It's "ssl,handshake."
> -----Original Message-----
> From: Ezsra McDonald <ezsra.mcdon...@gmail.com>
> Sent: Thursday, May 20, 2021 10:43 AM
> To: Tomcat Users List <users@tomcat.apache.org>
> Subject: Re: Tomcat SSL stops working after an undetermined amount of
> time
>
> Mark,
>
> Thanks for your response.
>
> I did not see anything in the logs. This morning I added '
> -Djava.net.debug=handshake' to my configuration. I did not see any SSL
> debug information in my logs. Perhaps I did this wrong or need to use a
> different argument?
>
> I expected the debug to be in the access log. Should I be looking elsewhere?
> I also checked other logs that had timestamps for after the instance was
> restarted.
>
> -- Ez
>
> On Thu, May 20, 2021 at 3:05 AM Mark Thomas <ma...@apache.org> wrote:
>
> > On 19/05/2021 20:42, Ezsra McDonald wrote:
> > > Environment:
> > > OS: CentOS 7
> > > Apache: apache-tomcat-8.5.65
> > > Java: jdk1.8.0_281
> > >
> > > Greetings,
> > >
> > > I recently enabled SSL on my Tomcat server HTTP connectors.
> > > Something odd is happening. After some undetermined amount of time
> > > the connector stops responding appropriately to requests. My browser
> > > returns the following
> > > message:
> > >
> > > "An error occurred during a connection to target.host.com:8080. SSL
> > > received a malformed Alert record.
> > >
> > > Error code: SSL_ERROR_RX_MALFORMED_ALERT "
> > > I do not see anything in the logs to clue me in on what is happening.
> > >
> > > I have the following configured for the connector.
> > > <Connector executor="tomcatThreadPool"
> > > port="${http.port}"
> > > protocol="org.apache.coyote.http11.Http11NioProtocol"
> > > maxThreads="50" enableLookups="false" acceptCount="100"
> > > server="Apache"
> > > SSLEnabled="true" scheme="https" secure="true"
> > > clientAuth="false" sslProtocol="TLSv1.2"
> > > keystoreFile="/opt/tomcat/ssl/tomcat_ssl.jks"
> > > keyAlias="tomcat"
> > > keystorePass="**************"
> > > connectionTimeout="20000"/>
> > >
> > > When I restart the instance everything works fine for a while.
> > > Later,
> > when
> > > I try to look at the tomcat manager, SSL is no longer functioning
> > properly.
> > >
> > > Any assistance would be appreciated.
> >
> > Anything in the access logs?
> >
> > Enable TLS debug logging in the JVM Tomcat is using. You'll get a lot
> > of data but you'll be able to see exactly what is happening.
> >
> > Mark
> >
> > ---------------------------------------------------------------------
> > To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
> > For additional commands, e-mail: users-h...@tomcat.apache.org
> >
> >
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org
