On 01/05/18 03:11, 旭东 胡 wrote: > Hi Mark, > > Unfortunately, 8.5.31 does not resolve my issue. You can find the > catalina.out log by https://1drv.ms/u/s!Aii8T4l0bnqVlx0mqtHngJ_1OvRo. > From my client log the timeout occurs: > 1. between 15:03:48 and 15:04:48 > 2. between 15:04:48 and 15:05:48 > 3. between 15:05:49 and 15:06:49 > 4. between 15:06:59 and 15:07:49 > 5. between 15:07:59 and 15:08:49 > 6. between 15:08:59 and 15:09:49 > > The problematic port is 11443. Sorry there is a health checking, which I > cannot turned off, on port 10443 adding a lot noise.
OK. First of all, please ensure that the time on the client and server are synchronized. Give that the server log doesn't show the server starting until 15:04:00 the client and server look to be ~25 seconds out of sync. What I see in most of the connections is the TLS handshake completing and the I/O layer passing the socket to the protocol layer for processing. The socket is returned from the protocol layer with an instruction to close the socket. We need to see what is happening in the protocol layer. Please add the following to logging.properties, restart Tomcat 8.5.31 and repeat your test: org.apache.coyote.level=FINE Please also include the client logs this time. Thanks, Mark > > Thanks, > Hugh > >> On Apr 30, 2018, at 5:08 AM, Mark Thomas <ma...@apache.org> wrote: >> >> On 30/04/18 01:48, ** * wrote: >>> Hi, >>> >>> I met a weird issue during setting up tomcat 8.5 with Http11Nio2Protocol >>> connector and OpenSSLImplementation. The issue is that a request would be >>> timeout using apache HttpClient and client certificate after serval >>> previous requests. It also happens with RestAssured and SoapUI. Please note >>> it works fine for first several requests and then failed with timeout. >>> >>> However, this issue is not observed when JMeter, tried both JAVA and >>> non-JAVA implementation, and insomnia REST client being used. I used a >>> static page to rule out application factors. Also Http11NioProtocol works >>> fine for all above clients. The only thing I changed for Http11NioProtocol >>> is to specify protocol="org.apache.coyote.http11.Http11NioProtocol” >>> instead of protocol="org.apache.coyote.http11.Http11Nio2Protocol”. Also, I >>> have another connector configured not checking client certificate. This >>> one also works fine regardless of Http11NioProtocol or Http11Nio2Protocol >>> being used. >>> >>> Would you please help to identify if I have anything wrong in my >>> configuration? I tried to set the log level to fine. But I did not find >>> anything useful. Please help. >> >> 8.5.31 fixes an error in this area that might be relevant. The release >> vote for 8.5.31 is currently in progress. Details on the dev@ list. If >> you could download the 8.5.31 release candidate and test against that, >> that would be helpful. >> >> If that doesn't work then we'll need the following (again with 8.5.31 so >> we are testing the latest code): >> >> Enable debug logging for the I/O layer: >> org.apache.tomcat.util.net.level=FINE >> >> Enable TLS debug logging for the client: >> -Djavax.net.debug=all >> >> Recreate the problem. >> >> Provide us with: >> - the logs for the 30s before the error and 5s after it >> - the point in the logs where the error occurred >> >> Thanks, >> >> Mark >> >> --------------------------------------------------------------------- >> To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org >> For additional commands, e-mail: users-h...@tomcat.apache.org >> > > > --------------------------------------------------------------------- > To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org > For additional commands, e-mail: users-h...@tomcat.apache.org > --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
