Hi Greg,
I would love to do some experimenting with the code but have never
built my own Jetty before. I merely download the releases when they
become available. I have little to no experience with Git and none
at all with Maven (I am ashamed to admit that we still use SVN and
Ant). Perhaps a good time to get started. I will look into the
documentation and see where that takes me,
Thanks so far.
Kind regards,
Silvio
On 29-01-19 08:30, Greg Wilkins wrote:
Silvio,
I am reading your emails... but so far I've had no idea
pop into my head.
The only thing I can think of is perhaps replacing
the SslContextFactory with exactly the code from 9.4.12 (I
think 13 was a bad release for other reasons) and see if
that makes any difference. If it works, then you could
probably bisect the commits (only about 8 done last year).
cheers
Hello all,
Another followup on the same topic: triggering a
SslContextFactory.reload on the server consistently and
immediately
triggers the problem on the client side, restarting the server
is close
to 100% (seems timing related). I was still leaning toward
something
fishy in the client code or even the JDK11 SSL client socket
code but
now I am almost certain this is going awry on the server side.
Still JDK11 on both client and server side and Jetty
9.4.14.v20181114
server, using domain names that are covered by wildcard
certificates.
I am busy setting up a server with 9.4.11 and JDK8 to see what
happens
there but since I am packed it may take another week or so to
get results.
I will keep you posted.
>> One addition: this morning I replaced the keystore
file on one of the
>> servers because some almost-expired certificates had
been updated and
>> subsequently triggered a SslContextFactory.reload
through the
>> application. Within 15 minutes the logging showed
about two dozen
>> failed requests. Then it silently went away. May be a
coincidence of
>> course.
>>
>> Silvio
>>
_______________________________________________
jetty-users mailing list
jetty-users@xxxxxxxxxxx
To change your delivery options, retrieve your password, or
unsubscribe from this list, visit
https://www.eclipse.org/mailman/listinfo/jetty-users
--
_______________________________________________
jetty-users mailing list
jetty-users@xxxxxxxxxxx
To change your delivery options, retrieve your password, or unsubscribe from this list, visit
https://www.eclipse.org/mailman/listinfo/jetty-users
|
