We're narrowed down the problem further. It appears that a buffer within the SSL decoding process is not flushed properly which results in the HTTP request being sent to the application (Tomcat) twice. Wireshark clearly shows only one request, while the Tomcat access log shows two. As previously stated, this does not happen when we remove tcnative and use the built-in SSL decryption. Nor when plain HTTP is used.
We've also reproduced the problem with Firefox as the HTTPS client, whereas the original issue was seen with HttpClient from Jakarta Commons (http://hc.apache.org/httpclient-3.x/). The timing, in the Tomcat access log, of the redundant request varies a bit based on the client. With HttpClient, the superfluous request appears when the TCP connection is reset, which is about 15s after the request was received. With Firefox, the dup is seen only when a subsequent request is made, as though it removes a clog. How do we go about debugging this? Is there any lower level tracing we can enable? Somewhere between the Tomcat access log and a sniffer trace? Thanks, JP Jim Brikman (ybrikman) wrote: > > Are there any known issues when using the Apache HttpClient to send > https requests to Tomcat running with tcnative-1.dll? Perhaps different > SSL stacks causing issues? > > The issue we are seeing is duplicate messages: our HttpClient sends just > one copy of the message (an https request), but on the Tomcat side (with > tcnative-1.dll) we are seeing the message twice. This only happens with > https and not http. > > Jim > > > Yevgeniy (Jim) Brikman > Software Engineer > Voice Technology Group > > [EMAIL PROTECTED] > Phone :978-936-0510 > Mobile :617-538-2632 > > > > 500 Beaver Brook Road > Boxborough, MA 01719 > United States > www.cisco.com <http://www.cisco.com/> > > > > > > > -- View this message in context: http://www.nabble.com/Tomcat-%2B-HttpClient-%2B-SSL-%2B-tcnative-1.dll-issues--tp14587172p14623993.html Sent from the Tomcat - User mailing list archive at Nabble.com. --------------------------------------------------------------------- To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
