Re: Connection reset while trying to access a web service running under Tomcat

Thu, 23 Feb 2017 15:14:09 -0800 

On 23.02.2017 22:35, James H. H. Lampert wrote:

We've got a problem, and I'm not sure where it is.

We've got a remote box, belonging to a customer, that's trying to access a web 
service
hosted by a Tomcat server on one of our boxes (part of a new webapp).

The customer box is getting "Connection Resets" while trying to access our web 
service.
Here is some of the debug output:

(GSKit) I/O: A connection with a remote socket was reset by that socket.
ssl_error(406): (GSKit) I/O: A connection with a remote socket was reset by 
that socket.
SetError() #30: SSL Handshake: (GSKit) I/O: A connection with a remote socket 
was reset
by that
It seems to say right up here what the problem is : the customer system cannot establish a HTTPS connection with your server. The connection attempt starts, but then your server rejects it and closes the connection. 
Maybe they cannot agree on a common SSL protocol ?
As for why, I'll leave that one to someone else, because there are a billion SSL protocols, with a trillion of variations, and a kazillion possible reasons for why they could not agree on one; and this is really not my thing.. 



I think initially, the problem was in the customer's firewall not letting the 
requests out
on the port this server runs. They say they've got that fixed, but the 
connection resets
continue.

According to the statistics on our firewall appliance/router (a TP-Link 
WDR4300), it's
getting some packet traffic intended for the server in question, but nothing is 
being
logged by the webapp itself. And nothing seems to be getting logged to 
Catalina*.* from
any of this traffic, whether failed sign-ons from the customer box, or 
successful traffic
from one of our other boxes. Is there anything we can do to determine whether 
Tomcat is
seeing any of these request? And what it could be doing with them?

--
JHHL

---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org




---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org

Reply via email to