Hello all, Facing an odd issue with logging the SSL handshake details:
I have this in my logging.properties: handlers = 1catalina.org.apache.juli.AsyncFileHandler .handlers = 1catalina.org.apache.juli.AsyncFileHandler 1catalina.org.apache.juli.AsyncFileHandler.level = FINE 1catalina.org.apache.juli.AsyncFileHandler.directory = ${catalina.home}/logs 1catalina.org.apache.juli.AsyncFileHandler.prefix = catalina. org.apache.tomcat.util.net.NioEndpoint.handshake.level = FINE org.apache.tomcat.util.net.NioEndpoint.certificate.level = FINE With above configuration, I don't see the SSL handshake failures details in logs. However, when I add the console handler like: handlers = 1catalina.org.apache.juli.AsyncFileHandler,\ java.util.logging.ConsoleHandler .handlers = 1catalina.org.apache.juli.AsyncFileHandler, java.util.logging.ConsoleHandler 1catalina.org.apache.juli.AsyncFileHandler.level = FINE 1catalina.org.apache.juli.AsyncFileHandler.directory = ${catalina.home}/logs 1catalina.org.apache.juli.AsyncFileHandler.prefix = catalina. java.util.logging.ConsoleHandler.level = FINE org.apache.tomcat.util.net.NioEndpoint.handshake.level = FINE org.apache.tomcat.util.net.NioEndpoint.certificate.level = FINE I see the SSL handshake failure logs e.g. FINE: Handshake failed for client connection from IP address [127.0.0.1] and port [37136] javax.net.ssl.SSLHandshakeException: Received fatal alert: unknown_ca at sun.security.ssl.Alert.createSSLException(Alert.java:131) at sun.security.ssl.Alert.createSSLException(Alert.java:117) at sun.security.ssl.TransportContext.fatal(TransportContext.java:364) at sun.security.ssl.Alert$AlertConsumer.consume(Alert.java:293) at sun.security.ssl.TransportContext.dispatch(TransportContext.java:203) at sun.security.ssl.SSLTransport.decode(SSLTransport.java:155) at sun.security.ssl.SSLEngineImpl.decode(SSLEngineImpl.java:597) at sun.security.ssl.SSLEngineImpl.readRecord(SSLEngineImpl.java:552) at sun.security.ssl.SSLEngineImpl.unwrap(SSLEngineImpl.java:418) at sun.security.ssl.SSLEngineImpl.unwrap(SSLEngineImpl.java:397) at javax.net.ssl.SSLEngine.unwrap(SSLEngine.java:626) at org.apache.tomcat.util.net.SecureNioChannel.handshakeUnwrap(SecureNioChannel.java:483) at org.apache.tomcat.util.net.SecureNioChannel.handshake(SecureNioChannel.java:215) at org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.doRun(NioEndpoint.java:1766) at org.apache.tomcat.util.net.SocketProcessorBase.run(SocketProcessorBase.java:52) at org.apache.tomcat.util.threads.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1191) at org.apache.tomcat.util.threads.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:659) at org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:61) at java.lang.Thread.run(Thread.java:750) What am I missing in the logger configuration? Do we have to have the console handler configured? Thanks, Amit