Skip to main content

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] [List Home]
Re: [jetty-users] jetty 6.1.26 (SSL session timeout)

Commercial support is available on all previous versions of Jetty at
http://webtide.com and we typically spend our open source support time
helping folks with the newer versions of Jetty either here, on
stackoverflow or where ever we run across interesting issues :)

That being said, I would start by looking at the SSLEngine and see
what sort of options are available.. I suspect you are using a very
old jdk as well so not sure what settings were available back then.

cheers,
jesse


--
jesse mcconnell
jesse.mcconnell@xxxxxxxxx


On Fri, Jun 13, 2014 at 10:28 AM, Joakim Erdfelt <joakim@xxxxxxxxxxx> wrote:
> You do know that the entire Jetty 6 codebase was EOL (End of Life) back in
> 2010, right?
>
> --
> Joakim Erdfelt <joakim@xxxxxxxxxxx>
> webtide.com - intalio.com/jetty
> Expert advice, services and support from from the Jetty & CometD experts
> eclipse.org/jetty - cometd.org
>
>
> On Fri, Jun 13, 2014 at 7:36 AM, Manpreet Singh <manpreet.singh@xxxxxxx>
> wrote:
>>
>> We are using jetty-6.1.26 HTTP client to post messages to an Microsoft IIS
>> Server using client certificate based authentication.
>>
>>
>>
>> The code fragment used is as below:
>>
>>
>>
>>         httpClient.setConnectorType(HttpClient.CONNECTOR_SELECT_CHANNEL);
>>
>>         httpClient.setMaxConnectionsPerAddress(1);
>>
>>         httpClient.setMaxRetries(0);
>>
>>         httpClient.setSoTimeout(soTimeout);
>>
>>         httpClient.setTimeout(timeout);
>>
>>             httpClient.setKeyStoreLocation(ksl);
>>
>>             httpClient.setKeyStorePassword(ksp);
>>
>>             httpClient.setKeyManagerPassword(kmp);
>>
>>
>>
>>         contentExchange = new ContentExchange(true);
>>
>>         contentExchange.setRetryStatus(false);
>>
>>
>>
>> int result = contentExchange.waitForDone();
>>
>>                         if(result ==  HttpExchange.STATUS_COMPLETED)
>>
>>                         {
>>
>>
>>
>>
>>
>> We use the httpclient to post data to the server frequently. Since this
>> software is on low bandwidth connection, we would like to resume SSL session
>> and not incur the overhead of SSL handshake every time we send data.
>>
>>
>>
>> We have tried to increase the idleTimeout parameter to large values, but
>> it seems the SSL session expires always after 2 minutes and few seconds no
>> matter what settings we maintain. Following is what we get in the
>> javax.net.debug trace after this session expires and then again the complete
>> SSL handshake takes place that is a lot of data to and fro on low BW
>> connections.
>>
>>
>>
>> 1633060093@HttpClient-3, called closeOutbound()
>>
>> 1633060093@HttpClient-3, closeOutboundInternal()
>>
>> 1633060093@HttpClient-3, SEND TLSv1 ALERT:  warning, description =
>> close_notify
>>
>>
>>
>> Can someone help us to figure out a correct way to do this?
>>
>>
>>
>>
>>
>> Thanks a lot in advance!!
>>
>>
>>
>>
>> _______________________________________________
>> jetty-users mailing list
>> jetty-users@xxxxxxxxxxx
>> https://dev.eclipse.org/mailman/listinfo/jetty-users
>>
>
>
> _______________________________________________
> jetty-users mailing list
> jetty-users@xxxxxxxxxxx
> https://dev.eclipse.org/mailman/listinfo/jetty-users
>


Back to the top