On 03/06/2022 15:33, Amit Pande wrote:
Hello, First, thank you to Mark for adding the access logs in case of SSL handshake failures (https://github.com/apache/tomcat/commit/acf6076d7118571ebc881984b96792f861b72bb2#). Really useful enhancement. On a related note, I am trying to understand if we can log the SSL handshake failure at ERROR level instead of current DEBUG level. https://github.com/apache/tomcat/blob/main/java/org/apache/tomcat/util/net/Nio2Endpoint.java if (log.isDebugEnabled()) { log.debug(sm.getString("endpoint.err.handshake"), x); } Are there any issues logging this at error level?
Yes. We generally don't log user triggerable exceptions above debug level as that can expose the server to a potential DoS - either by filling the disk with log messages or the performance impact of triggering the exceptions.
I guess we could make the log level for that message configurable. logHandshakeFailuresAtError or something.
Mark --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
