Re: [jetty-users] Propagating SSL errors to the application

[John English <john.foreign@xxxxxxxxx>]

On 14/03/2013 18:53, Joakim Erdfelt wrote:
> That would be a bit tough...
>
> As you need to establish a proper SSL connection in order to even talk HTTP.
> If the SSL connection fails, there's no HTTP exchange, hence no way to respond.

I had a similar issue (https://bugs.eclipse.org/bugs/show_bug.cgi?id=398644) 
which turned out to be down to a JRE bug. However, although Jetty was detecting 
the problem:

  qtp8971975-31, WRITE: TLSv1.1 Alert, length = 48
  qtp8971975-31, fatal: engine already closed.  Rethrowing 
javax.net.ssl.SSLException: bad record MAC

...there was nothing appearing in the logfiles, and I ended up wasting a lot of 
other people's time reporting bugs in Chrome, then Jetty, before this was 
tracked down.

So even if you can't respond to the client, how about a log message at the 
server end rather than a silent failure?
--
John English