-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Andrea,
On 4/14/20 04:29, Parigino Andrea Aiello wrote: > Il giorno lun 13 apr 2020 alle ore 21:49 Rémy Maucherat > <r...@apache.org> ha scritto: > >> On Mon, Apr 13, 2020 at 7:07 PM Mark Thomas <ma...@apache.org> >> wrote: >> >>> On 13/04/2020 11:39, Parigino Andrea Aiello wrote: >>>> Hello! i'm having a problem with Tomcat 8.5.51 hosting my >>>> Spring Boot 2 application (with 2-way SSL); >>> >>> The first thing to do is to update to 8.5.54 and re-test. >>> >> >> Also test OpenSSL and Java 11 [if Java 8 was used here], to see >> what happens. >> >> Rémy >> >> >>> >>> Mark >>> >>>> In short is an application with both server and client SOAP >>>> interfaces (first called as server, then it act as client). >>>> The problem: on first request (sent by SoapUI or other >>>> external client) everything >>> works >>>> fine, no exception; on the second one i got this exception: >>>> >>>> 1. 13-Apr-2020 11:45:09.757 INFO [https-jsse-nio-234-exec-1] >>>> org.apache.coyote.http11.Http11Processor.service Error >>>> parsing HTTP >>> request >>>> header Note: further occurrences of HTTP request parsing >>>> errors will be >>> logged >>>> at DEBUG level. java.lang.ArrayIndexOutOfBoundsException: >>>> javax.crypto.ShortBufferException: Need at least 336 bytes of >>>> space >> in >>>> output buffer at >>> sun.security.ssl.CipherBox.decrypt(CipherBox.java:591) >>>> at >>>> >> sun.security.ssl.EngineInputRecord.decrypt(EngineInputRecord.java:200 ) >>>> >> at >>>> sun.security.ssl.SSLEngineImpl.readRecord(SSLEngineImpl.java:963) >>>> >>>> at >>>> sun.security.ssl.SSLEngineImpl.readNetRecord(SSLEngineImpl.java:896 ) >>>> >>>> at >>>> sun.security.ssl.SSLEngineImpl.unwrap(SSLEngineImpl.java:766) >>>> >>>> at >> javax.net.ssl.SSLEngine.unwrap(SSLEngine.java:624) >>>> at org.apache.tomcat.util.net >>> .SecureNioChannel.read(SecureNioChannel.java:607) >>>> at org.apache.tomcat.util.net >>> .NioEndpoint$NioSocketWrapper.fillReadBuffer(NioEndpoint.java:1289) >>>> >>> at >>>> org.apache.tomcat.util.net >>> .NioEndpoint$NioSocketWrapper.read(NioEndpoint.java:1225) >>>> at >>>> >>> >> org.apache.coyote.http11.Http11InputBuffer.fill(Http11InputBuffer.jav a:737) >>>> >> at >>>> >>> >> org.apache.coyote.http11.Http11InputBuffer.parseRequestLine(Http11Inp utBuffer.java:368) >>>> >> at >>>> >>> >> org.apache.coyote.http11.Http11Processor.service(Http11Processor.java :502) >>>> >> at >>>> >>> >> org.apache.coyote.AbstractProcessorLight.process(AbstractProcessorLig ht.java:65) >>>> >> at >>>> >>> >> org.apache.coyote.AbstractProtocol$ConnectionHandler.process(Abstract Protocol.java:818) >>>> >> at >>>> org.apache.tomcat.util.net >>> .NioEndpoint$SocketProcessor.doRun(NioEndpoint.java:1623) >>>> at org.apache.tomcat.util.net >>> .SocketProcessorBase.run(SocketProcessorBase.java:49) >>>> at >>>> >>> >> java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor. java:1149) >>>> >> at >>>> >>> >> java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor .java:624) >>>> >> at >>>> >>> >> org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskTh read.java:61) >>>> >> at java.lang.Thread.run(Thread.java:748) >>>> >>>> To be noted that on the second request i do not get even a >>>> single line >> of >>>> log from my application, looks like the request doesn't even >>>> reach my >>> code. >>>> here is the Connector config: >>>> >>>> <Connector >>>> protocol="org.apache.coyote.http11.Http11NioProtocol" >>>> >>> >> sslImplementationName="org.apache.tomcat.util.net.jsse.JSSEImplementa tion" >>>> >> port="234" maxThreads="200" scheme="https" secure="true" >>>> SSLEnabled="true" clientAuth="true" sslProtocol="TLS" >>>> keyAlias="agweb2ca" keystoreFile="conf\cert\keystore_s.jks" >>>> keystorePass="*****" >>>> truststoreFile="conf\cert\truststore_s.jks" >>>> truststorePass="******" /> >>>> >>>> i've also tried all the buffer parameter for the connector ( >>>> >>> >> https://tomcat.apache.org/tomcat-8.5-doc/config/ajp.html#NIO_specific _configuration >>>> >> - --> setting them to -1/illimited) but seem to not work. >>>> >>>> Another thing to say is that between the acting as SOAP >>>> Server and >> acting >>>> SOAP Client there are some http (not https) calls to another >>>> system. >>>> >>>> Any help would be really appreciated. Thanks a lot! >>>> >>>> Andrea >>>> >>> >>> >>> -------------------------------------------------------------------- - - >>> >>> To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org >>> For additional commands, e-mail: users-h...@tomcat.apache.org >>> >>> >> > > Turns out it was an old crypto provider (com.baltimore.jcrypto) > that caused the problem, we avoided it and the tomcat started to > work fine. Good. > how can it be? I'm not sure I understand your question. Can you ask it in a different way? - -chris -----BEGIN PGP SIGNATURE----- Comment: Using GnuPG with Thunderbird - https://www.enigmail.net/ iQIzBAEBCAAdFiEEMmKgYcQvxMe7tcJcHPApP6U8pFgFAl6XVMQACgkQHPApP6U8 pFhCDA//dH8irLz76Gz+T7U8gA5r0DhZVsOHttWhfBBLZh8ym8/F+QctrpcRN7+Y wfJQtbPeavNLrPswN5sMPmdpVupZ0ONGOgnk2jYeazsISNA3UYEBpRMjOzEF66rA 9o+DZqtY5iiBuoa2tpqbkEpqTlOqwEYp9WCHYGUquNuxltoxJ2tR0JDIfwWiLfOj If3AkeraU89cXomviwJlwkdilBYUk9bHgSiMvoL7Kl89UWTEqS+GpCXnptTBJIXa se141CUOXbXzJc8XDsI1HDsfunWIQhAXFV18woWJaZs30mFgtUl74kI+z3VvOY3r H1OuNgnv1x9plK6p4OragpAmZX9tmPxfM5ScrTFyqZfTmOudzZkAHQ46ccTK9/TN 9XjI3z2rSiAkowIq93bC3hXn1l16B2ZWHLXZcqAtevl6PbfWO3dKQA6csAIhMYQw Uz9Zbsoj6Rel98n6oiDz4t0x5GKsVZZzl5uyjmP+knVtxryP7SuSK7Q8NqNW0vhY 5kMNNp9yV6OO+fsvQ/TXMzJyFVOXWzqDYg+dB/rg7qq6xRvT/1JdcKSvvbYZWx1H 5RH6RdPLBitbG3PVdvEoSlL9QUA2uFIFMOsr+8CTYF8Z5UNt0fEi11xa48fC84wB lToSeDKA/E/gRzXWPMrQgaeSladaWosLWjlX0sRY8btDmZCpcbY= =GgnS -----END PGP SIGNATURE----- --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org