4

I've a strange problem. I'm using Richfaces 4 on a JBOSS AS7 webserver with HTTPS and client authentication.

Everything (client auth, HTTPS, etc.) works actually fine BUT sometimes style sheets and JavaScript resources are not loaded with Internet Explorer and strangely with Firefox too. Firebug and other debugging tools just say that the connection was interrupted, no additional information.

In addition, after a while, I cannot reproduce a situation, Internet Explorer (and even Firefox but less often) cannot display the whole site. In that situation no refresh, deleting cache, cookies, restarting IE does help at all.

Just to be sure it's not a company's network or proxy problem, I did unplug my computer from it, running my webserver on localhost. The same issues occurs here too.

Any ideas? Thank you in advance!

Nobody? I did change my log level to DEBUG and observed following output:

10:25:48,518 DEBUG [org.apache.tomcat.util.net.AprEndpoint] (http--0.0.0.0-8443-1) 
             Handshake failed: error:00000000:lib(0):func(0):reason(0)

It seems that the connection will be reseted.

Thomas
  • 8,357
  • 15
  • 45
  • 81
  • 1
    Are you behind a firewall? Try and run a continuous ping to that server and obeserve the packet return time and also if there are any breaks in the ping lines (`Request Timeout`s) – kolossus Nov 07 '12 at 16:05
  • My browsers (FF and IE) are running on the same machine than the JBoss AS7 webserver. I also disabled my network adapter for another test just in case my packets are making a detour but unfortunately I do experience the same behaviour. – Thomas Nov 07 '12 at 16:10
  • 1
    Try [this](http://stackoverflow.com/a/9837743/1530938) – kolossus Nov 07 '12 at 16:53
  • Thank you. I just tried it but with no success. I did pass the property https.protocols with TLSv1 and another time with SSLv3 using command line parameters. Both variants were not working. Any other ideas? – Thomas Nov 08 '12 at 07:30

1 Answers1

4

I have not found why my settings were not working. However, I was using JBoss native connectors and so I decided to not use them.

Without using a native connector and after generating new certificates it's working perfectly, the above described issues didn't happen so far.

I was using following source how to generate my self-signed certificates:

This are my configurations in standalone.xml

<security-domain ....
<jsse 
    keystore-password="changeit" 
    keystore-url="keystore.jks" 
    truststore-password="changeit" 
    truststore-url="cacerts.jks" 
    server-alias="sercer" 
    client-auth="true" 
    protocols="TLS"/>

and

<connector ....
<ssl 
    name="ssl" 
    key-alias="sercer" 
    password="changeit" 
    certificate-key-file="keystore.jks" 
    protocol="TLSv1" 
    verify-client="true" 
    ca-certificate-file="cacerts.jks" />

However, I still do not understand why it has worked before randomly in IE and FF as well as without issues in Chrome. This would exclude my certificates to be the original problem, wouldn't it?

Thomas
  • 8,357
  • 15
  • 45
  • 81