On Wed, Jan 16, 2019 at 1:53 PM Roger Brechbühl <rotscher...@gmail.com> wrote:
> Hello, > > When using Nio2 connector with OpenSSL we sometimes had hanging requests > which finally ended in a timeout. This behaviour was not reproducable with > single requests (e.g. via Browser, with curl etc) but while doing some > research we were able to find a pattern and could reproduce this with some > tools/software [5]: > > Pattern: first request ok, all other were hanging until timeout > > Gatling Performance-Tool with activated http client sharing (which is > default) [3] > => with using disableClientSharing we could get around it. > > When using Nginx as a proxy between client and Tomcat, with activated > ssl_session_reuse [4]. > => setting proxy_ssl_session_reuse to off, no hanging requests. > > When using HAProxy (we were not able to configure to make it work) > > As it always works with other connector configurations (NIO/OpenSSL and > APR/OpenSSL) we assume that the problem must be in Tomcat/Nio2/OpenSSL > implementation related to ssl session reuse. There are relevant changes in newer Tomcat releases regarding some harder to reproduce OpenSSL problems. Also, although the proxies probably use HTTP/1.1 and it may not be relevant, APR and NIO2 have HTTP/2 ALPN enabled while NIO does not. Rémy