all this. If I get stuck, I will post another message. I will also post a message when this is solved, in case anyone else encounters similar behavior. Thanks again, - Mark Claassen Senior Software Engineer Donnell Systems, Inc. 130 South Main Street Leigh
RE: Strange connection error
I am still trying to figure out the debugging, but I did see that, going through the reverse proxy and direct, it is using TLS1.2. From wireshark (no debugging) Going through the reverse proxy, there is a ClientHello, two ACK, and then a ServerHello Going direct, I get the ClientHello and two ACK, but no ServerHello. The forth message there is the error response. I am still confused as to why any of this is changed since I am using OpenSSL. Unless the problem is from: "useAprConnector [false], useOpenSSL [true]" Mark Claassen Senior Software Engineer Donnell Systems, Inc. 130 South Main Street Leighton Plaza Suite 375 South Bend, IN 46601 E-mail: mailto:mclaas...@ocie.net Voice: (574)232-3784 Fax: (574)232-4014 --- Confidentiality Notice: OCIESERVICE --- The contents of this e-mail message and any attachments are intended solely for the addressee(s) named in this message. This communication is intended to be and to remain confidential. If you are not the intended recipient of this message, or if this message has been addressed to you in error, please immediately alert the sender by reply e-mail and then delete this message and its attachments. Do not deliver, distribute, copy, disclose the contents or take any action in reliance upon the information contained in the communication or any attachments. -Original Message- From: Mark A. Claassen Sent: Thursday, June 10, 2021 4:11 PM To: Tomcat Users List Subject: RE: Strange connection error Here is what I get in catalina.out now. Hopefully this is all correct. I am a bit confused by "useAprConnector [false], useOpenSSL [true]" Anyway, I will do some research on the debugging technique mentioned earlier. -- Jun 10, 2021 4:05:42 PM org.apache.catalina.core.AprLifecycleListener lifecycleEvent INFO: Loaded Apache Tomcat Native library [1.2.28] using APR version [1.6.3]. Jun 10, 2021 4:05:42 PM org.apache.catalina.core.AprLifecycleListener lifecycleEvent INFO: APR capabilities: IPv6 [true], sendfile [true], accept filters [false], random [true]. Jun 10, 2021 4:05:42 PM org.apache.catalina.core.AprLifecycleListener lifecycleEvent INFO: APR/OpenSSL configuration: useAprConnector [false], useOpenSSL [true] Jun 10, 2021 4:05:42 PM org.apache.catalina.core.AprLifecycleListener initializeSSL INFO: OpenSSL successfully initialized [OpenSSL 1.1.1 11 Sep 2018] Jun 10, 2021 4:05:42 PM org.apache.coyote.http11.AbstractHttp11Protocol configureUpgradeProtocol INFO: The ["http-apr-127.0.0.1-8608"] connector has been configured to support HTTP upgrade to [h2c] Mark Claassen Senior Software Engineer Donnell Systems, Inc. 130 South Main Street Leighton Plaza Suite 375 South Bend, IN 46601 E-mail: mailto:mclaas...@ocie.net Voice: (574)232-3784 Fax: (574)232-4014 Disclaimer: The opinions provided herein do not necessarily state or reflect those of Donnell Systems, Inc.(DSI). DSI makes no warranty for and assumes no legal liability or responsibility for the posting. -Original Message- From: Mark A. Claassen Sent: Thursday, June 10, 2021 2:41 PM To: Tomcat Users List Subject: Re: Strange connection error Thanks for the tip. To be honest, I am not exactly sure how to set that up, but since it involves the rebuilding of the native libraries, I will start with that. Maybe that alone will solve the issue. If not, I will try to figure out how to debug all this. If I get stuck, I will post another message. I will also post a message when this is solved, in case anyone else encounters similar behavior. Thanks again, - Mark Claassen Senior Software Engineer Donnell Systems, Inc. 130 South Main Street Leighton Plaza Suite 375 South Bend, IN 46601 E-mail: mailto:mclaas...@ocie.net Voice: (574)232-3784 Fax: (574)232-4014 --- Confidentiality Notice: OCIESERVICE --- The contents of this e-mail message and any attachments are intended solely for the addressee(s) named in this message. This communication is intended to be and to remain confidential. If you are not the intended recipient of this message, or if this message has been addressed to you in error, please immediately alert the sender by reply e-mail and then delete this message and its attachments. Do not deliver, distribute, copy, disclose the contents or take any action in reliance upon the information contained in the communication or any attachments. -Original Message- From: Mark Thomas Sent: Thursday, June 10, 2021 2:01 PM To: users@tomcat.apache.org Subject: [Possible Spam] Re: Strange connection error Importance: Low On 10/06/2021 18:11, Mark A. Claassen wrote: > Thanks for the reply. > > Is doesn't seem like OpenSSL is rejecting the connection. I would have > thought that if OpenSSL would have rejected th
RE: Strange connection error
Here is what I get in catalina.out now. Hopefully this is all correct. I am a bit confused by "useAprConnector [false], useOpenSSL [true]" Anyway, I will do some research on the debugging technique mentioned earlier. -- Jun 10, 2021 4:05:42 PM org.apache.catalina.core.AprLifecycleListener lifecycleEvent INFO: Loaded Apache Tomcat Native library [1.2.28] using APR version [1.6.3]. Jun 10, 2021 4:05:42 PM org.apache.catalina.core.AprLifecycleListener lifecycleEvent INFO: APR capabilities: IPv6 [true], sendfile [true], accept filters [false], random [true]. Jun 10, 2021 4:05:42 PM org.apache.catalina.core.AprLifecycleListener lifecycleEvent INFO: APR/OpenSSL configuration: useAprConnector [false], useOpenSSL [true] Jun 10, 2021 4:05:42 PM org.apache.catalina.core.AprLifecycleListener initializeSSL INFO: OpenSSL successfully initialized [OpenSSL 1.1.1 11 Sep 2018] Jun 10, 2021 4:05:42 PM org.apache.coyote.http11.AbstractHttp11Protocol configureUpgradeProtocol INFO: The ["http-apr-127.0.0.1-8608"] connector has been configured to support HTTP upgrade to [h2c] Mark Claassen Senior Software Engineer Donnell Systems, Inc. 130 South Main Street Leighton Plaza Suite 375 South Bend, IN 46601 E-mail: mailto:mclaas...@ocie.net Voice: (574)232-3784 Fax: (574)232-4014 Disclaimer: The opinions provided herein do not necessarily state or reflect those of Donnell Systems, Inc.(DSI). DSI makes no warranty for and assumes no legal liability or responsibility for the posting. -Original Message- From: Mark A. Claassen Sent: Thursday, June 10, 2021 2:41 PM To: Tomcat Users List Subject: Re: Strange connection error Thanks for the tip. To be honest, I am not exactly sure how to set that up, but since it involves the rebuilding of the native libraries, I will start with that. Maybe that alone will solve the issue. If not, I will try to figure out how to debug all this. If I get stuck, I will post another message. I will also post a message when this is solved, in case anyone else encounters similar behavior. Thanks again, - Mark Claassen Senior Software Engineer Donnell Systems, Inc. 130 South Main Street Leighton Plaza Suite 375 South Bend, IN 46601 E-mail: mailto:mclaas...@ocie.net Voice: (574)232-3784 Fax: (574)232-4014 --- Confidentiality Notice: OCIESERVICE --- The contents of this e-mail message and any attachments are intended solely for the addressee(s) named in this message. This communication is intended to be and to remain confidential. If you are not the intended recipient of this message, or if this message has been addressed to you in error, please immediately alert the sender by reply e-mail and then delete this message and its attachments. Do not deliver, distribute, copy, disclose the contents or take any action in reliance upon the information contained in the communication or any attachments. -Original Message- From: Mark Thomas Sent: Thursday, June 10, 2021 2:01 PM To: users@tomcat.apache.org Subject: [Possible Spam] Re: Strange connection error Importance: Low On 10/06/2021 18:11, Mark A. Claassen wrote: > Thanks for the reply. > > Is doesn't seem like OpenSSL is rejecting the connection. I would have > thought that if OpenSSL would have rejected the connection, it would not hit > even hit the access log. Maybe that is not the case. > > But, to answer your question, we did not upgrade the version of Java. We are > using 1.8.0_265 on the server. The Java client did not change either. Try using Wireshark with SSLKEYLOGFILE to look at the decrypted version. You'll get a lot more info about what is going on. I think you'll need to update Tomcat Native to do that though. I don't think Java supports that env variable. Mark > > > > Mark Claassen > Senior Software Engineer > > Donnell Systems, Inc. > 130 South Main Street > Leighton Plaza Suite 375 > South Bend, IN 46601 > E-mail: mailto:mclaas...@ocie.net > Voice: (574)232-3784 > Fax: (574)232-4014 > > Disclaimer: > The opinions provided herein do not necessarily state or reflect those > of Donnell Systems, Inc.(DSI). DSI makes no warranty for and assumes > no legal liability or responsibility for the posting. > > > -Original Message- > From: jonmcalexan...@wellsfargo.com.INVALID > > Sent: Thursday, June 10, 2021 12:02 PM > To: users@tomcat.apache.org > Subject: [Possible Spam] RE: Strange connection error > Importance: Low > > Is it a cypher issue? (noting the handshake issue). Did you also upgrade the > Java at the same time? > > Dream * Excel * Explore * Inspire > Jon McAlexander > Infrastructure Engineer > Asst Vice President > > Middleware Product Engineering > Enterprise CIO | Platf
Re: Strange connection error
Thanks for the tip. To be honest, I am not exactly sure how to set that up,
but since it involves the rebuilding of the native libraries, I will start with
that. Maybe that alone will solve the issue.
If not, I will try to figure out how to debug all this. If I get stuck, I will
post another message. I will also post a message when this is solved, in case
anyone else encounters similar behavior.
Thanks again,
-
Mark Claassen
Senior Software Engineer
Donnell Systems, Inc.
130 South Main Street
Leighton Plaza Suite 375
South Bend, IN 46601
E-mail: mailto:mclaas...@ocie.net
Voice: (574)232-3784
Fax: (574)232-4014
---
Confidentiality Notice: OCIESERVICE
---
The contents of this e-mail message and any attachments are intended solely for
the addressee(s) named in this message. This communication is intended to be
and to remain confidential. If you are not the intended recipient of this
message, or if this message has been addressed to you in error, please
immediately alert the sender by reply e-mail and then delete this message and
its attachments. Do not deliver, distribute, copy, disclose the contents or
take any action in reliance upon the information contained in the communication
or any attachments.
-Original Message-
From: Mark Thomas
Sent: Thursday, June 10, 2021 2:01 PM
To: users@tomcat.apache.org
Subject: [Possible Spam] Re: Strange connection error
Importance: Low
On 10/06/2021 18:11, Mark A. Claassen wrote:
> Thanks for the reply.
>
> Is doesn't seem like OpenSSL is rejecting the connection. I would have
> thought that if OpenSSL would have rejected the connection, it would not hit
> even hit the access log. Maybe that is not the case.
>
> But, to answer your question, we did not upgrade the version of Java. We are
> using 1.8.0_265 on the server. The Java client did not change either.
Try using Wireshark with SSLKEYLOGFILE to look at the decrypted version.
You'll get a lot more info about what is going on. I think you'll need to
update Tomcat Native to do that though. I don't think Java supports that env
variable.
Mark
>
>
>
> Mark Claassen
> Senior Software Engineer
>
> Donnell Systems, Inc.
> 130 South Main Street
> Leighton Plaza Suite 375
> South Bend, IN 46601
> E-mail: mailto:mclaas...@ocie.net
> Voice: (574)232-3784
> Fax: (574)232-4014
>
> Disclaimer:
> The opinions provided herein do not necessarily state or reflect those
> of Donnell Systems, Inc.(DSI). DSI makes no warranty for and assumes
> no legal liability or responsibility for the posting.
>
>
> -Original Message-
> From: jonmcalexan...@wellsfargo.com.INVALID
>
> Sent: Thursday, June 10, 2021 12:02 PM
> To: users@tomcat.apache.org
> Subject: [Possible Spam] RE: Strange connection error
> Importance: Low
>
> Is it a cypher issue? (noting the handshake issue). Did you also upgrade the
> Java at the same time?
>
> Dream * Excel * Explore * Inspire
> Jon McAlexander
> Infrastructure Engineer
> Asst Vice President
>
> Middleware Product Engineering
> Enterprise CIO | Platform Services | Middleware | Infrastructure
> Solutions
>
> 8080 Cobblestone Rd | Urbandale, IA 50322
> MAC: F4469-010
> Tel 515-988-2508 | Cell 515-988-2508
>
> jonmcalexan...@wellsfargo.com
>
> Upcoming PTO: 10/30/2020, 11/6/2020, 11/13/2020, 11/20/2020, 11/27/2020,
> 12/2/2020, 12/4/2020, 12/11/2020, 12/18/2020, 12/28/2020, 12/29/2020,
> 12/30/2020, 12/31/2020 This message may contain confidential and/or
> privileged information. If you are not the addressee or authorized to receive
> this for the addressee, you must not use, copy, disclose, or take any action
> based on this message or any information herein. If you have received this
> message in error, please advise the sender immediately by reply e-mail and
> delete this message. Thank you for your cooperation.
>
>
>> -Original Message-
>> From: Mark A. Claassen
>> Sent: Thursday, June 10, 2021 10:38 AM
>> To: users@tomcat.apache.org
>> Subject: Strange connection error
>>
>> I just upgraded from 9.0.12 to 9.0.46. Everything seemed to go
>> pretty smoothly, but I am getting a strange connection error from
>> certain connections
>>
>> We have several different things that connect to the webserver.
>> Browsers connect fine. We have a monitoring script in Perl that
>> works fine. However, a Java program, which worked fine under the old
>> version of tomcat, can no longer connect.
>>
>> The access log prints out very odd information. Right now it is configured
>> as:
>> pattern="%{-MM-dd HH:mm:ss}t %H %h %m
Re: Strange connection error
On 10/06/2021 18:11, Mark A. Claassen wrote:
Thanks for the reply.
Is doesn't seem like OpenSSL is rejecting the connection. I would have thought
that if OpenSSL would have rejected the connection, it would not hit even hit
the access log. Maybe that is not the case.
But, to answer your question, we did not upgrade the version of Java. We are
using 1.8.0_265 on the server. The Java client did not change either.
Try using Wireshark with SSLKEYLOGFILE to look at the decrypted version.
You'll get a lot more info about what is going on. I think you'll need
to update Tomcat Native to do that though. I don't think Java supports
that env variable.
Mark
Mark Claassen
Senior Software Engineer
Donnell Systems, Inc.
130 South Main Street
Leighton Plaza Suite 375
South Bend, IN 46601
E-mail: mailto:mclaas...@ocie.net
Voice: (574)232-3784
Fax: (574)232-4014
Disclaimer:
The opinions provided herein do not necessarily state or reflect
those of Donnell Systems, Inc.(DSI). DSI makes no warranty for and
assumes no legal liability or responsibility for the posting.
-Original Message-
From: jonmcalexan...@wellsfargo.com.INVALID
Sent: Thursday, June 10, 2021 12:02 PM
To: users@tomcat.apache.org
Subject: [Possible Spam] RE: Strange connection error
Importance: Low
Is it a cypher issue? (noting the handshake issue). Did you also upgrade the
Java at the same time?
Dream * Excel * Explore * Inspire
Jon McAlexander
Infrastructure Engineer
Asst Vice President
Middleware Product Engineering
Enterprise CIO | Platform Services | Middleware | Infrastructure Solutions
8080 Cobblestone Rd | Urbandale, IA 50322
MAC: F4469-010
Tel 515-988-2508 | Cell 515-988-2508
jonmcalexan...@wellsfargo.com
Upcoming PTO: 10/30/2020, 11/6/2020, 11/13/2020, 11/20/2020, 11/27/2020,
12/2/2020, 12/4/2020, 12/11/2020, 12/18/2020, 12/28/2020, 12/29/2020,
12/30/2020, 12/31/2020 This message may contain confidential and/or privileged
information. If you are not the addressee or authorized to receive this for the
addressee, you must not use, copy, disclose, or take any action based on this
message or any information herein. If you have received this message in error,
please advise the sender immediately by reply e-mail and delete this message.
Thank you for your cooperation.
-Original Message-
From: Mark A. Claassen
Sent: Thursday, June 10, 2021 10:38 AM
To: users@tomcat.apache.org
Subject: Strange connection error
I just upgraded from 9.0.12 to 9.0.46. Everything seemed to go pretty
smoothly, but I am getting a strange connection error from certain
connections
We have several different things that connect to the webserver.
Browsers connect fine. We have a monitoring script in Perl that works
fine. However, a Java program, which worked fine under the old
version of tomcat, can no longer connect.
The access log prints out very odd information. Right now it is configured as:
pattern="%{-MM-dd HH:mm:ss}t %H %h %m %U
%q STATUS(%s) BYTES(%b) %{User-Agent}i
%{Referer}i& quot; %I"/>
However the output for this failed connection is:
2021-06-10 11:21:19 null [[Actual IP address]] null "null" ""
STATUS(400) BYTES(-) "-" "-" null All other connections show in the
access log as I would expect.
Does anyone have any idea what is going on here?
-
Extra Information:
- I am using the APR connector and OpenSSL.
- I did not recompile any of the native libraries; they are still
using the ones from 9.0.12.
- We have an Apache webserver we use as a reverse proxy. When
connecting through that, things work.
- Wireshark has this to say about the failure:
TLSv1.2 Record Layer: Alert (Level: Fatal, Description: Handshake
Failure)
Content Type: Alert (21)
Length: 2
Alert Message
Level: Fatal (2)
Description: Handshake Failure (40) Thanks for your
time, Mark
---
Mark Claassen
Senior Software Engineer
Donnell Systems, Inc.
130 South Main Street
Leighton Plaza Suite 375
South Bend, IN 46601
E-mail: mailto:mclaas...@ocie.net
Voice: (574)232-3784
Fax: (574)232-4014
Disclaimer:
The opinions provided herein do not necessarily state or reflect those
of Donnell Systems, Inc.(DSI). DSI makes no warranty for and assumes
no legal liability or responsibility for the posting.
-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org
-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org
-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For
RE: Strange connection error
Thanks for the reply.
Is doesn't seem like OpenSSL is rejecting the connection. I would have thought
that if OpenSSL would have rejected the connection, it would not hit even hit
the access log. Maybe that is not the case.
But, to answer your question, we did not upgrade the version of Java. We are
using 1.8.0_265 on the server. The Java client did not change either.
Mark Claassen
Senior Software Engineer
Donnell Systems, Inc.
130 South Main Street
Leighton Plaza Suite 375
South Bend, IN 46601
E-mail: mailto:mclaas...@ocie.net
Voice: (574)232-3784
Fax: (574)232-4014
Disclaimer:
The opinions provided herein do not necessarily state or reflect
those of Donnell Systems, Inc.(DSI). DSI makes no warranty for and
assumes no legal liability or responsibility for the posting.
-Original Message-
From: jonmcalexan...@wellsfargo.com.INVALID
Sent: Thursday, June 10, 2021 12:02 PM
To: users@tomcat.apache.org
Subject: [Possible Spam] RE: Strange connection error
Importance: Low
Is it a cypher issue? (noting the handshake issue). Did you also upgrade the
Java at the same time?
Dream * Excel * Explore * Inspire
Jon McAlexander
Infrastructure Engineer
Asst Vice President
Middleware Product Engineering
Enterprise CIO | Platform Services | Middleware | Infrastructure Solutions
8080 Cobblestone Rd | Urbandale, IA 50322
MAC: F4469-010
Tel 515-988-2508 | Cell 515-988-2508
jonmcalexan...@wellsfargo.com
Upcoming PTO: 10/30/2020, 11/6/2020, 11/13/2020, 11/20/2020, 11/27/2020,
12/2/2020, 12/4/2020, 12/11/2020, 12/18/2020, 12/28/2020, 12/29/2020,
12/30/2020, 12/31/2020 This message may contain confidential and/or privileged
information. If you are not the addressee or authorized to receive this for the
addressee, you must not use, copy, disclose, or take any action based on this
message or any information herein. If you have received this message in error,
please advise the sender immediately by reply e-mail and delete this message.
Thank you for your cooperation.
> -Original Message-
> From: Mark A. Claassen
> Sent: Thursday, June 10, 2021 10:38 AM
> To: users@tomcat.apache.org
> Subject: Strange connection error
>
> I just upgraded from 9.0.12 to 9.0.46. Everything seemed to go pretty
> smoothly, but I am getting a strange connection error from certain
> connections
>
> We have several different things that connect to the webserver.
> Browsers connect fine. We have a monitoring script in Perl that works
> fine. However, a Java program, which worked fine under the old
> version of tomcat, can no longer connect.
>
> The access log prints out very odd information. Right now it is configured
> as:
> pattern="%{-MM-dd HH:mm:ss}t %H %h %m %U
> %q STATUS(%s) BYTES(%b) %{User-Agent}i
> %{Referer}i& quot; %I"/>
>
> However the output for this failed connection is:
> 2021-06-10 11:21:19 null [[Actual IP address]] null "null" ""
> STATUS(400) BYTES(-) "-" "-" null All other connections show in the
> access log as I would expect.
>
> Does anyone have any idea what is going on here?
> -
> Extra Information:
> - I am using the APR connector and OpenSSL.
> - I did not recompile any of the native libraries; they are still
> using the ones from 9.0.12.
> - We have an Apache webserver we use as a reverse proxy. When
> connecting through that, things work.
>
> - Wireshark has this to say about the failure:
>
> TLSv1.2 Record Layer: Alert (Level: Fatal, Description: Handshake
> Failure)
> Content Type: Alert (21)
> Length: 2
> Alert Message
> Level: Fatal (2)
> Description: Handshake Failure (40) Thanks for your
> time, Mark
>
> ---
> Mark Claassen
> Senior Software Engineer
>
> Donnell Systems, Inc.
> 130 South Main Street
> Leighton Plaza Suite 375
> South Bend, IN 46601
> E-mail: mailto:mclaas...@ocie.net
> Voice: (574)232-3784
> Fax: (574)232-4014
>
> Disclaimer:
> The opinions provided herein do not necessarily state or reflect those
> of Donnell Systems, Inc.(DSI). DSI makes no warranty for and assumes
> no legal liability or responsibility for the posting.
>
>
>
> -
> To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
> For additional commands, e-mail: users-h...@tomcat.apache.org
-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org
-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org
RE: Strange connection error
Is it a cypher issue? (noting the handshake issue). Did you also upgrade the
Java at the same time?
Dream * Excel * Explore * Inspire
Jon McAlexander
Infrastructure Engineer
Asst Vice President
Middleware Product Engineering
Enterprise CIO | Platform Services | Middleware | Infrastructure Solutions
8080 Cobblestone Rd | Urbandale, IA 50322
MAC: F4469-010
Tel 515-988-2508 | Cell 515-988-2508
jonmcalexan...@wellsfargo.com
Upcoming PTO: 10/30/2020, 11/6/2020, 11/13/2020, 11/20/2020, 11/27/2020,
12/2/2020, 12/4/2020, 12/11/2020, 12/18/2020, 12/28/2020, 12/29/2020,
12/30/2020, 12/31/2020
This message may contain confidential and/or privileged information. If you are
not the addressee or authorized to receive this for the addressee, you must not
use, copy, disclose, or take any action based on this message or any
information herein. If you have received this message in error, please advise
the sender immediately by reply e-mail and delete this message. Thank you for
your cooperation.
> -Original Message-
> From: Mark A. Claassen
> Sent: Thursday, June 10, 2021 10:38 AM
> To: users@tomcat.apache.org
> Subject: Strange connection error
>
> I just upgraded from 9.0.12 to 9.0.46. Everything seemed to go pretty
> smoothly, but I am getting a strange connection error from certain
> connections
>
> We have several different things that connect to the webserver. Browsers
> connect fine. We have a monitoring script in Perl that works fine. However,
> a Java program, which worked fine under the old version of tomcat, can no
> longer connect.
>
> The access log prints out very odd information. Right now it is configured
> as:
> pattern="%{-MM-dd HH:mm:ss}t %H %h %m %U
> %q STATUS(%s) BYTES(%b) %{User-Agent}i
> %{Referer}i& quot; %I"/>
>
> However the output for this failed connection is:
> 2021-06-10 11:21:19 null [[Actual IP address]] null "null" ""
> STATUS(400) BYTES(-) "-" "-" null All other connections show in the access log
> as I would expect.
>
> Does anyone have any idea what is going on here?
> -
> Extra Information:
> - I am using the APR connector and OpenSSL.
> - I did not recompile any of the native libraries; they are still using the
> ones
> from 9.0.12.
> - We have an Apache webserver we use as a reverse proxy. When
> connecting through that, things work.
>
> - Wireshark has this to say about the failure:
>
> TLSv1.2 Record Layer: Alert (Level: Fatal, Description: Handshake
> Failure)
> Content Type: Alert (21)
> Length: 2
> Alert Message
> Level: Fatal (2)
> Description: Handshake Failure (40)
> Thanks for your time,
> Mark
>
> ---
> Mark Claassen
> Senior Software Engineer
>
> Donnell Systems, Inc.
> 130 South Main Street
> Leighton Plaza Suite 375
> South Bend, IN 46601
> E-mail: mailto:mclaas...@ocie.net
> Voice: (574)232-3784
> Fax: (574)232-4014
>
> Disclaimer:
> The opinions provided herein do not necessarily state or reflect those of
> Donnell Systems, Inc.(DSI). DSI makes no warranty for and assumes no legal
> liability or responsibility for the posting.
>
>
>
> -
> To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
> For additional commands, e-mail: users-h...@tomcat.apache.org
-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org
Strange connection error
I just upgraded from 9.0.12 to 9.0.46. Everything seemed to go pretty
smoothly, but I am getting a strange connection error from certain connections
We have several different things that connect to the webserver. Browsers
connect fine. We have a monitoring script in Perl that works fine. However, a
Java program, which worked fine under the old version of tomcat, can no longer
connect.
The access log prints out very odd information. Right now it is configured as:
pattern="%{-MM-dd HH:mm:ss}t %H %h %m %U %q
STATUS(%s) BYTES(%b) %{User-Agent}i %{Referer}i&
quot; %I"/>
However the output for this failed connection is:
2021-06-10 11:21:19 null [[Actual IP address]] null "null" ""
STATUS(400) BYTES(-) "-" "-" null
All other connections show in the access log as I would expect.
Does anyone have any idea what is going on here?
-
Extra Information:
- I am using the APR connector and OpenSSL.
- I did not recompile any of the native libraries; they are still using the
ones from 9.0.12.
- We have an Apache webserver we use as a reverse proxy. When connecting
through that, things work.
- Wireshark has this to say about the failure:
TLSv1.2 Record Layer: Alert (Level: Fatal, Description: Handshake
Failure)
Content Type: Alert (21)
Length: 2
Alert Message
Level: Fatal (2)
Description: Handshake Failure (40)
Thanks for your time,
Mark
---
Mark Claassen
Senior Software Engineer
Donnell Systems, Inc.
130 South Main Street
Leighton Plaza Suite 375
South Bend, IN 46601
E-mail: mailto:mclaas...@ocie.net
Voice: (574)232-3784
Fax: (574)232-4014
Disclaimer:
The opinions provided herein do not necessarily state or reflect
those of Donnell Systems, Inc.(DSI). DSI makes no warranty for and
assumes no legal liability or responsibility for the posting.
-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org
