2016-07-22 22:16 GMT+02:00 Peter Robbins <peter.robb...@jamfsoftware.com>:
> Just to update, we were able to work around this by changing our > server.xml connector config from: > > protocol="HTTP/1.1" > to: > protocol="org.apache.coyote.http11.Http11Nio2Protocol" > sslImplementationName="org.apache.tomcat.util.net.jsse.JSSEImplementation" > > Somewhere deep within Http11NioProtocol there is a bug that is fixed in > Http11Nio2Protocol. Unfortunately, we don’t have the bandwidth to try to > isolate it further, though I will update if anything else is uncovered. > > You are potentially changing two things at the same time here. You were/are using boutycastle. If you also have tomcat-native installed, Tomcat would try to use OpenSSL with JSSE. I don't have any idea how that interacts with boutycastle, se we're probably not supporting it (it is never tested, and now we provide OpenSSL over which we have some control and basically does the same thing in a better way). Rémy
