On 05/12/2018 21:30, Justin Wilke wrote: > Hello, > > Hitting kind of a dead end on my attempt to upgrade to java 11, it was > suggested to me to reach out to this group. > > We are currently running on Java 8, Tomcat 8.5.3 in prod. We are looking to > upgrade to java 11.
8.5.3 is over 2 years old and pre-dates Java 11 by quite some way. If you use the latest 8.5.x you should be fine. You should also review the known vulnerabilities in 8.5.x: http://tomcat.apache.org/security-8.html > Looking at http://tomcat.apache.org/whichversion.html - it seems like > everything should run on java 8 or higher. > > Trying to log into through https://myhost:8443<https://myhost:8443/> – I get > the following in catalina: > > 05-Dec-2018 13:27:21.690 SEVERE > https-jsse-nio2-8443-exec-4<https://jamfsoftware.atlassian.net/wiki/display/FU/https-jsse-nio2-8443-exec-4>org.apache.tomcat.util.net.Nio2Endpoint$SocketProcessor.doRun > Error running socket processor > java.lang.ExceptionInInitializerError > at > org.apache.tomcat.util.buf.ByteBufferUtils.<clinit>(ByteBufferUtils.java:38) > at > org.apache.tomcat.util.net.SocketBufferHandler.expand(SocketBufferHandler.java:155) > at > org.apache.tomcat.util.net.SecureNio2Channel.processSNI(SecureNio2Channel.java:381) > at > org.apache.tomcat.util.net.SecureNio2Channel.handshakeInternal(SecureNio2Channel.java:213) > at > org.apache.tomcat.util.net.SecureNio2Channel.handshake(SecureNio2Channel.java:204) > at > org.apache.tomcat.util.net.Nio2Endpoint$SocketProcessor.doRun(Nio2Endpoint.java:1605) > at > org.apache.tomcat.util.net.SocketProcessorBase.run(SocketProcessorBase.java:52) > at > org.apache.tomcat.util.net.AbstractEndpoint.processSocket(AbstractEndpoint.java:803) > at > org.apache.tomcat.util.net.SecureNio2Channel$HandshakeReadCompletionHandler.completed(SecureNio2Channel.java:98) > at > org.apache.tomcat.util.net.SecureNio2Channel$HandshakeReadCompletionHandler.completed(SecureNio2Channel.java:91) > at java.base/sun.nio.ch.Invoker.invokeUnchecked(Invoker.java:127) > at java.base/sun.nio.ch.Invoker$2.run(Invoker.java:219) > at > java.base/sun.nio.ch.AsynchronousChannelGroupImpl$1.run(AsynchronousChannelGroupImpl.java:112) > at > java.base/java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1128) > at > java.base/java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:628) > at > org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:61) > at java.base/java.lang.Thread.run(Thread.java:834) > Caused by: java.lang.IllegalAccessException: class > org.apache.tomcat.util.buf.ByteBufferUtils cannot access class > jdk.internal.ref.Cleaner (in module java.base) because module java.base does > not export jdk.internal.ref to unnamed module @51399530 <snip/> That is Java 9 compatibility of the ByteBuffer cleaner which the changelog says was fixed in 8.5.6 (released over 2 years ago). > Chrome displays: > > This site can’t provide a secure connection > Unknown macro: {myhost name} > > sent an invalid response. > ERR_SSL_PROTOCOL_ERROR > > With no code changes – and running on 9.0.13 – with the same SSL config in > server.xml – I am able to log in fine. > > Are there known issues with with tomcat 8, Java 11 and SSL? Is upgrading to > tomcat 9 necessary? It is not surprising that you see Java 9 related errors with a version Tomcat 8 released several months before Java 9 was GA. Update to a more recent 8.5.x release - ideally the latest - and you should be fine. Mark --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
