Re: NoClassDefFoundError for SSL operations

[Mark Thomas]

On 23/02/2024 01:14, bigelytechnol...@yahoo.com wrote:

This spammer has been unsubscribed and banned from re-subscribing.

Mark

-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org

Re: Long lasting websocket sessions

[bigelytechnol...@yahoo.com]

 Hello Dear
Thanks for your reply
l would use this opportunity to briefly introduce our company, Bigly
Technologies Thailand,  We are one of the leading importers in Asia , and
the Middle East on general Goods and Equipment.
On behalf of Bigly Technologies Thailand, this is the samples of the
product that we want develop.
Please Kindly view our website for the samples and the product we need if
your company can
make the similar like this product.
*E-Catalogue:  *https://biglytechcatalog.es.tl

Please quote us your best prices and the cost of delivery to our port and
if the prices meets our
price target we can place our order as soon as possible.
Thank You!

Best Regards

*Wat Namtip*

Purchase Manager

*Bigly Technologies Thailand*

2/51 BangNa Complex Office Tower, 11th Floor, Soi BangNa Trat 25, Bangna
Nua, Bangna, Bangkok 10260 Thailand

Telephone: +66 (0)2150 10 15

On Sat, Feb 17, 2024 at 2:46 AM Chuck Caldarale  wrote:

>
> > On Feb 16, 2024, at 11:31, Mark Thomas  wrote:
> >
> > On 09/02/2024 13:47, Alex O'Ree wrote:
> >> I've been experimenting with tomcat 9.x in seeing how long i can get a
> web
> >> socket session to last. I'm currently struggling to get past 30 minutes
> or
> >> so. Looking for guidance on how to best increase this or if this is a
> bad
> >> idea.
> >> Here's the current configuration and what i've tried thus far:
> >> The server continuously streams messages the client, about 1 per second
> >> The client periodically (every 30 seconds) sends a keep alive text
> message
> >> back to the server
> >> The server side endpoint sets the Session.setTimeout(0); according to
> the
> >> docs, this should prevent timeouts
> >> The server side WAR file/WEB-INF/web.xml had a session timeout defined
> at
> >> 15 minutes but i then removed it in order to increase the websocket
> >> duration.
> >> Despite all this, both the client and server log a session disconnect,
> but
> >> i'm still not sure what the reasoning is. I'm still assuming it's some
> kind
> >> of timeout mechanism.
> >
> > I think you need to do a little more investigation with your
> application. I've been running the snake WebSocket example on 9.0.x for
> over any hour wihtout any issues.
>
>
> Are there any boxes (eg, load balancer, firewall) between the client and
> server that might be forcibly dropping TCP connections after 30 minutes?
>
>   - Chuck
>
>
> -
> To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
> For additional commands, e-mail: users-h...@tomcat.apache.org
>
>

Re: Compile with JDK 17, run on JRE 11?

[bigelytechnol...@yahoo.com]

 Hello Dear
Thanks for your reply
l would use this opportunity to briefly introduce our company, Bigly
Technologies Thailand,  We are one of the leading importers in Asia , and
the Middle East on general Goods and Equipment.
On behalf of Bigly Technologies Thailand, this is the samples of the
product that we want develop.
Please Kindly view our website for the samples and the product we need if
your company can
make the similar like this product.
*E-Catalogue:  *https://biglytechcatalog.es.tl

Please quote us your best prices and the cost of delivery to our port and
if the prices meets our
price target we can place our order as soon as possible.
Thank You!

Best Regards

*Wat Namtip*

Purchase Manager

*Bigly Technologies Thailand*

2/51 BangNa Complex Office Tower, 11th Floor, Soi BangNa Trat 25, Bangna
Nua, Bangna, Bangkok 10260 Thailand

Telephone: +66 (0)2150 10 15

On Sat, Feb 17, 2024 at 11:02 PM Troels Arvin 
wrote:

> Hello,
>
> Since 9.0.83, building Tomcat has required JDK 17, according to the
> release notes.
>
> Is it possible to take the resulting binaries and run them on JRE 11?
>
> --
> Regards,
> Troels Arvin
>

Re: TOMCAT CERTIFICATE RENEWAL

[bigelytechnol...@yahoo.com]

 Hello Dear
Thanks for your reply
l would use this opportunity to briefly introduce our company, Bigly
Technologies Thailand,  We are one of the leading importers in Asia , and
the Middle East on general Goods and Equipment.
On behalf of Bigly Technologies Thailand, this is the samples of the
product that we want develop.
Please Kindly view our website for the samples and the product we need if
your company can
make the similar like this product.
*E-Catalogue:  *https://biglytechcatalog.es.tl

Please quote us your best prices and the cost of delivery to our port and
if the prices meets our
price target we can place our order as soon as possible.
Thank You!

Best Regards

*Wat Namtip*

Purchase Manager

*Bigly Technologies Thailand*

2/51 BangNa Complex Office Tower, 11th Floor, Soi BangNa Trat 25, Bangna
Nua, Bangna, Bangkok 10260 Thailand

Telephone: +66 (0)2150 10 15

On Mon, Feb 19, 2024 at 2:02 PM Ganesan, Prabu
 wrote:

>  Hi Guys,
>
> How to renew the certificate in Tomcat Can anyone provide with steps as we
> have Our tomcat certificate is about to expire in Next week, Anybody can
> help with  renew steps:
>
> Tomcat version : 8.5.5.0
>
> Thanks & Regards,
> _
> PrabuGanesan
> Consultant|MS-Nordics
> capgemini India Pvt. Ltd. | Bangalore
> Contact: +91 8526554535
> Email: prabhu.c.gane...@capgemini.com
>
> www.capgemini.com
> People matter, results count.
> __
> Connect with Capgemini:
>
>
> Please consider the environment and do not print this email unless
> absolutely necessary.
> Capgemini encourages environmental awareness.
>
> -Original Message-
> From: Christopher Schultz 
> Sent: Friday, February 16, 2024 8:56 PM
> To: users@tomcat.apache.org
> Subject: Re: Tomcat/Java starts using too much memory and not by the heap
> or non-heap memory
>
> **This mail has been sent from an external source. Do not reply to it,
> or open any links/attachments unless you are sure of the sender's
> identity.**
>
> Chuck and Brian,
>
> On 2/15/24 10:53, Chuck Caldarale wrote:
> >
> >> On Feb 15, 2024, at 09:04, Brian Braun  wrote:
> >>
> >> I discovered the JCMD command to perform the native memory tracking.
> >> When running it, after 3-4 days since I started Tomcat, I found out
> >> that the compiler was using hundreds of MB and that is exactly why
> >> the Tomcat process starts abusing the memory! This is what I saw when
> executing "sudo jcmd  VM.native_memory scale=MB":
> >>
> >> Compiler (reserved=3D340MB, commited=3D340MB) (arena=3D340MB #10)
> >>
> >> Then I discovered the Jemalloc tool (http://jemalloc.net
> >> ) and its jeprof tool, so I started launching
> >> Tomcat using it. Then, after 3-4 days after Tomcat starts I was able
> >> to create some GIF images from the dumps that Jemalloc creates. The
> >> GIF files show the problem: 75-90% of the memory is being used by
> >> some weird activity in the compiler! It seems that something called
> >> "The C2 compile/JIT compiler" starts doing something after 3-4 days,
> and that creates the leak. Why after 3-4 days and not sooner? I don't know.
> >
> >
> > There have been numerous bugs filed with OpenJDK for C2 memory leaks
> over the past few years, mostly related to recompiling certain methods. The
> C2 compiler kicks in when fully optimizing methods, and it may recompile
> methods after internal instrumentation shows that additional performance
> can be obtained by doing so.
> >
> >
> >> I am attaching the GIF in this email.
> >
> >
> > Attachments are stripped on this mailing list.
>
> :(
>
> I'd love to see these.
>
> >> Does anybody know how to deal with this?
> >
> >
> > You could disable the C2 compiler temporarily, and just let C1 handle
> your code. Performance will be somewhat degraded, but may well still be
> acceptable. Add the following to the JVM options when you launch Tomcat:
> >
> > -XX:TieredStopAtLevel=1
> >
> >
> >> By the way, I'm running my website using Tomcat 9.0.58, Java
> >> "11.0.21+9-post-Ubuntu-0ubuntu122.04", Ubuntu 22.04.03. And I am
> >> developing using Eclipse and compiling my WAR file with a "Compiler
> >> compliance level:11".
> >
> >
> > You could try a more recent JVM version; JDK 11 was first released over
> 5 years ago, although it is still being maintained.
>
> There is an 11.0.22 -- just a patch-release away from what you appear to
> have. I'm not sure if it's offered through your package-manager, but you
> could give it a try directly from e.g. Eclipse Adoptium / Temurin.
>
> Honestly, if your code runs on Java 11, it's very likely that it will run
> just fine on Java 17 or Java 21. Debian has packages for Java 17 for sure,
> so I suspect Ubuntu will have them available as well.
>
> Debian-based distros will allow you to install and run multiple JDKs/JREs
> in parallel, so you can install Java 17 (or 21) without cutting-off access
> to Java 11 if you still want it.

Re: TOMCAT CERTIFICATE RENEWAL

[bigelytechnol...@yahoo.com]

 Hello Dear
Thanks for your reply
l would use this opportunity to briefly introduce our company, Bigly
Technologies Thailand,  We are one of the leading importers in Asia , and
the Middle East on general Goods and Equipment.
On behalf of Bigly Technologies Thailand, this is the samples of the
product that we want develop.
Please Kindly view our website for the samples and the product we need if
your company can
make the similar like this product.
*E-Catalogue:  *https://biglytechcatalog.es.tl

Please quote us your best prices and the cost of delivery to our port and
if the prices meets our
price target we can place our order as soon as possible.
Thank You!

Best Regards

*Wat Namtip*

Purchase Manager

*Bigly Technologies Thailand*

2/51 BangNa Complex Office Tower, 11th Floor, Soi BangNa Trat 25, Bangna
Nua, Bangna, Bangkok 10260 Thailand

Telephone: +66 (0)2150 10 15

On Mon, Feb 19, 2024 at 2:08 PM Ganesan, Prabu
 wrote:

>  Hi Guys,
>
>  How to renew the certificate in Tomcat Can anyone provide with steps as
> we have Our tomcat certificate is about to expire in Next week, Anybody can
> help with  renew steps:
>
>  Tomcat version : 8.5.5.0
>
> Thanks & Regards,
>
> _[image:
> Email_CBE.gif]
>
> *PrabuGanesan*
>
> *Consultant|MS-Nordics*
>
> capgemini India Pvt. Ltd. | Bangalore
>
> Contact: +91 8526554535
>
> Email: prabhu.c.gane...@capgemini.com
>
>
>
> www.capgemini.com
>
> *People matter, results count.*
>
> __
>
> *Connect with Capgemini:*
> 
>  
> 
> 
> 
>
>
>
> Please consider the environment and do not print this email unless
> absolutely necessary.
>
> Capgemini encourages environmental awareness.
>
>
> This message contains information that may be privileged or confidential
> and is the property of the Capgemini Group. It is intended only for the
> person to whom it is addressed. If you are not the intended recipient, you
> are not authorized to read, print, retain, copy, disseminate, distribute,
> or use this message or any part thereof. If you receive this message in
> error, please notify the sender immediately and delete all copies of this
> message.
>

Re: The custom 404 page of Tomcat8 suddenly becomes invalid

[bigelytechnol...@yahoo.com]

 Hello Dear
Thanks for your reply
l would use this opportunity to briefly introduce our company, Bigly
Technologies Thailand,  We are one of the leading importers in Asia , and
the Middle East on general Goods and Equipment.
On behalf of Bigly Technologies Thailand, this is the samples of the
product that we want develop.
Please Kindly view our website for the samples and the product we need if
your company can
make the similar like this product.
*E-Catalogue:  *https://biglytechcatalog.es.tl

Please quote us your best prices and the cost of delivery to our port and
if the prices meets our
price target we can place our order as soon as possible.
Thank You!

Best Regards

*Wat Namtip*

Purchase Manager

*Bigly Technologies Thailand*

2/51 BangNa Complex Office Tower, 11th Floor, Soi BangNa Trat 25, Bangna
Nua, Bangna, Bangkok 10260 Thailand

Telephone: +66 (0)2150 10 15

On Mon, Feb 19, 2024 at 8:35 AM LeventLee <894793...@qq.com.invalid> wrote:

> Hello,
>
>
> Here is my information：
> openjdk version "1.8.0_345" | OpenJDK Runtime Environment (build
> 1.8.0_345-b01) | OpenJDK 64-Bit Server VM (build 25.345-b01, mixed mode)
>
> Linux 5.10.134-12.al8.x86_64
> Apache Tomcat/8.0.24
>
>
>
> Now, please let me explain the problems encountered：
> Previously, I set up a custom 404 page in tomcat's WEB INF/web.xml, so
> that once the client accesses a non-existent page, it will return to this
> 404 page. However, not long ago, after Tomcat restarted, it was unable to
> return the custom 404 page and only returned the browser's 404 page.
> I have checked the localhost logs of Tomcat and found a large number of
> errors:org.apache.catalina.core.ApplicationContext.log ssi:
> Can't serve file:/WEB-INF/index/my404page
>
> But the custom 404 page does exist,and the path is right.
> I want to figure out what this error means. If possible, maybe can
> try this problem.
>
>
> Thanks in advance for your suggestions!

Re: Community Over Code Asia 2024 Travel Assistance Applications now open!

[bigelytechnol...@yahoo.com]

 Hello Dear
Thanks for your reply
l would use this opportunity to briefly introduce our company, Bigly
Technologies Thailand,  We are one of the leading importers in Asia , and
the Middle East on general Goods and Equipment.
On behalf of Bigly Technologies Thailand, this is the samples of the
product that we want develop.
Please Kindly view our website for the samples and the product we need if
your company can
make the similar like this product.
*E-Catalogue:  *https://biglytechcatalog.es.tl

Please quote us your best prices and the cost of delivery to our port and
if the prices meets our
price target we can place our order as soon as possible.
Thank You!

Best Regards

*Wat Namtip*

Purchase Manager

*Bigly Technologies Thailand*

2/51 BangNa Complex Office Tower, 11th Floor, Soi BangNa Trat 25, Bangna
Nua, Bangna, Bangkok 10260 Thailand

Telephone: +66 (0)2150 10 15

On Tue, Feb 20, 2024 at 4:30 PM Gavin McDonald 
wrote:

> Hello to all users, contributors and Committers!
>
> The Travel Assistance Committee (TAC) are pleased to announce that
> travel assistance applications for Community over Code Asia 2024 are now
> open!
>
> We will be supporting Community over Code Asia, Hangzhou, China
> July 26th - 28th, 2024.
>
> TAC exists to help those that would like to attend Community over Code
> events, but are unable to do so for financial reasons. For more info
> on this year's applications and qualifying criteria, please visit the
> TAC website at < https://tac.apache.org/ >. Applications are already
> open on https://tac-apply.apache.org/, so don't delay!
>
> The Apache Travel Assistance Committee will only be accepting
> applications from those people that are able to attend the full event.
>
> Important: Applications close on Friday, May 10th, 2024.
>
> Applicants have until the the closing date above to submit their
> applications (which should contain as much supporting material as
> required to efficiently and accurately process their request), this
> will enable TAC to announce successful applications shortly
> afterwards.
>
> As usual, TAC expects to deal with a range of applications from a
> diverse range of backgrounds; therefore, we encourage (as always)
> anyone thinking about sending in an application to do so ASAP.
>
> For those that will need a Visa to enter the Country - we advise you to
> apply
> now so that you have enough time in case of interview delays. So do not
> wait until you know if you have been accepted or not.
>
> We look forward to greeting many of you in Hangzhou, China in July, 2024!
>
> Kind Regards,
>
> Gavin
>
> (On behalf of the Travel Assistance Committee)
>

Re: NoClassDefFoundError for SSL operations

[bigelytechnol...@yahoo.com]

 Hello Dear
Thanks for your reply
l would use this opportunity to briefly introduce our company, Bigly
Technologies Thailand,  We are one of the leading importers in Asia , and
the Middle East on general Goods and Equipment.
On behalf of Bigly Technologies Thailand, this is the samples of the
product that we want develop.
Please Kindly view our website for the samples and the product we need if
your company can
make the similar like this product.
*E-Catalogue:  *https://biglytechcatalog.es.tl

Please quote us your best prices and the cost of delivery to our port and
if the prices meets our
price target we can place our order as soon as possible.
Thank You!

Best Regards

*Wat Namtip*

Purchase Manager

*Bigly Technologies Thailand*

2/51 BangNa Complex Office Tower, 11th Floor, Soi BangNa Trat 25, Bangna
Nua, Bangna, Bangkok 10260 Thailand

Telephone: +66 (0)2150 10 15


On Fri, Feb 23, 2024 at 12:07 AM Simon Arame  wrote:

> We have Tomcat 9.0.81 running under OpenJDK 1.8.0_402-b06
>
> Since the latest OpenJDK upgrade we get some errors when trying to perform
> SSL Operations like obtaining the bytes of an HTTPS url or sending an email
> through SMTP with TLS on.
>
> Note that with the same jdk, those operations succeed when run directly
> with java outside of Tomcat.
>
> The top of the stack traces always has org/bouncycastle/asn1/x9/X9Curve as
> "class not found".
>
> Here is the stack trace for a regular smtp email send failed attempt:
>
> java.lang.NoClassDefFoundError: org/bouncycastle/asn1/x9/X9Curve
> at org.bouncycastle.asn1.x9.X9ECParameters.toASN1Object(Unknown
> Source)
> at org.bouncycastle.asn1.ASN1Encodable.getDERObject(Unknown Source)
> at org.bouncycastle.asn1.x9.X962Parameters.(Unknown Source)
> at org.bouncycastle.jce.provider.JCEECPublicKey.getEncoded(Unknown
> Source)
> at
> org.bouncycastle.jce.provider.JCEECPrivateKey.getPublicKeyDetails(Unknown
> Source)
> at org.bouncycastle.jce.provider.JCEECPrivateKey.(Unknown
> Source)
> at
> org.bouncycastle.jce.provider.asymmetric.ec
> .KeyPairGenerator$EC.generateKeyPair(Unknown
> Source)
> at
>
> sun.security.ssl.ECDHKeyExchange$ECDHEPossession.(ECDHKeyExchange.java:128)
> at
>
> sun.security.ssl.ECDHClientKeyExchange$ECDHEClientKeyExchangeProducer.produce(ECDHClientKeyExchange.java:392)
> at
>
> sun.security.ssl.ClientKeyExchange$ClientKeyExchangeProducer.produce(ClientKeyExchange.java:65)
> at sun.security.ssl.SSLHandshake.produce(SSLHandshake.java:421)
> at
>
> sun.security.ssl.ServerHelloDone$ServerHelloDoneConsumer.consume(ServerHelloDone.java:182)
> at sun.security.ssl.SSLHandshake.consume(SSLHandshake.java:377)
> at
> sun.security.ssl.HandshakeContext.dispatch(HandshakeContext.java:444)
> at
> sun.security.ssl.HandshakeContext.dispatch(HandshakeContext.java:422)
> at
> sun.security.ssl.TransportContext.dispatch(TransportContext.java:182)
> at sun.security.ssl.SSLTransport.decode(SSLTransport.java:152)
> at sun.security.ssl.SSLSocketImpl.decode(SSLSocketImpl.java:1401)
> at
> sun.security.ssl.SSLSocketImpl.readHandshakeRecord(SSLSocketImpl.java:1309)
> at
> sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:440)
> at
> com.sun.mail.util.SocketFetcher.configureSSLSocket(SocketFetcher.java:602)
> at com.sun.mail.util.SocketFetcher.startTLS(SocketFetcher.java:529)
> at
> com.sun.mail.smtp.SMTPTransport.startTLS(SMTPTransport.java:2135)
> at
> com.sun.mail.smtp.SMTPTransport.protocolConnect(SMTPTransport.java:734)
> at javax.mail.Service.connect(Service.java:364)
> at javax.mail.Service.connect(Service.java:222)
> at javax.mail.Service.connect(Service.java:171)
>
>
> and the stack trace while trying to obtain an HTTPS url with jersey-client
> org/bouncycastle/asn1/x9/X9Curve
> at
> org.glassfish.jersey.client.ClientRuntime.invoke(ClientRuntime.java:312)
> at
>
> org.glassfish.jersey.client.JerseyInvocation.lambda$invoke$1(JerseyInvocation.java:675)
> at
>
> org.glassfish.jersey.client.JerseyInvocation.call(JerseyInvocation.java:697)
> at
>
> org.glassfish.jersey.client.JerseyInvocation.lambda$runInScope$3(JerseyInvocation.java:691)
> at org.glassfish.jersey.internal.Errors.process(Errors.java:292)
> at org.glassfish.jersey.internal.Errors.process(Errors.java:274)
> at org.glassfish.jersey.internal.Errors.process(Errors.java:205)
> at
>
> org.glassfish.jersey.process.internal.RequestScope.runInScope(RequestScope.java:390)
> at
>
> org.glassfish.jersey.client.JerseyInvocation.runInScope(JerseyInvocation.java:691)
> at
>
> org.glassfish.jersey.client.JerseyInvocation.invoke(JerseyInvocation.java:674)
> at
>
> org.glassfish.jersey.client.JerseyInvocation$Builder.method(JerseyInvocation.java:422)
> at
>
> 

AW: NoClassDefFoundError for SSL operations

[Thomas Hoffmann (Speed4Trade GmbH)]

Hello Simon,

> -Ursprüngliche Nachricht-
> Von: Simon Arame 
> Gesendet: Donnerstag, 22. Februar 2024 18:06
> An: users@tomcat.apache.org
> Betreff: NoClassDefFoundError for SSL operations
> 
> We have Tomcat 9.0.81 running under OpenJDK 1.8.0_402-b06
> 
> Since the latest OpenJDK upgrade we get some errors when trying to perform
> SSL Operations like obtaining the bytes of an HTTPS url or sending an email
> through SMTP with TLS on.
> 
> Note that with the same jdk, those operations succeed when run directly with
> java outside of Tomcat.
> 
> The top of the stack traces always has org/bouncycastle/asn1/x9/X9Curve as
> "class not found".
> 
> Here is the stack trace for a regular smtp email send failed attempt:
> 
> java.lang.NoClassDefFoundError: org/bouncycastle/asn1/x9/X9Curve
> at org.bouncycastle.asn1.x9.X9ECParameters.toASN1Object(Unknown
> Source)
> at org.bouncycastle.asn1.ASN1Encodable.getDERObject(Unknown Source)
> at org.bouncycastle.asn1.x9.X962Parameters.(Unknown Source)
> at org.bouncycastle.jce.provider.JCEECPublicKey.getEncoded(Unknown
> Source)
> at
> org.bouncycastle.jce.provider.JCEECPrivateKey.getPublicKeyDetails(Unknown
> Source)
> at org.bouncycastle.jce.provider.JCEECPrivateKey.(Unknown
> Source)
> at
> org.bouncycastle.jce.provider.asymmetric.ec.KeyPairGenerator$EC.generateKey
> Pair(Unknown
> Source)
> at
> sun.security.ssl.ECDHKeyExchange$ECDHEPossession.(ECDHKeyExchange.j
> ava:128)
> at
> sun.security.ssl.ECDHClientKeyExchange$ECDHEClientKeyExchangeProducer.pro
> duce(ECDHClientKeyExchange.java:392)
> at
> sun.security.ssl.ClientKeyExchange$ClientKeyExchangeProducer.produce(ClientK
> eyExchange.java:65)
> at sun.security.ssl.SSLHandshake.produce(SSLHandshake.java:421)
> at
> sun.security.ssl.ServerHelloDone$ServerHelloDoneConsumer.consume(ServerHe
> lloDone.java:182)
> at sun.security.ssl.SSLHandshake.consume(SSLHandshake.java:377)
> at
> sun.security.ssl.HandshakeContext.dispatch(HandshakeContext.java:444)
> at
> sun.security.ssl.HandshakeContext.dispatch(HandshakeContext.java:422)
> at
> sun.security.ssl.TransportContext.dispatch(TransportContext.java:182)
> at sun.security.ssl.SSLTransport.decode(SSLTransport.java:152)
> at sun.security.ssl.SSLSocketImpl.decode(SSLSocketImpl.java:1401)
> at
> sun.security.ssl.SSLSocketImpl.readHandshakeRecord(SSLSocketImpl.java:1309)
> at
> sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:440)
> at
> com.sun.mail.util.SocketFetcher.configureSSLSocket(SocketFetcher.java:602)
> at com.sun.mail.util.SocketFetcher.startTLS(SocketFetcher.java:529)
> at com.sun.mail.smtp.SMTPTransport.startTLS(SMTPTransport.java:2135)
> at
> com.sun.mail.smtp.SMTPTransport.protocolConnect(SMTPTransport.java:734)
> at javax.mail.Service.connect(Service.java:364)
> at javax.mail.Service.connect(Service.java:222)
> at javax.mail.Service.connect(Service.java:171)
> 
> 
> and the stack trace while trying to obtain an HTTPS url with jersey-client
> org/bouncycastle/asn1/x9/X9Curve
> at
> org.glassfish.jersey.client.ClientRuntime.invoke(ClientRuntime.java:312)
> at
> org.glassfish.jersey.client.JerseyInvocation.lambda$invoke$1(JerseyInvocation.ja
> va:675)
> at
> org.glassfish.jersey.client.JerseyInvocation.call(JerseyInvocation.java:697)
> at
> org.glassfish.jersey.client.JerseyInvocation.lambda$runInScope$3(JerseyInvocati
> on.java:691)
> at org.glassfish.jersey.internal.Errors.process(Errors.java:292)
> at org.glassfish.jersey.internal.Errors.process(Errors.java:274)
> at org.glassfish.jersey.internal.Errors.process(Errors.java:205)
> at
> org.glassfish.jersey.process.internal.RequestScope.runInScope(RequestScope.jav
> a:390)
> at
> org.glassfish.jersey.client.JerseyInvocation.runInScope(JerseyInvocation.java:691
> )
> at
> org.glassfish.jersey.client.JerseyInvocation.invoke(JerseyInvocation.java:674)
> at
> org.glassfish.jersey.client.JerseyInvocation$Builder.method(JerseyInvocation.java
> :422)
> at
> org.glassfish.jersey.client.JerseyInvocation$Builder.get(JerseyInvocation.java:318
> )
> 
> 
> I asked for an upgrade of tomcat from 9.0.81 to to 9.0.86 and am waiting to 
> see
> if this will resolve our problems. Any advice or links/reports on that problem
> would be appreciated.
> 
> Simon

Bouncycastle is a 3rd party library. It has nothing to do with Tomcat, nor the 
JDK.
Check were you reference the bouncycastle class.
You someone has edited the java.security file within the JDK.

If you are on linux, you can also grep for any references.

Greetings, Thomas

NoClassDefFoundError for SSL operations

[Simon Arame]

We have Tomcat 9.0.81 running under OpenJDK 1.8.0_402-b06

Since the latest OpenJDK upgrade we get some errors when trying to perform
SSL Operations like obtaining the bytes of an HTTPS url or sending an email
through SMTP with TLS on.

Note that with the same jdk, those operations succeed when run directly
with java outside of Tomcat.

The top of the stack traces always has org/bouncycastle/asn1/x9/X9Curve as
"class not found".

Here is the stack trace for a regular smtp email send failed attempt:

java.lang.NoClassDefFoundError: org/bouncycastle/asn1/x9/X9Curve
at org.bouncycastle.asn1.x9.X9ECParameters.toASN1Object(Unknown
Source)
at org.bouncycastle.asn1.ASN1Encodable.getDERObject(Unknown Source)
at org.bouncycastle.asn1.x9.X962Parameters.(Unknown Source)
at org.bouncycastle.jce.provider.JCEECPublicKey.getEncoded(Unknown
Source)
at
org.bouncycastle.jce.provider.JCEECPrivateKey.getPublicKeyDetails(Unknown
Source)
at org.bouncycastle.jce.provider.JCEECPrivateKey.(Unknown
Source)
at
org.bouncycastle.jce.provider.asymmetric.ec.KeyPairGenerator$EC.generateKeyPair(Unknown
Source)
at
sun.security.ssl.ECDHKeyExchange$ECDHEPossession.(ECDHKeyExchange.java:128)
at
sun.security.ssl.ECDHClientKeyExchange$ECDHEClientKeyExchangeProducer.produce(ECDHClientKeyExchange.java:392)
at
sun.security.ssl.ClientKeyExchange$ClientKeyExchangeProducer.produce(ClientKeyExchange.java:65)
at sun.security.ssl.SSLHandshake.produce(SSLHandshake.java:421)
at
sun.security.ssl.ServerHelloDone$ServerHelloDoneConsumer.consume(ServerHelloDone.java:182)
at sun.security.ssl.SSLHandshake.consume(SSLHandshake.java:377)
at
sun.security.ssl.HandshakeContext.dispatch(HandshakeContext.java:444)
at
sun.security.ssl.HandshakeContext.dispatch(HandshakeContext.java:422)
at
sun.security.ssl.TransportContext.dispatch(TransportContext.java:182)
at sun.security.ssl.SSLTransport.decode(SSLTransport.java:152)
at sun.security.ssl.SSLSocketImpl.decode(SSLSocketImpl.java:1401)
at
sun.security.ssl.SSLSocketImpl.readHandshakeRecord(SSLSocketImpl.java:1309)
at
sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:440)
at
com.sun.mail.util.SocketFetcher.configureSSLSocket(SocketFetcher.java:602)
at com.sun.mail.util.SocketFetcher.startTLS(SocketFetcher.java:529)
at com.sun.mail.smtp.SMTPTransport.startTLS(SMTPTransport.java:2135)
at
com.sun.mail.smtp.SMTPTransport.protocolConnect(SMTPTransport.java:734)
at javax.mail.Service.connect(Service.java:364)
at javax.mail.Service.connect(Service.java:222)
at javax.mail.Service.connect(Service.java:171)


and the stack trace while trying to obtain an HTTPS url with jersey-client
org/bouncycastle/asn1/x9/X9Curve
at
org.glassfish.jersey.client.ClientRuntime.invoke(ClientRuntime.java:312)
at
org.glassfish.jersey.client.JerseyInvocation.lambda$invoke$1(JerseyInvocation.java:675)
at
org.glassfish.jersey.client.JerseyInvocation.call(JerseyInvocation.java:697)
at
org.glassfish.jersey.client.JerseyInvocation.lambda$runInScope$3(JerseyInvocation.java:691)
at org.glassfish.jersey.internal.Errors.process(Errors.java:292)
at org.glassfish.jersey.internal.Errors.process(Errors.java:274)
at org.glassfish.jersey.internal.Errors.process(Errors.java:205)
at
org.glassfish.jersey.process.internal.RequestScope.runInScope(RequestScope.java:390)
at
org.glassfish.jersey.client.JerseyInvocation.runInScope(JerseyInvocation.java:691)
at
org.glassfish.jersey.client.JerseyInvocation.invoke(JerseyInvocation.java:674)
at
org.glassfish.jersey.client.JerseyInvocation$Builder.method(JerseyInvocation.java:422)
at
org.glassfish.jersey.client.JerseyInvocation$Builder.get(JerseyInvocation.java:318)


I asked for an upgrade of tomcat from 9.0.81 to to 9.0.86 and am waiting to
see if this will resolve our problems. Any advice or links/reports on that
problem would be appreciated.

Simon