I am receiving the following exception message in the Tomcat log when
attempting to do a multi-part upload:
20 Mar 2018 10:21:13 [https-openssl-nio2-443-exec-9] DEBUG
org.apache.cxf.jaxrs.interceptor.JAXRSInInterceptor - Found operation:
submitBatch
20 Mar 2018 10:21:13 [https-openssl-nio2-443-exec-9] DEBUG
org.apache.cxf.attachment.AttachmentDeserializer - The attachment header size
has exceeded the configured parameter: 300
20 Mar 2018 10:21:14 [https-openssl-nio2-443-exec-9] WARN
org.apache.cxf.jaxrs.impl.WebApplicationExceptionMapper -
javax.ws.rs.WebApplicationException: HTTP 413 Request Entity Too Large
at
org.apache.cxf.jaxrs.ext.MessageContextImpl.get(MessageContextImpl.java:84)
I have found numerous posts that address this issue for Tomcat 8.5 and I have
tried a number of them, but none worked. I added maxHttpHeaderSize="122880000"
to my SSL Connector config in server.xml but this made no difference.
Here is my SSL Connector config:
<Connector
port="443"
protocol="org.apache.coyote.http11.Http11Nio2Protocol"
scheme="https"
secure="true"
SSLEnabled="true"
maxThreads="150"
server=" "
allowTrace="false">
<SSLHostConfig
honorCipherOrder="true"
certificateVerification="false"
sslProtocol="TLSv1.2"
protocols="TLSv1.1+TLSv1.2"
ciphers="TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384,
TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384,
TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384,
TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384,
TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256,
TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,
TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256,
TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256,
TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384,
TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384,
TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA,
TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA,
TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384,
TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384,
TLS_ECDH_RSA_WITH_AES_256_CBC_SHA,
TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA,
TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256,
TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256,
TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA,
TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA,
TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256,
TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256,
TLS_ECDH_RSA_WITH_AES_128_CBC_SHA,
TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA">
<Certificate
certificateKeystoreFile="..\ssl\keystore"
certificateKeystorePassword="aBlueSkyMeans0%RainToday" />
</SSLHostConfig>
</Connector>
So I went back to
https://tomcat.apache.org/tomcat-8.5-doc/ssl-howto.html#SSL_and_Tomcat and took
a closer look and noticed a couple of things:
1 - My Connector tag config is missing the "sslImplementationName" attribute.
2 - The default ProtocolHandler implementation created by Tomcat from my
Connector definition is ["https-openssl-nio2-443"] which is a configuration not
mentioned in the doc.
It seems the only supported ProtocolHandler implementations are:
["https-jsse-nio-443"]
["https-jsse-nio2-443"]
["https-openssl-nio-443"]
When I added the " sslImplementationName" attribute as documented to support
one of the above three supported protocols, everything worked fine.
My question is this:
Can someone tell me for certain whether or not my original Connector
configuration (which resulted in the Tomcat creating a default
["https-openssl-nio2-443"] PotocolHandler) *should* work?
If this *is* a supported configuration, I would prefer to use it over the other
three.
Thanks.
Steven Kerckhof
Senior Software Engineer
OneContent Software Development
O: +1.678.722.3738 M: +1.770.880.1037
steven.kerck...@allscripts.com<mailto:steven.kerck...@allscripts.com> |
@allscripts<https://twitter.com/Allscripts>
Allscripts: Building open, connected communities of health
__________________________________________________
