Mark,
> Am 19.04.2018 um 20:58 schrieb Mark Thomas :
>
> On 19/04/18 16:50, Peter@Kreuser-Online wrote:
>
>
>
>> Do you mind to share more about the root cause? I’ve followed this mail
>> communication from the start and am curious.
>
> Sure.
>
> Tomcat was configured to require CLIENT-C
On 19/04/18 16:50, Peter@Kreuser-Online wrote:
> Do you mind to share more about the root cause? I’ve followed this mail
> communication from the start and am curious.
Sure.
Tomcat was configured to require CLIENT-CERT auth and the main client
was configured to use this. Occasionally, the m
Mark,
>> Am 18.04.2018 um 11:55 schrieb Mark Thomas :
>>
>> On 18/04/18 10:36, Richard Tearle wrote:
>> On 17 April 2018 at 16:45, Richard Tearle
>> wrote:
>>> On 17 April 2018 at 14:54, Mark Thomas wrote:
> On 17/04/18 11:36, Mark Thomas wrote:
> On 17/04/18 10:14, Richard Tearle wrote
On 18/04/18 10:36, Richard Tearle wrote:
> On 17 April 2018 at 16:45, Richard Tearle
> wrote:
>> On 17 April 2018 at 14:54, Mark Thomas wrote:
>>> On 17/04/18 11:36, Mark Thomas wrote:
On 17/04/18 10:14, Richard Tearle wrote:
>>>
>>>
>>>
Now all we need to to do is to figure out how to
On 17 April 2018 at 16:45, Richard Tearle
wrote:
> On 17 April 2018 at 14:54, Mark Thomas wrote:
>> On 17/04/18 11:36, Mark Thomas wrote:
>>> On 17/04/18 10:14, Richard Tearle wrote:
>>
>>
>>
>>> Now all we need to to do is to figure out how to fix this. With the
>>> understanding of what is (pr
On 17 April 2018 at 14:54, Mark Thomas wrote:
> On 17/04/18 11:36, Mark Thomas wrote:
>> On 17/04/18 10:14, Richard Tearle wrote:
>
>
>
>> Now all we need to to do is to figure out how to fix this. With the
>> understanding of what is (probably) going wrong, the problem can be
>> produced with a
On 17/04/18 11:36, Mark Thomas wrote:
> On 17/04/18 10:14, Richard Tearle wrote:
>> I've also disabled the health check on ESB container, and my tests
>> ran through for an hour, without a connection closed error.
>
> That is good news. That is a strong indicator that we are on the right
> trac
On 17/04/18 10:14, Richard Tearle wrote:
> On 16 April 2018 at 22:04, Mark Thomas wrote:
>> I've started to look at them. I don't have any firm conclusions yet. I
>> have noticed that the problem occurs after a connection is made to the
>> service from localhost rather than the remote IP that i
On 16 April 2018 at 22:04, Mark Thomas wrote:
> On 11/04/18 09:22, Richard Tearle wrote:
>
>
>
>> I've built tomcat from source using the link you provided, and rebuilt the
>> containers with this tomcat, and can still reproduce the issue. I've uploaded
>> the logs (30s before the connection clos
On 11/04/18 09:22, Richard Tearle wrote:
> I've built tomcat from source using the link you provided, and rebuilt the
> containers with this tomcat, and can still reproduce the issue. I've uploaded
> the logs (30s before the connection closed error), to dropbox:
>
> https://www.dropbox.com/s/qe
On 5 April 2018 at 08:35, Richard Tearle wrote:
>
> On 4 April 2018 at 17:58, Mark Thomas wrote:
> > On 26/03/18 08:25, Richard Tearle wrote:
> >
> >
> >
> > Thanks. I've got the test application and UI running but I haven't yet
> > reproduced the problem. What parameters are you calling run-tes
On 4 April 2018 at 17:58, Mark Thomas wrote:
> On 26/03/18 08:25, Richard Tearle wrote:
>
>
>
> Thanks. I've got the test application and UI running but I haven't yet
> reproduced the problem. What parameters are you calling run-test.sh with?
This usually get's a failure within 10 minutes of run
On 26/03/18 08:25, Richard Tearle wrote:
> I've uploaded a ZIP with my test "UI" code (standalone java program),
> and the "ESB"
> code which goes into tomcat.
>
> https://www.dropbox.com/s/nhfx7va4uzkr728/Source.zip?dl=0
>
> In the support folder within the ZIP are updated scripts to create t
Hi
On 24 March 2018 at 23:06, Mark Thomas wrote:
> On 23/03/18 15:00, Richard Tearle wrote:
>> On 22 March 2018 at 23:06, Mark Thomas wrote:
>>> On 22/03/18 15:27, Richard Tearle wrote:
On 22 March 2018 at 14:49, Mark Thomas wrote:
>>>
>>>
>>>
>
> I've taken another look at the configurat
On 23/03/18 15:00, Richard Tearle wrote:
> On 22 March 2018 at 23:06, Mark Thomas wrote:
>> On 22/03/18 15:27, Richard Tearle wrote:
>>> On 22 March 2018 at 14:49, Mark Thomas wrote:
>>
>>
>>
>> OK. Time to think about this. NIO + JSSE works whereas NIO + OpenSSL
>> doesn't with the same configu
On 22 March 2018 at 23:06, Mark Thomas wrote:
> On 22/03/18 15:27, Richard Tearle wrote:
>> On 22 March 2018 at 14:49, Mark Thomas wrote:
>
>
>
> OK. Time to think about this. NIO + JSSE works whereas NIO + OpenSSL
> doesn't with the same configuration apart from the presence of the
> native lib
On 22/03/18 15:27, Richard Tearle wrote:
> On 22 March 2018 at 14:49, Mark Thomas wrote:
>> What we have so far is:
>>
>> 8.0.x, http-nio- (this is always JSSE in 8.0.x), clientAuth="true"
>> This works.
>
> Yes this works.
>
>> 8.5.x, http-nio-openssl-, certificateVerification="requi
On 22 March 2018 at 14:49, Mark Thomas wrote:
> On 22/03/18 07:46, Richard Tearle wrote:
>> On 21 March 2018 at 14:54, Mark Thomas wrote:
[snip]
> Excellent.
>
> There have been a few moving parts here so I'd like to get some
> clarification on exactly where we are. I know from bitter personal
On 22/03/18 07:46, Richard Tearle wrote:
> On 21 March 2018 at 14:54, Mark Thomas wrote:
>> Please can you test your set-up with 8.5.x, the modified trust store and
>> the same configuration as 8.0.x (NIO, JSSE). That should help us track
>> down where the problem may lie.
>>
>> Thanks,
>>
>> M
On 21 March 2018 at 14:54, Mark Thomas wrote:
>
>
> Progress.
>
> Tomcat 8.0.x is more relaxed about the content of PKCS12 trust stores
> then 8.5.x because of a change[1] made so that the effectiveness of the
> certificateVerificationDepth configuration attribute did not depend on
> the presence
On 21/03/18 12:14, Mark Thomas wrote:
> On 21/03/18 08:35, Richard Tearle wrote:
>> On 20 March 2018 at 19:58, Mark Thomas wrote:
>>
>>> On 20/03/18 14:49, Richard Tearle wrote:
>>> OK. Can you share you configuration and the steps you used to create the
>>> self-signed certificate. I'd like to se
On 21/03/18 08:35, Richard Tearle wrote:
> On 20 March 2018 at 19:58, Mark Thomas wrote:
>
>> On 20/03/18 14:49, Richard Tearle wrote:
>> OK. Can you share you configuration and the steps you used to create the
>> self-signed certificate. I'd like to see if I can reproduce this.
>>
>>
>> Mark
>>
On 20 March 2018 at 19:58, Mark Thomas wrote:
> On 20/03/18 14:49, Richard Tearle wrote:
> OK. Can you share you configuration and the steps you used to create the
> self-signed certificate. I'd like to see if I can reproduce this.
>
>
> Mark
>
I thought it might be easier to drop the configurat
On 20/03/18 14:49, Richard Tearle wrote:
> Hello
>
> On 20 March 2018 at 11:29, Mark Thomas wrote:
>>
>> On 20/03/18 07:52, Richard Tearle wrote:
>>> Hello
>>>
>>> We have 4 applications built on the same architecture with a web UI
>>> and camel based ESB running in separate Tomcat's, using REST/
On 20 March 2018 at 14:49, Richard Tearle
wrote:
> Hello
>
> On 20 March 2018 at 11:29, Mark Thomas wrote:
>>
>>
>>
>> There are rather too many factors at play here. It would be good to try
>> and eliminate some of them.
>>
>> What are the known working 8.0.x versions?
>>
Sorry I missed these
Hello
On 20 March 2018 at 11:29, Mark Thomas wrote:
>
> On 20/03/18 07:52, Richard Tearle wrote:
> > Hello
> >
> > We have 4 applications built on the same architecture with a web UI
> > and camel based ESB running in separate Tomcat's, using REST/XML to
> > communicate between the two. This is a
On 20/03/18 07:52, Richard Tearle wrote:
> Hello
>
> We have 4 applications built on the same architecture with a web UI
> and camel based ESB running in separate Tomcat's, using REST/XML to
> communicate between the two. This is all deployed within separate
> Docker containers but on the same VM
27 matches
Mail list logo