I also happens with latest apache-tomcat-8.0.24-windows-x64.zip
Using this simple webapp:
In the webapps folder create a folder named "cert", there create a file named
ccertA.jsp with contents:
<html>
<body>
<h3>client cert test - page A</h3>
User client cert data:
<%= ((java.security.cert.X509Certificate[])
request.getAttribute("javax.servlet.request.X509Certificate"))[0].getSubjectX500Principal().toString()%>
<p>
Check <a href="ccertB.jsp">page B</a>
<p>
Page served time: <%= new java.util.Date().toString() %>
</body>
</html>
Optionally create nother file"ccertB.jsp" with same content, except the "A" and
"B" letter swapped.
In server.xml add a line:
<Connector port="8443" protocol="org.apache.coyote.http11.Http11AprProtocol"
secure="true" scheme="https" maxThreads="150" URIEncoding="UTF-8"
SSLVerifyClient="optional" SSLProtocol="TLSv1+TLSv1.1+TLSv1.2"
SSLPassword="testing" SSLEnabled="true"
SSLCertificateKeyFile="C:/your_server_key_private.pem"
SSLCertificateFile="C:/ your_server_key _public.pem"
SSLCACertificateFile="C:/supported_client_CAs.pem" />
Then start with startup.bat and open the page
https://localhost:8443/cert/ccertA.jsp and refresh it or click the link.
After a few click instead of the page an error will be presented:
HTTP Status 500 - An exception occurred processing JSP page /ccertA.jsp at line
5
type Exception report
message An exception occurred processing JSP page /ccertA.jsp at line 5
description The server encountered an internal error that prevented it from
fulfilling this request.
exception
org.apache.jasper.JasperException: An exception occurred processing JSP page
/ccertA.jsp at line 5
2: <body>
3: <h3>client cert test - page A</h3>
4: User client cert data:
5: <%= ((java.security.cert.X509Certificate[])
request.getAttribute("javax.servlet.request.X509Certificate"))[0].getSubjectX500Principal().toString()%>
6: <p>
7: Check <a href="ccertB.jsp">page B</a>
8: <p>
Stacktrace:
org.apache.jasper.servlet.JspServletWrapper.handleJspException(JspServletWrapper.java:574)
org.apache.jasper.servlet.JspServletWrapper.service(JspServletWrapper.java:476)
org.apache.jasper.servlet.JspServlet.serviceJspFile(JspServlet.java:396)
org.apache.jasper.servlet.JspServlet.service(JspServlet.java:340)
javax.servlet.http.HttpServlet.service(HttpServlet.java:729)
org.apache.tomcat.websocket.server.WsFilter.doFilter(WsFilter.java:52)
root cause
java.lang.NullPointerException
org.apache.jsp.ccertA_jsp._jspService(ccertA_jsp.java:93)
org.apache.jasper.runtime.HttpJspBase.service(HttpJspBase.java:70)
javax.servlet.http.HttpServlet.service(HttpServlet.java:729)
org.apache.jasper.servlet.JspServletWrapper.service(JspServletWrapper.java:438)
org.apache.jasper.servlet.JspServlet.serviceJspFile(JspServlet.java:396)
org.apache.jasper.servlet.JspServlet.service(JspServlet.java:340)
javax.servlet.http.HttpServlet.service(HttpServlet.java:729)
org.apache.tomcat.websocket.server.WsFilter.doFilter(WsFilter.java:52)
note The full stack trace of the root cause is available in the Apache
Tomcat/8.0.24 logs.
Apache Tomcat/8.0.24
The error occurs in about 30 seconds after first load (keep refreshing or
clicking every few seconds or so).
Tested with:
- Chrome v44
- Firefox v39.0.3 and v40
The problem does not occur with IE v11.
Regards,
David Balažic
Software Engineer
www.comtrade.com
> -----Original Message-----
> From: David Balažic [mailto:[email protected]]
> Sent: 10. August 2015 19:30
> To: Tomcat Users List
> Subject: RE: Firefox SSL with APR - losing client certificate
> Importance: Low
>
> > From: David Balažic [mailto:[email protected]]
> >
> > > From: Christopher Schultz [mailto:[email protected]]
> > > Sent: 8. August 2015 14:33
> > >
> > > Quick question: this is with Tomcat only and no httpd out in front, righ
> > > t?
> >
> > Yes.
>
> It is also the same if run independently (without Eclipse):
> - extract apache-tomcat-6.0.44-windows-x64.zip
> - set JAVA_HOME,CATALINA_HOME, CATALINA_BASE and CATALINA_OPTS
> - copy war file into webapps folder
> - copy ojdbc6_g-11.2.0.2.0.jar into lib folder (my WAR uses an Oracle
> database)
> - execute startup.bat
>
> Java is again 1.6.0_45 (x64).
>
> It also happens with java version "1.8.0_51"
> Java(TM) SE Runtime Environment (build 1.8.0_51-b16)
> Java HotSpot(TM) 64-Bit Server VM (build 25.51-b03, mixed mode)
>
>
> I also tested on another system with 32 bit Windows 7, apache-tomcat-
> 6.0.44-windows-x86.zip , with
> java version "1.6.0_12"
> Java(TM) SE Runtime Environment (build 1.6.0_12-b04)
> Java HotSpot(TM) Client VM (build 11.2-b01, mixed mode, sharing)
>
> Same problem (with FF, while IE works fine).
>
> On the first system I also tried with Chrome: also has the problem.
>
> Interestingly, on one occasion with FF the problem did not surface for long
> time (about 15 minutes of testing).
> Then I cleared the "Active Logins" (shift-ctrl-del) in Firefox and tried
> again:
> the problem occurred right on second HTTP(S) request.
>
> Regards,
> David
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: [email protected]
> For additional commands, e-mail: [email protected]
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
