Sorry I meant it was a java issue (typo!)

-----Original Message-----
From: Edward Quick
Sent: 17 October 2011 09:17
To: Tomcat Users List
Subject: RE: ssl handshake problem

Hi Andre, thanks for your reply.

I tested this a bit more and did a write up of the problem for anyone who's 
interested http://www.linuxcrusaders.org/blog/node/45

Obviously it wasn't a java issue not tomcat-related though.

Regards,

Ed.

-----Original Message-----
From: André Warnier [mailto:a...@ice-sa.com]
Sent: 12 October 2011 16:41
To: Tomcat Users List
Subject: Re: ssl handshake problem

Edward Quick wrote:
> Thanks for your reply Chris. No I'm not confident a restart would fix it. 
> Having said that I haven't seen the ssl handshake problem since yesterday 
> (which might be because the app hasn't tried the address yet) so waiting to 
> see if it happens again. Unfortunately I don't have a way to invoke it.
>
> All my question was really is whether tomcat or java somehow caches an https 
> site's old ssl certificate for a while and checks its truststore against this 
> instead of the new one?
>
Maybe something to add : as I understand your original description, this is 
about a webapp
(running "inside" of Tomcat) which establishes its own SSL connection to some 
other server.
In such a case, as far as I know Tomcat is not involved at all. It doesn't even 
know that
the webapp is doing that, and has no reason to be caching anything.

This being said, since both Tomcat and the webapp "run inside" the same JVM, 
there may be
things cached /by the JVM/.
My knowledge of these things is insufficient to know if such things cached by 
the JVM
could be shared between Tomcat and the webapp.
Intuitively however, I would tend to think that whatever in-memory 
structure/object is
used by Tomcat for its own SSL Connector(s), is probably distinct from the 
in-memory
structure/object used by this webapp to store information related to its own 
independent
connections.


---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org


The information contained in this email is strictly confidential and for the 
use of the addressee only, unless otherwise indicated. If you are not the 
intended recipient, please do not read, copy, use or disclose to others this 
message or any attachment. Please also notify the sender by replying to this 
email or by telephone (+44 (0)20 7896 0011) and then delete the email and any 
copies of it. Opinions, conclusions (etc) that do not relate to the official 
business of this company shall be understood as neither given nor endorsed by 
it. IG Group Holdings plc is a company registered in England and Wales under 
number 01190902. VAT registration number 761 2978 07. Registered Office: Cannon 
Bridge House, 25 Dowgate Hill, London EC4R 2YA. Authorised and regulated by the 
Financial Services Authority. FSA Register number 114059.

Reply via email to