Shawn, The other thing to do is to bisect the changes from a jetty-9.4.x that you think works to jetty-9.4.48 that you think does not work. There are not that many changes in jetty 9.4, so it should not be too much work... but it will be some effort.... which is why we don't offer open source support on jetty-9.4 anymore - we just don't have the cycles to track down things like this (especially when more often than not, after doing the work we find it is not a bug in jetty).
If you can identify an actual commit that you think is bad, then that will help working out what the issue is. Of course the other thing to do is to get somebody to take out a commercial support agreement, so we can put in the effort to help debug this issue (even if it turns out to be not jetty). cheers On Fri, 2 Jun 2023 at 00:43, Shawn Heisey <[email protected]> wrote: > On 6/1/23 15:45, Jesse McConnell wrote: > > Your best bet would be to do at Greg said and capture the actual request > > failing on the wire using wireshark or tcpdump, or get a > > HttpChannel.Listener[1] set up in the server so you can see what is > > happening there. > > I do not have access to the private key for the TLS certificate. > > Even if I did, I have found that Wireshark cannot decrypt HTTPS if a > modern cipher is being used. Solr 9 requires at least Java 11, and that > is the version being used. I would expect Java 11, Jetty Server 9, and > Jetty client 10 to be utilizing a modern cipher. Browser connections to > Solr are using TLS 1.2 with the cipher named > TLS_ECDHE_RSA_WITH_AES256_GCM_SHA384. > > Thanks, > Shawn > _______________________________________________ > jetty-users mailing list > [email protected] > To unsubscribe from this list, visit > https://www.eclipse.org/mailman/listinfo/jetty-users > -- Greg Wilkins <[email protected]> CTO http://webtide.com
_______________________________________________ jetty-users mailing list [email protected] To unsubscribe from this list, visit https://www.eclipse.org/mailman/listinfo/jetty-users
